Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Help please I think I am badly infected

 
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics
View previous topic :: View next topic  
Author Message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Tue Jan 24, 2012 3:28 pm    Post subject: Help please I think I am badly infected Reply with quote

I am not sure what is going on with my laptop it is running very slow and I keep getting the dreaded blue screen. Here are my DDS logs.
Thank you

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Laptop at 6:19:43 on 2012-01-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.186 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/home.php?ref=hp
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll
BHO: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\9.0.0.23\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\laptop\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRman000&si=&a=c2a19gJL4vxbYZevFQ5vOg&n=2011010313
IE: Download with &Shareaza - c:\program files\morpheus music\RazaWebHook.dll/3000
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1} : DhcpNameServer = 192.168.1.1
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\9.0.1\ViProtocol.dll
AppInit_DLLs: c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-1-5 34144]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-1-5 28800]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2011-9-30 722616]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\9.0.1\ToolbarUpdater.exe [2006-4-22 869216]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-4-25 1684736]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S4 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2011-1-3 28762]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
scrfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-01-24 04:48:37 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-01-24 04:48:37 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-24 04:47:40 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-01-24 04:47:40 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
.
==================== Find3M ====================
.
2012-01-06 16:51:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-01-06 16:51:16 11776 ----a-w- c:\windows\system32\smrgdf.exe
2012-01-06 16:29:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
.
============= FINISH: 6:21:13.39 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/6/2008 12:28:10 PM
System Uptime: 1/24/2012 5:47:03 AM (1 hours ago)
.
Motherboard: OEM | | NB-14w2
Processor: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz | U23 | 1466/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 56 GiB total, 40.89 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_1002&DEV_5A62&SUBSYS_2A011584&REV_00\4&2C0D4F31&0&2808
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_1002&DEV_5A62&SUBSYS_2A011584&REV_00\4&2C0D4F31&0&2808
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_2B011584&REV_83\3&13C0B0C5&0&A0
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_2B011584&REV_83\3&13C0B0C5&0&A0
Service:
.
Class GUID:
Description: Modem Device on High Definition Audio Bus
Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_10573055&REV_1007\4&107BDBB9&0&0101
Manufacturer:
Name: Modem Device on High Definition Audio Bus
PNP Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_10573055&REV_1007\4&107BDBB9&0&0101
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2BA01584&REV_10\4&FCF0450&0&58A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2BA01584&REV_10\4&FCF0450&0&58A4
Service: RTL8023xp
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: MPU-401 Compatible MIDI Device
Device ID: ROOT\MEDIA\0000
Manufacturer: Microsoft
Name: MPU-401 Compatible MIDI Device
PNP Device ID: ROOT\MEDIA\0000
Service: ms_mpu401
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\NET\0000
Manufacturer: Microsoft
Name: Microsoft Tun Miniport Adapter
PNP Device ID: ROOT\NET\0000
Service: tunmp
.
==== System Restore Points ===================
.
RP209: 11/17/2011 5:41:48 PM - System Checkpoint
RP210: 11/18/2011 3:02:57 AM - Software Distribution Service 3.0
RP211: 11/19/2011 6:10:41 AM - System Checkpoint
RP212: 11/20/2011 6:36:46 AM - System Checkpoint
RP213: 11/21/2011 8:52:05 AM - System Checkpoint
RP214: 11/22/2011 9:15:17 AM - System Checkpoint
RP215: 11/23/2011 9:54:05 AM - System Checkpoint
RP216: 11/24/2011 11:05:42 AM - System Checkpoint
RP217: 11/25/2011 11:21:13 AM - System Checkpoint
RP218: 11/27/2011 12:42:07 AM - System Checkpoint
RP219: 11/28/2011 12:51:49 AM - System Checkpoint
RP220: 11/29/2011 1:07:01 AM - System Checkpoint
RP221: 11/30/2011 1:52:45 AM - System Checkpoint
RP222: 12/1/2011 2:49:33 AM - System Checkpoint
RP223: 12/2/2011 2:59:29 AM - System Checkpoint
RP224: 12/3/2011 3:41:07 AM - System Checkpoint
RP225: 12/4/2011 4:34:23 AM - System Checkpoint
RP226: 3/10/2006 2:23:32 AM - System Checkpoint
RP227: 3/11/2006 3:11:38 AM - System Checkpoint
RP228: 3/31/2006 8:16:35 PM - System Checkpoint
RP229: 4/1/2006 9:02:50 PM - System Checkpoint
RP230: 4/2/2006 10:02:47 PM - System Checkpoint
RP231: 4/3/2006 11:02:48 PM - System Checkpoint
RP232: 4/5/2006 12:02:48 AM - System Checkpoint
RP233: 4/6/2006 1:02:49 AM - System Checkpoint
RP234: 4/8/2006 2:28:13 AM - Software Distribution Service 3.0
RP235: 4/9/2006 2:33:46 AM - System Checkpoint
RP236: 4/10/2006 3:33:46 AM - System Checkpoint
RP237: 4/11/2006 4:33:46 AM - System Checkpoint
RP238: 4/12/2006 7:07:50 AM - System Checkpoint
RP239: 4/13/2006 7:43:15 AM - System Checkpoint
RP240: 4/14/2006 8:43:16 AM - System Checkpoint
RP241: 4/15/2006 9:43:17 AM - System Checkpoint
RP242: 4/16/2006 9:55:19 AM - System Checkpoint
RP243: 4/17/2006 11:42:01 PM - System Checkpoint
RP244: 4/19/2006 12:51:57 AM - System Checkpoint
RP245: 4/20/2006 1:16:59 AM - System Checkpoint
RP246: 4/22/2006 5:49:37 AM - Installed AVG 2012
RP247: 4/22/2006 5:50:25 AM - Removed AVG 2011
RP248: 4/22/2006 5:51:17 AM - Installed AVG 2012
RP249: 4/22/2006 6:05:31 AM - Removed AVG 2011
RP250: 1/19/2012 1:35:44 PM - System Checkpoint
RP251: 1/20/2012 1:43:08 PM - System Checkpoint
RP252: 1/23/2012 9:34:34 AM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
AVG 2011
AVG 2012
Download_Energy Toolbar
Google Chrome
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Inbox Toolbar
iolo technologies' System Mechanic
Java Auto Updater
Java(TM) 6 Update 24
LWS Twitter
McAfee Security Scan Plus
MediaBar
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
My Web Search (My Web Face)
O2Micro Flash Memory Card Windows Driver V2.00
OGA Notifier 2.0.0048.0
Pandora
QuickTime
Ralink Wireless LAN Card
REALTEK Gigabit and Fast Ethernet NIC Driver
Realtek High Definition Audio Driver
Search Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
SigmaTel MSCN Audio Player
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
WebFldrs XP
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/24/2012 5:47:27 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
1/24/2012 2:37:41 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP Server sent a DHCPNACK message).
1/23/2012 9:00:42 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0013D37AD7AE. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/23/2012 8:57:25 PM, error: Dhcp [1002] - The IP address lease 192.168.169.2 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
1/23/2012 8:50:13 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0013D37AD7AE. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/20/2012 5:48:44 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Tue Jan 24, 2012 6:12 pm    Post subject: Reply with quote

Quote:
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Spyware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.



Hi Kthomas and welcome to Spyware Warrior Forum :

My name is torreattack, and I will be helping you with your malware problems.

I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
Read:
How to back up or transfer your data on a Windows-based computer

Please observe these rules while we work:

  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.

If you can do these things, everything should go smoothly.

  • If you're using XP, you'll need Administrator privileges to perform the fixes. (XP accounts are Administrator by default)

Quote:
It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


If you haven't done so already, please read this topic Things to know before you post where the conditions for receiving help here are explained.


I am currently reviewing your log and will return, as soon as possible, with additional instructions.

Thank you for your patience.
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Wed Jan 25, 2012 1:52 pm    Post subject: Thank you for the help Reply with quote

I will wait for your instructions. I am not sure why my post went up 3 times. Maybe part of my problems? In any case I have read the things to know before you post I was referred here by a friend that said you helped him with problems he had. I don't think I have any pirated or illegal software, I hope not as this computer was givin to me by a friend. How can I check if I have anything like that?
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Wed Jan 25, 2012 8:45 pm    Post subject: Reply with quote

Hi Kthomas :

Quote:
I don't think I have any pirated or illegal software, I hope not as this computer was givin to me by a friend. How can I check if I have anything like that?

We will run a few tools to test.

1. P2P Warning!
IMPORTANT There are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
Shareaza
iMesh

Please note whenever you use any form of P2P networking to download files you can anticipate infestations of malware to occur.
P2P file sharing used to be fairly safe. This is no longer true...continue to use P2P sharing ...at your own risk! Keep in mind that this practice may be the source of your current malware infestation.

As long as you have the P2P program(s) installed, per Spyware Removal Forum Policy: Use of P2P (Person to Person) File Sharing Programmes, I can offer you no further assistance.

I strongly recommend that you uninstall:
Shareaza
iMesh

You can do so by :
  • Click Start > Control Panel > Add/Remove Programs
  • Remove these programs by clicking Remove:
    Shareaza
    iMesh

Take extra care in answering questions posed by any Uninstaller.
However, that choice is up to you.
If you choose NOT to remove these programs...indicate that in your next reply.
If you choose to remove these programs, when finished...run another DDS scan and copy/paste the logs in your next reply.
Please note whenever you use any form of P2P networking to download files you can anticipate infestations of malware to occur.
P2P file sharing used to be fairly safe. This is no longer true...continue to use P2P sharing ...at your own risk! Keep in mind that this practice may be the source of your current malware infestation.


2. MGADiag
  • Please download MGA Diagnostic Tool and save it to your Desktop.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.



3. CKScanner
  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Double-click CKScanner.exe then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.



4. Checklist
Please post:

  • MGADiag log
  • CKScanner log
  • An update on your problems



Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Thu Jan 26, 2012 6:05 pm    Post subject: New logs Reply with quote

Hello again. I tried to do as you said about uninstalling the 2 programs. Shareaza and IMesh neither program came up in the control panel>Add/Remove Programs. I did a search with windows explorer and didn't find Shareaza I did find a folder with IMesh/Mediabar with an uninstall icon. I used that and hopefully it is gone. I do not use P2P programs so they must have been on here before I was given the computer. I re-ran the DDS and have new logs as well as the MGA Diagnostic however when I click on the link for CKScanner I get this error on the page that pops up:

Forbidden
You don't have permission to access /CKScanner.exe on this server.
--------------------------------------------------------------------------------
Apache/2.2.3 (CentOS) Server at downloads.malwareremoval.com Port 80

Any suggestions? Anyway here are my new logs.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Laptop at 8:44:27 on 2012-01-26
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.60 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/home.php?ref=hp
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: {0EEDB912-C5FA-486F-8334-57288578C627} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll
BHO: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: MediaBar: {abb49b3b-ab7d-4ed0-9135-93fd5aa4f69f} - c:\progra~1\imesha~1\mediabar\toolbar\iMeshMediaBarDx.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\laptop\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRunOnce: [removeiMeshtoolbar] cmd.exe /c RD /S /Q "c:\program files\imesh applications\mediabar\ToolBar"
mRunOnce: [removeiMeshdatamngr] cmd.exe /c RD /S /Q "c:\program files\imesh applications\MediaBar"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRman000&si=&a=c2a19gJL4vxbYZevFQ5vOg&n=2011010313
IE: Download with &Shareaza - c:\program files\morpheus music\RazaWebHook.dll/3000
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1} : DhcpNameServer = 192.168.1.1
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.0.6\ViProtocol.dll
AppInit_DLLs:
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-1-5 34144]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-1-5 28800]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 295248]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2011-9-30 722616]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\10.0.6\ToolbarUpdater.exe [2012-1-25 909152]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 134608]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 16720]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-4-25 1684736]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S4 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2011-1-3 28762]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
regfile=NOTEPAD.EXE %1
scrfile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-01-25 10:08:53 -------- d-----w- c:\windows\system32\cache
2012-01-24 04:48:37 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-01-24 04:48:37 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-01-24 04:47:40 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-01-24 04:47:40 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
.
==================== Find3M ====================
.
2012-01-06 16:51:24 29696 ----a-w- c:\windows\system32\iolobtdfg.exe
2012-01-06 16:51:16 11776 ----a-w- c:\windows\system32\smrgdf.exe
2012-01-06 16:29:06 2083464 ----a-w- c:\windows\system32\Incinerator32.dll
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
.
============= FINISH: 8:45:15.81 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 6/6/2008 12:28:10 PM
System Uptime: 1/25/2012 9:04:15 AM (23 hours ago)
.
Motherboard: OEM | | NB-14w2
Processor: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz | U23 | 1466/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 56 GiB total, 40.694 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_1002&DEV_5A62&SUBSYS_2A011584&REV_00\4&2C0D4F31&0&2808
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_1002&DEV_5A62&SUBSYS_2A011584&REV_00\4&2C0D4F31&0&2808
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_2B011584&REV_83\3&13C0B0C5&0&A0
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_1002&DEV_4372&SUBSYS_2B011584&REV_83\3&13C0B0C5&0&A0
Service:
.
Class GUID:
Description: Modem Device on High Definition Audio Bus
Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_10573055&REV_1007\4&107BDBB9&0&0101
Manufacturer:
Name: Modem Device on High Definition Audio Bus
PNP Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_10573055&REV_1007\4&107BDBB9&0&0101
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2BA01584&REV_10\4&FCF0450&0&58A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2BA01584&REV_10\4&FCF0450&0&58A4
Service: RTL8023xp
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: MPU-401 Compatible MIDI Device
Device ID: ROOT\MEDIA\0000
Manufacturer: Microsoft
Name: MPU-401 Compatible MIDI Device
PNP Device ID: ROOT\MEDIA\0000
Service: ms_mpu401
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\NET\0000
Manufacturer: Microsoft
Name: Microsoft Tun Miniport Adapter
PNP Device ID: ROOT\NET\0000
Service: tunmp
.
==== System Restore Points ===================
.
RP209: 11/17/2011 5:41:48 PM - System Checkpoint
RP210: 11/18/2011 3:02:57 AM - Software Distribution Service 3.0
RP211: 11/19/2011 6:10:41 AM - System Checkpoint
RP212: 11/20/2011 6:36:46 AM - System Checkpoint
RP213: 11/21/2011 8:52:05 AM - System Checkpoint
RP214: 11/22/2011 9:15:17 AM - System Checkpoint
RP215: 11/23/2011 9:54:05 AM - System Checkpoint
RP216: 11/24/2011 11:05:42 AM - System Checkpoint
RP217: 11/25/2011 11:21:13 AM - System Checkpoint
RP218: 11/27/2011 12:42:07 AM - System Checkpoint
RP219: 11/28/2011 12:51:49 AM - System Checkpoint
RP220: 11/29/2011 1:07:01 AM - System Checkpoint
RP221: 11/30/2011 1:52:45 AM - System Checkpoint
RP222: 12/1/2011 2:49:33 AM - System Checkpoint
RP223: 12/2/2011 2:59:29 AM - System Checkpoint
RP224: 12/3/2011 3:41:07 AM - System Checkpoint
RP225: 12/4/2011 4:34:23 AM - System Checkpoint
RP226: 3/10/2006 2:23:32 AM - System Checkpoint
RP227: 3/11/2006 3:11:38 AM - System Checkpoint
RP228: 3/31/2006 8:16:35 PM - System Checkpoint
RP229: 4/1/2006 9:02:50 PM - System Checkpoint
RP230: 4/2/2006 10:02:47 PM - System Checkpoint
RP231: 4/3/2006 11:02:48 PM - System Checkpoint
RP232: 4/5/2006 12:02:48 AM - System Checkpoint
RP233: 4/6/2006 1:02:49 AM - System Checkpoint
RP234: 4/8/2006 2:28:13 AM - Software Distribution Service 3.0
RP235: 4/9/2006 2:33:46 AM - System Checkpoint
RP236: 4/10/2006 3:33:46 AM - System Checkpoint
RP237: 4/11/2006 4:33:46 AM - System Checkpoint
RP238: 4/12/2006 7:07:50 AM - System Checkpoint
RP239: 4/13/2006 7:43:15 AM - System Checkpoint
RP240: 4/14/2006 8:43:16 AM - System Checkpoint
RP241: 4/15/2006 9:43:17 AM - System Checkpoint
RP242: 4/16/2006 9:55:19 AM - System Checkpoint
RP243: 4/17/2006 11:42:01 PM - System Checkpoint
RP244: 4/19/2006 12:51:57 AM - System Checkpoint
RP245: 4/20/2006 1:16:59 AM - System Checkpoint
RP246: 4/22/2006 5:49:37 AM - Installed AVG 2012
RP247: 4/22/2006 5:50:25 AM - Removed AVG 2011
RP248: 4/22/2006 5:51:17 AM - Installed AVG 2012
RP249: 4/22/2006 6:05:31 AM - Removed AVG 2011
RP250: 1/19/2012 1:35:44 PM - System Checkpoint
RP251: 1/20/2012 1:43:08 PM - System Checkpoint
RP252: 1/23/2012 9:34:34 AM - System Checkpoint
RP253: 1/25/2012 5:13:16 AM - Software Distribution Service 3.0
RP254: 1/25/2012 8:25:30 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
AVG 2011
AVG 2012
Download_Energy Toolbar
Google Chrome
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Inbox Toolbar
iolo technologies' System Mechanic
Java Auto Updater
Java(TM) 6 Update 24
LWS Twitter
McAfee Security Scan Plus
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
My Web Search (My Web Face)
O2Micro Flash Memory Card Windows Driver V2.00
OGA Notifier 2.0.0048.0
Pandora
QuickTime
Ralink Wireless LAN Card
REALTEK Gigabit and Fast Ethernet NIC Driver
Realtek High Definition Audio Driver
Search Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
SigmaTel MSCN Audio Player
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
WebFldrs XP
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
1/24/2012 5:47:27 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
1/24/2012 2:37:41 AM, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP Server sent a DHCPNACK message).
1/23/2012 9:00:42 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0013D37AD7AE. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/23/2012 8:57:25 PM, error: Dhcp [1002] - The IP address lease 192.168.169.2 for the Network Card with network address 0013D37AD7AE has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
1/23/2012 8:50:13 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0013D37AD7AE. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/19/2012 3:25:52 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-DW2D8-7WVK8-C8D2B
Windows Product Key Hash: b/eTN79vNIfMtUsdxy6ovlCAWAE=
Windows Product ID: 76487-017-5219326-22389
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {9A5ACBC9-FA49-453B-886B-D38116129BB0}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Professional Edition 2003 - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings:
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{9A5ACBC9-FA49-453B-886B-D38116129BB0}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-C8D2B</PKey><PID>76487-017-5219326-22389</PID><PIDType>5</PIDType><SID>S-1-5-21-1409082233-1708537768-839522115</SID><SYSTEM><Manufacturer>OEM</Manufacturer><Model>NB-14w2</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies LTD</Manufacturer><Version>4.06</Version><SMBIOSVersion major="2" minor="4"/><Date>20060626000000.000000+000</Date></BIOS><HWID>14D53E070184CC5E</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91110409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Edition 2003</Name><Ver>11</Ver><Val>355D4EA63AD4DDC</Val><Hash>lLdC+FNQekpJ0bZcyVf7L0qyxT4=</Hash><Pid>70145-750-5618071-57339</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="11" Result="100"/><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="19" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/><App Id="44" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: no
Marker string from BIOS: N/A
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Fri Jan 27, 2012 9:45 am    Post subject: Reply with quote

Hi Kthomas :

Quote:
Forbidden
You don't have permission to access /CKScanner.exe on this server.
--------------------------------------------------------------------------------
Apache/2.2.3 (CentOS) Server at downloads.malwareremoval.com Port 80

Please tell me, is this computer used for business or connected to a business network?
If no, please continue... otherwise <STOP> ... post back and let me know.
Note: Many of these type systems may have specific modifications made..which could be removed or damaged by the tools we use.
These altered systems may also hinder our tools, possibly reducing their effectiveness in removing the malware.


Please retry with the CKScanner.

1. CKScanner
  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Double click CKScanner.exe then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.



2. WVCheck
  • Please download WVCheck from Artellos.com. Save it to your Desktop.
  • Double click WVCheck.exe to run the program.
  • Read the comments on the screen... then press Enter.
    The scan can take a while depending on the size of your hard drive.
  • Once the program is done, Notepad will open with the scan report.
  • Please copy and paste the contents of the Notepad file in your next reply.



3. Checklist
Please post:

  • Answer about business computer
  • CKScanner log
  • WVCheck log


Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Fri Jan 27, 2012 11:59 am    Post subject: Hello again Reply with quote

In answer to your question, no this is a personal laptop. I am connected to a home wireless network to be able to get online.
I am still unable to get to CKScanner link having the same error message pop up. Here is the WVCheck log.

Windows Validation Check
Version: 1.9.12.5
Log Created On: 1454_27-01-2012
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2012-01-27 16:16:22
Last Success Time for Update Download: 2012-01-25 13:25:22
Last Success Time for Update Installation: 2012-01-25 11:30:43


WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------


WVCheck's File Dump
-----------------------
WVCheck found no known bad files.


WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.


WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.


WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.


WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - b26b135ff1b9f60c9388b4a7d16f600b


-------- End of File, program close at 1456_27-01-2012 --------
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Sat Jan 28, 2012 2:41 am    Post subject: Reply with quote

Hi Kthomas :

Quote:
I am still unable to get to CKScanner link having the same error message pop up.
1. Please download it from a different computer, then transfer it with handy-drive/pendrive/CD/DVD to this computer and run it as instructed in previous post.

2. Registry Cleaners
System Mechanic
I don't personally recommend the use of ANY registry cleaners. Here is an excerpt from a discussion on regcleaners
Quote:
Most reg cleaners aren't bad as such, but they aren't perfect and even the best have been known to cause problems. The point we are trying to make is that the risk of using one far outweighs any benefit. If it does work perfectly you will not see any difference. If it doesn't work properly you may end up with an expensive doorstop.


This post by Bill Castner is very informative: WhatTheTech Forum


3. ERUNT - Emergency Recovery Utility NT
Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.
This is a free program that allows you to keep a complete backup of your registry and restore it when needed.
ERUNT utility program
Download:

  • Please download ERUNT...by Lars Hederer. Save it to your desktop.
  • Double-click erunt-setup-exe to run the install process. Install ERUNT by following the prompts.
  • Use the default install settings... say "NO" to the section that asks you to add ERUNT to the Start-Up folder. You can enable this later.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is fine.
  • Make sure the first two check boxes -> (Create ERUNT and NTREGOPT desktop icons) are checked.
  • Click on OK ... then click on "YES" to create the folder.

Run:
This will create a full backup of your registry... ERUNT can be used to restore the registry from this backup, if needed.
  • Please navigate to Start >> All Programs >> ERUNT, then double-click ERUNT from the menu.
  • Click on OK within the pop-up menu.
  • In the next menu under C:\WINDOWS\ERDNT\DD-MM-YYYY under Backup options make sure both the following are selected:
    • System registry.
    • Current user registry.

  • Next click on "OK"... at the prompt... reply "Yes".
    After a short duration the Registry backup is complete! pop-up message will appear.
  • Now click on "OK". A registry backup has now been created.

< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!



4. Remove Programs

  • Click Start > Control Panel > Add/Remove Programs
  • Remove these programs by clicking Remove:
    AVG 2011
    Inbox Toolbar
    iolo technologies' System Mechanic
    Java Auto Updater
    Java(TM) 6 Update 24
    McAfee Security Scan Plus
    MediaBar
    My Web Search (My Web Face)
    Search Toolbar
    Yahoo! BrowserPlus 2.9.8
    Yahoo! Software Update
    Yahoo! Toolbar

Take extra care in answering questions posed by any Uninstaller.


5. Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware and save to your desktop.
  • Double click mbam-setup.exe, then follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    Update Malwarebytes' Anti-Malware
    Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
    Note: If MBAM doesn't return after an update, please start it again.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply



6.Checklist
Please post:

  • CKScanner log
  • MBAM log
  • An update on your problems


Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Sat Jan 28, 2012 9:16 am    Post subject: Hello again Reply with quote

Ok laptop running a little better but still freezing and taking forever to get anywhere. Here are my logs. I think I mat have uninstalled the wrong AVG it was the only one showing and there were nothing for Mediabar or Java Auto Updater

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.BACALB
----- EOF -----


Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.28.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Laptop :: KIA [administrator]

1/28/2012 11:55:42 AM
mbam-log-2012-01-28 (11-55-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 158751
Time elapsed: 7 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?s=100000341&p=GRman000&si=&a=c2a19gJL4vxbYZevFQ5vOg&n=2011010313 -> Quarantined and deleted successfully.

Registry Data Items Detected: 2
HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and repaired successfully.
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Laptop\My Documents\Downloads\MyWebFaceSetup2.3.76.6.GRman000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

(end)
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Sun Jan 29, 2012 6:28 am    Post subject: Reply with quote

Hi Kthomas :

1. Malwarebytes' Anti-Malware Rerun
  • Please start MBAM (Malwarebytes' Anti-Malware) again.
    You must be connected to the Internet to obtain any updates.
  • Press the Update tab.. then press the Check for Updates...button. <<---Important!
    Once any updates are installed or you get the message that you are up-to-date
  • Press the Scanner tab...
  • Select FULL SCAN this time... then press the Scan...button. This scan will take a while, so please be patient.
    When the scan finishes...
  • Check all items except any items (if present) in the C:\System Volume Information folder... then click on Remove Selected.
  • Let MBAM remove what it can... if there are files to be deleted on reboot... please reboot the machine so MBAM can finish the removal.
    If you rebooted, then you'll need to start MBAM again.
  • Press the LOG... tab. Locate the most current log file.
    Please copy and paste the most recent log (from this new run) in your next reply.

Note: If MBAM doesn't return after an update, please start it again.


2. Download and run OTL
Please right-click on the filename link below and select "Save target as..." or "Save Link as...", choose the Desktop location, and choose to save as the filename :Fix.txt
Windows XP, 32 bit : SQWinXP_x32.TXT


---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
----------------------------------------------
Perform a Custom Fix with OTL
Double Click the OTL icon
  • Click the Run Fix button at the top.
  • You will see a popup dialog reporting "No fix has been provided. Click OK to load from a file or Cancel". Click on OK
  • When the Open dialog comes up, Navigate to the Desktop, scroll to find the file named Fix.txt and click Open
  • Some text will appear in the Custom scans/Fixes box.
  • Click the Run Fix button.
  • Let the program run unhindered and reboot the PC when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply. The file will also appear on your desktop as OTL.txt



3. SystemLook
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code:

    :filefind
    *Fun4IM*
    *Bandoo*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*

    :folderfind
    *Fun4IM*
    *Bandoo*
    *Searchqu*
    *iLivid*
    *whitesmoke*
    *datamngr*
    *trolltech*

    :Regfind
    Fun4IM
    Bandoo
    Searchqu
    iLivid
    whitesmoke
    datamngr
    kelkoopartners
    trolltech

  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt


4.Checklist
Please post:

  • MBAM log
  • OTL log
  • SystemLook log
  • An update on your problems

note: These logs can be lengthy, please post in several replies if needed. Please ensure you post COMPLETE log.

Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Sun Jan 29, 2012 10:09 am    Post subject: Hello again Reply with quote

Ok so my boyfriend was playing on this lastnight and a popup came up for Norton's Internet Security and he downloaded this. I uninstalled it this morning. I hope this doesn't screw up any progress we have made. Laptop is still freezing but not as bad as it has been in the past. Here are my new logs. The systemlook encountered problems and had to shut down. It did put a log on desktop but I am not sure if it is complete.

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.29.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Laptop :: KIA [administrator]

1/29/2012 12:04:58 PM
mbam-log-2012-01-29 (12-54-12).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 201244
Time elapsed: 41 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 40
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216005.scr (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216008.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216009.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216010.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216011.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216012.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216014.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216015.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216016.SCR (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216017.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216018.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216019.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216020.EXE (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216021.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216022.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216023.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216024.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216025.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216026.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216027.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216028.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216029.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216030.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216032.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216033.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216034.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216035.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216036.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216038.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216039.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216040.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216041.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216042.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216043.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216044.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216045.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216054.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216013.DLL (PUP.FunWebProducts) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP257\A0216031.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{804C6BFD-FB34-4568-92C6-7A9D719CB3B7}\RP259\A0216426.dll (Adware.MyWebSearch) -> No action taken.

(end)

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\wi371a~1\datamngr\datamngr.dll deleted successfully.
File pInit_DLLs: not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~1\wi371a~1\datamngr\iebho.dll deleted successfully.
File pInit_DLLs: not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page deleted successfully.
Registry key HKEY_CURRENT_USER\Software\DataMngr_Toolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\iLivid\ not found.
Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\searchqutoolbar\ not found.
Registry key HKEY_CURRENT_USER\Software\DataMngr\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu 406 MediaBar\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\menuorder\start menu2\programs\bandoo\ not found.
Registry key HKEY_CURRENT_USER\Software\Trolltech\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\ilivid\ not found.
Registry key HKEY_CURRENT_USER\Software\searchqutoolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Bandoo\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\BandooCore.EXE\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1301A8A5-3DFB-4731-A162-B357D00C9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\iLividSetupV1.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.BandooCore\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.ResourcesMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.SettingsMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BandooCore.StatisticMngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{477F210A-2A86-4666-9C4B-1189634D2C84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF871E51-2655-4D06-AED5-745962A96B32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9189560-573A-4fde-B055-AE7B0F4CF080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ilivid.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\SetupDataMngr_searchqu_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\SearchquMediabarTb\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\currentversion\app management\arpcache\searchqu 406 mediabar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{cc1ac828-bb47-4361-afb5-96eee259dd87}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\clsid\{fefd3af5-a346-4451-aa23-a3ad54915515}\inprocserver32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{5b4144e1-b61d-495a-9a50-cd1a95d86d15}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{6a4bcaba-c437-4c76-a54e-af31b8a76cb9}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\typelib\{841d5a49-e48d-413c-9c28-eb3d9081d705}\1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\internet explorer\low rights\elevationpolicy\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\shared tools\msconfig\startupreg\datamngr\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0EDE4701-347A-45E0-81F0-D81D9F69BBFB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EDE4701-347A-45E0-81F0-D81D9F69BBFB}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1E743B1-DFF5-4DCF-8CD5-9AAFD552B290}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\\C:\PROGRA~1\WINDOW~4\Datamngr\DATAMN~1.EXE not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Windows iLivid Toolbar not found.
File\Folder C:\Program Files\Windows Searchqu Toolbar not found.
File\Folder C:\Program Files\iLivid not found.
File\Folder C:\Windows\Prefetch\ILIVID* not found.
File\Folder C:\Windows\Prefetch\SEARCHQUMEDIABAR* not found.
File\Folder C:\Windows\Prefetch\SETUPDATAMNGR* not found.
File\Folder C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml not found.
File/Folder C:\Documents and Settings\Laptop\Application Data\searchquband not found.
File/Folder C:\Documents and Settings\Laptop\Application Data\searchqutoolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Laptop
->Temp folder emptied: 152024781 bytes
->Temporary Internet Files folder emptied: 2342802 bytes
->Java cache emptied: 2765805 bytes
->Google Chrome cache emptied: 84608554 bytes
->Flash cache emptied: 12831570 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49621 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2142714 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20854871 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 265.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 01292012_125655

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF8107.tmp not found!
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF8230.tmp not found!
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF82DC.tmp not found!
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF82E7.tmp not found!
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF83BD.tmp not found!
File\Folder C:\Documents and Settings\Laptop\Local Settings\Temp\~DF83C8.tmp not found!
C:\Documents and Settings\Laptop\Local Settings\Temporary Internet Files\Content.IE5\YZUJPUCM\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Laptop\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

SystemLook 30.07.11 by jpshortstuff
Log created at 13:06 on 29/01/2012 by Laptop
Administrator - Elevation successful

========== filefind ==========

Searching for "*Fun4IM* "
No files found.

Searching for "*Bandoo* "
No files found.

Searching for "*Searchqu* "
No files found.

Searching for "*iLivid* "
No files found.

Searching for "*whitesmoke* "
C:\Documents and Settings\Laptop\Cookies\laptop@whitesmoke[2].txt --a--c- 174 bytes [19:12 21/12/2010] [19:12 21/12/2010] A2ADFF6C93981A185585D59B2E38F014

Searching for "*datamngr* "
No files found.

Searching for "*trolltech* "
No files found.

========== folderfind ==========

Searching for "*Fun4IM* "
No folders found.

Searching for "*Bandoo* "
No folders found.

Searching for "*Searchqu* "
No folders found.

Searching for "*iLivid* "
No folders found.

Searching for "*whitesmoke* "
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeSetup d------ [19:09 21/12/2010]
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeTranslator d------ [19:14 21/12/2010]

Searching for "*datamngr* "
No folders found.

Searching for "*trolltech* "
No folders found.

========== Regfind ==========

Searching for "Fun4IM "
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Sun Jan 29, 2012 10:15 am    Post subject: reran systemlook Reply with quote

Ok I re-ran Systemlook after I logged out and it ran the whole way here is that log

SystemLook 30.07.11 by jpshortstuff
Log created at 13:13 on 29/01/2012 by Laptop
Administrator - Elevation successful

No Context: SystemLook 30.07.11 by jpshortstuff

No Context: Log created at 13:06 on 29/01/2012 by Laptop

No Context: Administrator - Elevation successful

No Context: ========== filefind ==========

No Context: Searching for "*Fun4IM* "

No Context: No files found.

No Context: Searching for "*Bandoo* "

No Context: No files found.

No Context: Searching for "*Searchqu* "

No Context: No files found.

No Context: Searching for "*iLivid* "

No Context: No files found.

No Context: Searching for "*whitesmoke* "

No Context: C:\Documents and Settings\Laptop\Cookies\laptop@whitesmoke[2].txt --a--c- 174 bytes [19:12 21/12/2010] [19:12 21/12/2010] A2ADFF6C93981A185585D59B2E38F014

No Context: Searching for "*datamngr* "

No Context: No files found.

No Context: Searching for "*trolltech* "

No Context: No files found.

No Context: ========== folderfind ==========

No Context: Searching for "*Fun4IM* "

No Context: No folders found.

No Context: Searching for "*Bandoo* "

No Context: No folders found.

No Context: Searching for "*Searchqu* "

No Context: No folders found.

No Context: Searching for "*iLivid* "

No Context: No folders found.

No Context: Searching for "*whitesmoke* "

No Context: C:\Documents and Settings\Laptop\Application Data\WhiteSmokeSetup d------ [19:09 21/12/2010]

No Context: C:\Documents and Settings\Laptop\Application Data\WhiteSmokeTranslator d------ [19:14 21/12/2010]

No Context: Searching for "*datamngr* "

No Context: No folders found.

No Context: Searching for "*trolltech* "

No Context: No folders found.

No Context: ========== Regfind ==========

No Context: Searching for "Fun4IM "

-= EOF =-
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Mon Jan 30, 2012 5:35 am    Post subject: Reply with quote

Hi Kthomas :

Quote:
Ok so my boyfriend was playing on this lastnight and a popup came up for Norton's Internet Security and he downloaded this. I uninstalled it this morning. I hope this doesn't screw up any progress we have made. Laptop is still freezing but not as bad as it has been in the past. Here are my new logs. The systemlook encountered problems and had to shut down. It did put a log on desktop but I am not sure if it is complete.

Thanks for the info. But please minimize the usage or changes on this computer during this period.

Quote:
Here are my logs. I think I mat have uninstalled the wrong AVG it was the only one showing

Have you reinstall back the antivirus?


1. OTL fix
Please make sure OTL.exe is on your Desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop
  • Double click on OTL.exe to run it.
  • Copy the following text... do not include the quote box title "Quote'
    Quote:
    :Files
    C:\Documents and Settings\Laptop\Cookies\laptop@whitesmoke[2].txt
    C:\Documents and Settings\Laptop\Application Data\WhiteSmokeSetup
    C:\Documents and Settings\Laptop\Application Data\WhiteSmokeTranslator
    ipconfig /flushdns /c

    :Commands
    [EmptyTemp]
    [CreateRestorePoint]

  • Click under the Custom Scan/Fixes box and paste the copied text.
  • Click the Run Fix button. If prompted... click OK.
  • Let the program run unhindered and reboot. You will get a fix log when it is done, please post that in your reply
  • After that, please re-run OTL and create a new OTL report....
  • Click the "Scan All Users" checkbox.
  • Click the "Run Scan button.
  • A report will open, copy and paste it in a reply here.



2. TDSSKiller
Please download TDSSKiller.exe and save it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT




3. Checklist
Please post:

  • OTL fix result
  • OTL.txt only
  • TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt
  • An update on your problems

note: These logs can be lengthy, please post in several replies if needed. Please ensure you post COMPLETE log.

Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Mon Jan 30, 2012 1:58 pm    Post subject: Hello again Reply with quote

Quote
Thanks for the info. But please minimize the usage or changes on this computer during this period.

I didn't want to install anything until this was done. He didn't know but heknows now.

Quote

Have you reinstall back the antivirus?

I tried to reinstall the AVG 2012 but got an error message. I didn't try to do it again figured I would wait until we have the problems fixed.

Here are the logs you requested.Custom Scan/Fixes, OTL Text and Extras Text(this came up with the OTL Text. I will post the TDSSKiller log next.

All processes killed
========== FILES ==========
C:\Documents and Settings\Laptop\Cookies\laptop@whitesmoke[2].txt moved successfully.
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeSetup folder moved successfully.
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeTranslator folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Laptop\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Laptop\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Laptop
->Temp folder emptied: 642106 bytes
->Temporary Internet Files folder emptied: 467420 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1184 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 01302012_163734

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


OTL logfile created on: 1/30/2012 4:40:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 208.16 Mb Available Physical Memory | 46.67% Memory free
1.03 Gb Paging File | 0.87 Gb Available in Paging File | 84.98% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 41.26 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/10 09:03:41 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2006/03/15 08:30:24 | 000,593,920 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Win32 Services (SafeList) ==========

SRV - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)


========== Driver Services (SafeList) ==========

DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/04/14 15:09:56 | 005,069,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/03/08 16:28:00 | 000,255,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/01/05 00:33:00 | 000,034,144 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2006/01/05 00:33:00 | 000,028,800 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/09/29 19:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 13:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE 62 4C F5 AF DE CC 01 [binary data]
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/?ref=hp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\


========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={4000513C-D421-4EE7-AFAB-47B243124E41}&mid=5fbf2f5ada7247d6a8e1d15a959e3e5d-0&lang=en&ds=AVG&pr=pr&d=2006-04-22 06:00:58&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Morpheus Music\RazaWebHook.dll/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/06 11:24:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell - "" = AutoRun
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{eda6d518-59ef-11df-8b3c-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: ("autocheck autochk *")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/30 16:34:24 | 002,059,056 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 12:56:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/29 12:19:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/01/29 04:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/01/29 03:56:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/01/29 02:34:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012/01/28 12:07:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/28 11:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Application Data\Malwarebytes
[2012/01/28 11:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 11:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/28 11:53:35 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/28 11:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/01/28 11:11:21 | 003,968,544 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Laptop\Desktop\avg_free_stb_all_2012_1901_cnet.exe
[2012/01/28 10:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/28 10:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/01/28 10:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/01/26 09:20:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laptop\Recent
[2012/01/26 08:47:55 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 05:08:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/24 06:19:06 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/23 23:48:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/01/23 23:47:40 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

========== Files - Modified Within 30 Days ==========

[2012/01/30 16:39:18 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/30 16:38:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/30 16:34:33 | 002,059,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/30 16:10:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003UA.job
[2012/01/30 10:10:01 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003Core.job
[2012/01/29 13:16:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/29 12:19:37 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:36:13 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/29 04:36:13 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/28 11:58:13 | 003,968,544 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Laptop\Desktop\avg_free_stb_all_2012_1901_cnet.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:27:16 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/28 09:18:51 | 087,640,658 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/01/27 14:53:43 | 003,514,358 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2012/01/26 14:09:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/26 08:47:55 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 18:51:54 | 000,210,542 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/01/25 10:13:41 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/25 10:13:40 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\Google Chrome.lnk
[2012/01/25 08:26:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/25 06:42:43 | 000,241,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/24 06:19:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/19 13:12:53 | 000,619,898 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm

========== Files Created - No Company Name ==========

[2012/01/29 12:19:37 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:36:14 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:24 | 003,514,358 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2011/09/30 18:49:13 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/04/24 16:31:16 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/10 12:31:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 18:00:23 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/25 13:59:00 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/25 13:59:00 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2009/04/25 13:59:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2008/06/06 15:08:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/06 11:28:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/06 11:20:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/06 06:45:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/06 06:44:19 | 000,241,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/10 00:22:38 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\FASTWiz.html
[2006/01/05 00:33:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2006/01/05 00:33:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,315,076 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,041,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras logfile created on: 1/30/2012 4:40:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 208.16 Mb Available Physical Memory | 46.67% Memory free
1.03 Gb Paging File | 0.87 Gb Available in Paging File | 84.98% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 41.26 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Disabled:FrostWire
"C:\Program Files\iolo\System Mechanic\SysMech.exe" = C:\Program Files\iolo\System Mechanic\SysMech.exe:*:Enabled:System Mechanic
"C:\Program Files\RALINK\Common\RaUI.exe" = C:\Program Files\RALINK\Common\RaUI.exe:*:Enabled:Ralink Wireless Utility -- (Ralink Technology, Corp.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2B7B87E3-90D5-4086-B921-31C24DF20166}" = AVG 2011
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{E3E3C2C5-B78F-560D-01C0-A9F11945D17B}" = Pandora
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE45EF11-F91F-4A39-A3CC-CD6B22FE4288}" = O2Micro Flash Memory Card Windows Driver V2.00
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Software Uninstall Utility
"AVG" = AVG 2012
"com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1" = Pandora
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{FE45EF11-F91F-4A39-A3CC-CD6B22FE4288}" = O2Micro Flash Memory Card Windows Driver V2.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/5/2010 12:52:02 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 12:52:04 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 12:55:30 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 2:12:07 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/7/2010 3:39:51 PM | Computer Name = KIA | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
wininet.dll, version 8.0.6001.18968, fault address 0x0001f168.

[ System Events ]
Error - 10/1/2011 9:29:29 AM | Computer Name = KIA | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.

Error - 10/1/2011 10:11:02 AM | Computer Name = KIA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.104 for the Network Card with network
address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP
Server sent a DHCPNACK message).

Error - 3/10/2006 12:01:31 AM | Computer Name = KIA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.104 for the Network Card with network
address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP
Server sent a DHCPNACK message).

Error - 3/12/2006 12:49:35 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/14/2006 12:49:36 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/16/2006 12:49:37 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/18/2006 12:49:38 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/20/2006 12:49:39 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/22/2006 12:49:40 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/22/2006 9:34:44 AM | Computer Name = KIA | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.


< End of report >
[/b]
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Mon Jan 30, 2012 1:58 pm    Post subject: Hello again Reply with quote

Quote
Thanks for the info. But please minimize the usage or changes on this computer during this period.

I didn't want to install anything until this was done. He didn't know but heknows now.

Quote

Have you reinstall back the antivirus?

I tried to reinstall the AVG 2012 but got an error message. I didn't try to do it again figured I would wait until we have the problems fixed.

Here are the logs you requested.Custom Scan/Fixes, OTL Text and Extras Text(this came up with the OTL Text. I will post the TDSSKiller log next.

All processes killed
========== FILES ==========
C:\Documents and Settings\Laptop\Cookies\laptop@whitesmoke[2].txt moved successfully.
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeSetup folder moved successfully.
C:\Documents and Settings\Laptop\Application Data\WhiteSmokeTranslator folder moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Laptop\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Laptop\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Laptop
->Temp folder emptied: 642106 bytes
->Temporary Internet Files folder emptied: 467420 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1184 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 01302012_163734

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


OTL logfile created on: 1/30/2012 4:40:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 208.16 Mb Available Physical Memory | 46.67% Memory free
1.03 Gb Paging File | 0.87 Gb Available in Paging File | 84.98% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 41.26 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/10 09:03:41 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2006/03/15 08:30:24 | 000,593,920 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Win32 Services (SafeList) ==========

SRV - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)


========== Driver Services (SafeList) ==========

DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/04/14 15:09:56 | 005,069,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/03/08 16:28:00 | 000,255,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/01/05 00:33:00 | 000,034,144 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2006/01/05 00:33:00 | 000,028,800 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/09/29 19:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 13:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE 62 4C F5 AF DE CC 01 [binary data]
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/?ref=hp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\


========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={4000513C-D421-4EE7-AFAB-47B243124E41}&mid=5fbf2f5ada7247d6a8e1d15a959e3e5d-0&lang=en&ds=AVG&pr=pr&d=2006-04-22 06:00:58&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Morpheus Music\RazaWebHook.dll/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/06 11:24:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell - "" = AutoRun
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{eda6d518-59ef-11df-8b3c-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: ("autocheck autochk *")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/30 16:34:24 | 002,059,056 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 12:56:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/29 12:19:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/01/29 04:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/01/29 03:56:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/01/29 02:34:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012/01/28 12:07:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/28 11:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Application Data\Malwarebytes
[2012/01/28 11:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 11:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/28 11:53:35 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/28 11:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/01/28 11:11:21 | 003,968,544 | ---- | C] (AVG Technologies) -- C:\Documents and Settings\Laptop\Desktop\avg_free_stb_all_2012_1901_cnet.exe
[2012/01/28 10:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/28 10:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/01/28 10:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/01/26 09:20:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laptop\Recent
[2012/01/26 08:47:55 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 05:08:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/24 06:19:06 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/23 23:48:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/01/23 23:47:40 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

========== Files - Modified Within 30 Days ==========

[2012/01/30 16:39:18 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/30 16:38:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/30 16:34:33 | 002,059,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/30 16:10:00 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003UA.job
[2012/01/30 10:10:01 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003Core.job
[2012/01/29 13:16:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/29 12:19:37 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:36:13 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/29 04:36:13 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/28 11:58:13 | 003,968,544 | ---- | M] (AVG Technologies) -- C:\Documents and Settings\Laptop\Desktop\avg_free_stb_all_2012_1901_cnet.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:27:16 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/28 09:18:51 | 087,640,658 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/01/27 14:53:43 | 003,514,358 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2012/01/26 14:09:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/26 08:47:55 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 18:51:54 | 000,210,542 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/01/25 10:13:41 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/25 10:13:40 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\Google Chrome.lnk
[2012/01/25 08:26:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/25 06:42:43 | 000,241,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/24 06:19:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/19 13:12:53 | 000,619,898 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm

========== Files Created - No Company Name ==========

[2012/01/29 12:19:37 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:36:14 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:24 | 003,514,358 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2011/09/30 18:49:13 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/04/24 16:31:16 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/10 12:31:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 18:00:23 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/25 13:59:00 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/25 13:59:00 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2009/04/25 13:59:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2008/06/06 15:08:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/06 11:28:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/06 11:20:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/06 06:45:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/06 06:44:19 | 000,241,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/10 00:22:38 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\FASTWiz.html
[2006/01/05 00:33:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2006/01/05 00:33:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,315,076 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,041,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras logfile created on: 1/30/2012 4:40:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 208.16 Mb Available Physical Memory | 46.67% Memory free
1.03 Gb Paging File | 0.87 Gb Available in Paging File | 84.98% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 41.26 Gb Free Space | 73.83% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Disabled:FrostWire
"C:\Program Files\iolo\System Mechanic\SysMech.exe" = C:\Program Files\iolo\System Mechanic\SysMech.exe:*:Enabled:System Mechanic
"C:\Program Files\RALINK\Common\RaUI.exe" = C:\Program Files\RALINK\Common\RaUI.exe:*:Enabled:Ralink Wireless Utility -- (Ralink Technology, Corp.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2B7B87E3-90D5-4086-B921-31C24DF20166}" = AVG 2011
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{8E240C1C-25D0-4248-BC6C-ACC3472E35CE}" = SigmaTel MSCN Audio Player
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{E3E3C2C5-B78F-560D-01C0-A9F11945D17B}" = Pandora
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN Card
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE45EF11-F91F-4A39-A3CC-CD6B22FE4288}" = O2Micro Flash Memory Card Windows Driver V2.00
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"All ATI Software" = ATI - Software Uninstall Utility
"AVG" = AVG 2012
"com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1" = Pandora
"ERUNT_is1" = ERUNT 1.1j
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{FE45EF11-F91F-4A39-A3CC-CD6B22FE4288}" = O2Micro Flash Memory Card Windows Driver V2.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/5/2010 12:52:02 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 12:52:04 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 12:55:30 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/5/2010 2:12:07 AM | Computer Name = KIA | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 12/7/2010 3:39:51 PM | Computer Name = KIA | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
wininet.dll, version 8.0.6001.18968, fault address 0x0001f168.

[ System Events ]
Error - 10/1/2011 9:29:29 AM | Computer Name = KIA | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.

Error - 10/1/2011 10:11:02 AM | Computer Name = KIA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.104 for the Network Card with network
address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP
Server sent a DHCPNACK message).

Error - 3/10/2006 12:01:31 AM | Computer Name = KIA | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.104 for the Network Card with network
address 0013D37AD7AE has been denied by the DHCP server 192.168.169.1 (The DHCP
Server sent a DHCPNACK message).

Error - 3/12/2006 12:49:35 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/14/2006 12:49:36 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/16/2006 12:49:37 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/18/2006 12:49:38 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/20/2006 12:49:39 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/22/2006 12:49:40 AM | Computer Name = KIA | Source = Windows Update Agent | ID = 16
Description = Unable to Connect: Windows is unable to connect to the automatic updates
service and therefore cannot download and install updates according to the set
schedule. Windows will continue to try to establish a connection.

Error - 3/22/2006 9:34:44 AM | Computer Name = KIA | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the avgwd service.


< End of report >
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Mon Jan 30, 2012 2:01 pm    Post subject: TDSSKiller Report Reply with quote

Here is the TDSSKiller Report. I have no antivirus installed now so the only place I am going online is Spyware Warrior.

16:47:42.0531 2244 TDSS rootkit removing tool 2.7.8.0 Jan 30 2012 16:39:36
16:47:43.0406 2244 ============================================================
16:47:43.0406 2244 Current date / time: 2012/01/30 16:47:43.0406
16:47:43.0406 2244 SystemInfo:
16:47:43.0406 2244
16:47:43.0421 2244 OS Version: 5.1.2600 ServicePack: 3.0
16:47:43.0421 2244 Product type: Workstation
16:47:43.0421 2244 ComputerName: KIA
16:47:43.0421 2244 UserName: Laptop
16:47:43.0421 2244 Windows directory: C:\WINDOWS
16:47:43.0421 2244 System windows directory: C:\WINDOWS
16:47:43.0421 2244 Processor architecture: Intel x86
16:47:43.0421 2244 Number of processors: 1
16:47:43.0421 2244 Page size: 0x1000
16:47:43.0421 2244 Boot type: Normal boot
16:47:43.0421 2244 ============================================================
16:47:46.0125 2244 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:47:46.0140 2244 \Device\Harddisk0\DR0:
16:47:46.0140 2244 MBR used
16:47:46.0140 2244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6FC6800
16:47:46.0187 2244 Initialize success
16:47:46.0187 2244 ============================================================
16:47:55.0812 2596 ============================================================
16:47:55.0812 2596 Scan started
16:47:55.0812 2596 Mode: Manual;
16:47:55.0812 2596 ============================================================
16:47:56.0140 2596 Abiosdsk - ok
16:47:56.0187 2596 abp480n5 - ok
16:47:56.0296 2596 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:47:56.0296 2596 ACPI - ok
16:47:56.0453 2596 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:47:56.0453 2596 ACPIEC - ok
16:47:56.0515 2596 adpu160m - ok
16:47:56.0687 2596 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:47:56.0687 2596 aec - ok
16:47:56.0828 2596 AegisP (2f7f3e8da380325866e566f5d5ec23d5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:47:56.0828 2596 AegisP - ok
16:47:56.0937 2596 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:47:56.0937 2596 AFD - ok
16:47:57.0078 2596 Aha154x - ok
16:47:57.0156 2596 aic78u2 - ok
16:47:57.0265 2596 aic78xx - ok
16:47:57.0375 2596 AliIde - ok
16:47:57.0593 2596 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
16:47:57.0656 2596 Ambfilt - ok
16:47:57.0781 2596 amsint - ok
16:47:57.0921 2596 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:47:57.0921 2596 Arp1394 - ok
16:47:58.0046 2596 asc - ok
16:47:58.0125 2596 asc3350p - ok
16:47:58.0234 2596 asc3550 - ok
16:47:58.0343 2596 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:47:58.0343 2596 AsyncMac - ok
16:47:58.0437 2596 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:47:58.0437 2596 atapi - ok
16:47:58.0531 2596 Atdisk - ok
16:47:58.0671 2596 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:47:58.0671 2596 Atmarpc - ok
16:47:58.0812 2596 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:47:58.0812 2596 audstub - ok
16:47:58.0953 2596 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:47:58.0953 2596 Beep - ok
16:47:59.0109 2596 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:47:59.0109 2596 cbidf2k - ok
16:47:59.0156 2596 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:47:59.0156 2596 CCDECODE - ok
16:47:59.0250 2596 cd20xrnt - ok
16:47:59.0359 2596 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:47:59.0359 2596 Cdaudio - ok
16:47:59.0515 2596 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:47:59.0515 2596 Cdfs - ok
16:47:59.0625 2596 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:47:59.0625 2596 Cdrom - ok
16:47:59.0703 2596 Changer - ok
16:47:59.0781 2596 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:47:59.0781 2596 CmBatt - ok
16:47:59.0828 2596 CmdIde - ok
16:47:59.0875 2596 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:47:59.0875 2596 Compbatt - ok
16:48:00.0015 2596 Cpqarray - ok
16:48:00.0062 2596 dac2w2k - ok
16:48:00.0125 2596 dac960nt - ok
16:48:00.0234 2596 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:48:00.0234 2596 Disk - ok
16:48:00.0390 2596 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:48:00.0421 2596 dmboot - ok
16:48:00.0546 2596 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:48:00.0562 2596 dmio - ok
16:48:00.0656 2596 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:48:00.0656 2596 dmload - ok
16:48:00.0828 2596 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:48:00.0828 2596 DMusic - ok
16:48:01.0000 2596 dpti2o - ok
16:48:01.0109 2596 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:48:01.0109 2596 drmkaud - ok
16:48:01.0343 2596 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:48:01.0343 2596 Fastfat - ok
16:48:01.0437 2596 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
16:48:01.0437 2596 Fdc - ok
16:48:01.0593 2596 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:48:01.0593 2596 Fips - ok
16:48:01.0718 2596 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:48:01.0718 2596 Flpydisk - ok
16:48:01.0859 2596 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:48:01.0859 2596 FltMgr - ok
16:48:01.0984 2596 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:48:01.0984 2596 Fs_Rec - ok
16:48:02.0109 2596 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:48:02.0109 2596 Ftdisk - ok
16:48:02.0234 2596 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:48:02.0234 2596 Gpc - ok
16:48:02.0375 2596 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:48:02.0375 2596 HDAudBus - ok
16:48:02.0578 2596 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:48:02.0578 2596 HidUsb - ok
16:48:02.0687 2596 hpn - ok
16:48:02.0843 2596 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:48:02.0859 2596 HTTP - ok
16:48:02.0968 2596 i2omgmt - ok
16:48:03.0046 2596 i2omp - ok
16:48:03.0140 2596 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:48:03.0140 2596 i8042prt - ok
16:48:03.0281 2596 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:48:03.0281 2596 Imapi - ok
16:48:03.0359 2596 ini910u - ok
16:48:03.0703 2596 IntcAzAudAddService (83e8ff9bf94f1024b73d091ef4f86abe) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:48:03.0937 2596 IntcAzAudAddService - ok
16:48:04.0078 2596 IntelIde - ok
16:48:04.0156 2596 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:48:04.0156 2596 intelppm - ok
16:48:04.0265 2596 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:48:04.0265 2596 Ip6Fw - ok
16:48:04.0375 2596 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:48:04.0375 2596 IpFilterDriver - ok
16:48:04.0484 2596 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:48:04.0500 2596 IpInIp - ok
16:48:04.0578 2596 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:48:04.0578 2596 IpNat - ok
16:48:04.0671 2596 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:48:04.0671 2596 IPSec - ok
16:48:04.0812 2596 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:48:04.0812 2596 IRENUM - ok
16:48:04.0937 2596 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:48:04.0937 2596 isapnp - ok
16:48:05.0093 2596 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:48:05.0093 2596 Kbdclass - ok
16:48:05.0234 2596 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:48:05.0234 2596 kbdhid - ok
16:48:05.0343 2596 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:48:05.0343 2596 kmixer - ok
16:48:05.0515 2596 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:48:05.0515 2596 KSecDD - ok
16:48:05.0656 2596 lbrtfdc - ok
16:48:05.0765 2596 LVRS - ok
16:48:05.0843 2596 LVUVC - ok
16:48:05.0953 2596 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:48:05.0953 2596 mnmdd - ok
16:48:06.0125 2596 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:48:06.0125 2596 Modem - ok
16:48:06.0312 2596 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
16:48:06.0375 2596 Monfilt - ok
16:48:06.0515 2596 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:48:06.0515 2596 Mouclass - ok
16:48:06.0625 2596 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:48:06.0625 2596 mouhid - ok
16:48:06.0828 2596 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:48:06.0828 2596 MountMgr - ok
16:48:06.0921 2596 mraid35x - ok
16:48:07.0000 2596 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:48:07.0000 2596 MRxDAV - ok
16:48:07.0125 2596 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:48:07.0156 2596 MRxSmb - ok
16:48:07.0328 2596 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:48:07.0328 2596 Msfs - ok
16:48:07.0421 2596 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:48:07.0421 2596 MSKSSRV - ok
16:48:07.0531 2596 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:48:07.0531 2596 MSPCLOCK - ok
16:48:07.0593 2596 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:48:07.0593 2596 MSPQM - ok
16:48:07.0625 2596 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:48:07.0625 2596 mssmbios - ok
16:48:07.0734 2596 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:48:07.0734 2596 MSTEE - ok
16:48:07.0875 2596 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
16:48:07.0875 2596 ms_mpu401 - ok
16:48:07.0937 2596 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:48:07.0953 2596 Mup - ok
16:48:08.0109 2596 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:48:08.0109 2596 NABTSFEC - ok
16:48:08.0203 2596 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:48:08.0203 2596 NDIS - ok
16:48:08.0328 2596 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:48:08.0328 2596 NdisIP - ok
16:48:08.0406 2596 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:48:08.0406 2596 NdisTapi - ok
16:48:08.0546 2596 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:48:08.0546 2596 Ndisuio - ok
16:48:08.0593 2596 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:48:08.0593 2596 NdisWan - ok
16:48:08.0718 2596 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:48:08.0718 2596 NDProxy - ok
16:48:08.0796 2596 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:48:08.0796 2596 NetBIOS - ok
16:48:08.0906 2596 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:48:08.0906 2596 NetBT - ok
16:48:09.0093 2596 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:48:09.0109 2596 NIC1394 - ok
16:48:09.0218 2596 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
16:48:09.0218 2596 nm - ok
16:48:09.0296 2596 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:48:09.0296 2596 Npfs - ok
16:48:09.0390 2596 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:48:09.0421 2596 Ntfs - ok
16:48:09.0578 2596 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:48:09.0578 2596 Null - ok
16:48:09.0687 2596 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:48:09.0687 2596 NwlnkFlt - ok
16:48:09.0765 2596 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:48:09.0765 2596 NwlnkFwd - ok
16:48:09.0859 2596 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
16:48:09.0859 2596 NwlnkIpx - ok
16:48:09.0968 2596 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
16:48:09.0968 2596 NwlnkNb - ok
16:48:10.0109 2596 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
16:48:10.0125 2596 NwlnkSpx - ok
16:48:10.0218 2596 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
16:48:10.0218 2596 NWRDR - ok
16:48:10.0390 2596 O2MDRDR (978db00debe81643f204cbc50707f30d) C:\WINDOWS\system32\DRIVERS\o2media.sys
16:48:10.0390 2596 O2MDRDR - ok
16:48:10.0500 2596 O2SDRDR (694b4555cec16397aa8731ce87fc1e11) C:\WINDOWS\system32\DRIVERS\o2sd.sys
16:48:10.0500 2596 O2SDRDR - ok
16:48:10.0625 2596 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:48:10.0625 2596 ohci1394 - ok
16:48:10.0781 2596 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
16:48:10.0781 2596 Parport - ok
16:48:10.0875 2596 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:48:10.0875 2596 PartMgr - ok
16:48:10.0953 2596 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:48:10.0953 2596 ParVdm - ok
16:48:11.0109 2596 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:48:11.0109 2596 PCI - ok
16:48:11.0140 2596 PCIDump - ok
16:48:11.0218 2596 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:48:11.0218 2596 PCIIde - ok
16:48:11.0328 2596 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:48:11.0343 2596 Pcmcia - ok
16:48:11.0375 2596 PDCOMP - ok
16:48:11.0421 2596 PDFRAME - ok
16:48:11.0468 2596 PDRELI - ok
16:48:11.0500 2596 PDRFRAME - ok
16:48:11.0531 2596 perc2 - ok
16:48:11.0578 2596 perc2hib - ok
16:48:11.0750 2596 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:48:11.0765 2596 PptpMiniport - ok
16:48:11.0875 2596 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:48:11.0875 2596 PSched - ok
16:48:11.0937 2596 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:48:11.0937 2596 Ptilink - ok
16:48:12.0015 2596 ql1080 - ok
16:48:12.0046 2596 Ql10wnt - ok
16:48:12.0093 2596 ql12160 - ok
16:48:12.0125 2596 ql1240 - ok
16:48:12.0171 2596 ql1280 - ok
16:48:12.0218 2596 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:48:12.0218 2596 RasAcd - ok
16:48:12.0296 2596 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:48:12.0296 2596 Rasl2tp - ok
16:48:12.0406 2596 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:48:12.0406 2596 RasPppoe - ok
16:48:12.0500 2596 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:48:12.0500 2596 Raspti - ok
16:48:12.0640 2596 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:48:12.0640 2596 Rdbss - ok
16:48:12.0734 2596 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:48:12.0734 2596 RDPCDD - ok
16:48:12.0890 2596 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:48:12.0906 2596 rdpdr - ok
16:48:13.0015 2596 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:48:13.0015 2596 RDPWD - ok
16:48:13.0171 2596 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:48:13.0171 2596 redbook - ok
16:48:13.0296 2596 RT73 (11c29282dc52e474c432b1b9e9c360cd) C:\WINDOWS\system32\DRIVERS\rt73.sys
16:48:13.0328 2596 RT73 - ok
16:48:13.0468 2596 RTL8023xp (7889e3981e0a5d347e037abd467d53a5) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
16:48:13.0468 2596 RTL8023xp - ok
16:48:13.0546 2596 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
16:48:13.0546 2596 rtl8139 - ok
16:48:13.0750 2596 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:48:13.0750 2596 sdbus - ok
16:48:13.0812 2596 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:48:13.0812 2596 Secdrv - ok
16:48:13.0968 2596 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
16:48:13.0968 2596 Serial - ok
16:48:14.0062 2596 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
16:48:14.0062 2596 sffdisk - ok
16:48:14.0156 2596 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
16:48:14.0156 2596 sffp_sd - ok
16:48:14.0234 2596 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:48:14.0234 2596 Sfloppy - ok
16:48:14.0312 2596 Simbad - ok
16:48:14.0390 2596 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:48:14.0390 2596 SLIP - ok
16:48:14.0468 2596 Sparrow - ok
16:48:14.0578 2596 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:48:14.0578 2596 splitter - ok
16:48:14.0640 2596 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:48:14.0640 2596 sr - ok
16:48:14.0812 2596 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:48:14.0828 2596 Srv - ok
16:48:14.0984 2596 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:48:14.0984 2596 streamip - ok
16:48:15.0109 2596 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:48:15.0109 2596 swenum - ok
16:48:15.0203 2596 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:48:15.0203 2596 swmidi - ok
16:48:15.0296 2596 symc810 - ok
16:48:15.0359 2596 symc8xx - ok
16:48:15.0390 2596 sym_hi - ok
16:48:15.0437 2596 sym_u3 - ok
16:48:15.0546 2596 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:48:15.0546 2596 sysaudio - ok
16:48:15.0765 2596 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:48:15.0796 2596 Tcpip - ok
16:48:15.0968 2596 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
16:48:15.0984 2596 Tcpip6 - ok
16:48:16.0109 2596 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:48:16.0109 2596 TDPIPE - ok
16:48:16.0218 2596 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:48:16.0218 2596 TDTCP - ok
16:48:16.0312 2596 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:48:16.0312 2596 TermDD - ok
16:48:16.0406 2596 TosIde - ok
16:48:16.0515 2596 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
16:48:16.0515 2596 tunmp - ok
16:48:16.0625 2596 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:48:16.0625 2596 Udfs - ok
16:48:16.0765 2596 ultra - ok
16:48:16.0937 2596 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:48:16.0953 2596 Update - ok
16:48:17.0125 2596 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:48:17.0125 2596 usbaudio - ok
16:48:17.0250 2596 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:48:17.0250 2596 usbccgp - ok
16:48:17.0375 2596 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:48:17.0375 2596 usbehci - ok
16:48:17.0468 2596 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:48:17.0468 2596 usbhub - ok
16:48:17.0593 2596 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:48:17.0593 2596 usbohci - ok
16:48:17.0687 2596 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:48:17.0687 2596 USBSTOR - ok
16:48:17.0812 2596 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:48:17.0812 2596 usbvideo - ok
16:48:17.0937 2596 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:48:17.0937 2596 VgaSave - ok
16:48:18.0015 2596 ViaIde - ok
16:48:18.0125 2596 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:48:18.0140 2596 VolSnap - ok
16:48:18.0312 2596 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:48:18.0312 2596 Wanarp - ok
16:48:18.0375 2596 WDICA - ok
16:48:18.0421 2596 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:48:18.0421 2596 wdmaud - ok
16:48:18.0781 2596 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:48:18.0781 2596 WSTCODEC - ok
16:48:18.0875 2596 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:48:18.0890 2596 WudfPf - ok
16:48:18.0968 2596 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:48:18.0968 2596 WudfRd - ok
16:48:19.0156 2596 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:48:19.0359 2596 \Device\Harddisk0\DR0 - ok
16:48:19.0406 2596 Boot (0x1200) (571ad7d56bd530dfd438964417d2bfa8) \Device\Harddisk0\DR0\Partition0
16:48:19.0406 2596 \Device\Harddisk0\DR0\Partition0 - ok
16:48:19.0421 2596 ============================================================
16:48:19.0421 2596 Scan finished
16:48:19.0421 2596 ============================================================
16:48:19.0468 2584 Detected object count: 0
16:48:19.0468 2584 Actual detected object count: 0
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Tue Jan 31, 2012 8:44 am    Post subject: Reply with quote

Hi Kthomas :


Quote:
I tried to reinstall the AVG 2012 but got an error message. I didn't try to do it again figured I would wait until we have the problems fixed.

Having an antivirus is our first priority. Please use the AVG remover tool to uninstall it and then install an antivirus as soon as possible.

1. AVG Remover
Please download AVG Remover(32bit) and save it to your desktop.
  • Double click on avgremover.exe to start the process.
    A black command window will open... and you will receive a "removal and rebooting" warning prompt...
  • Reply Yes to the "Do you want to continue?" prompt.
    The remover will begin searching for and removing AVG entries...
  • When completed, a text file will appear on your desktop "avgremover.log"...
    Please reboot your computer at this time. (You may receive a prompt to do so...)
  • Please copy and paste the contents of avgremover.log in your next reply.


Please reinstall your antivirus now. Here are some choices if you don't want to use AVG.

  • avast! Free Antivirus - Excellent detection, the freeware version includes email scanning.
  • Microsoft Security Essentials ** - New, from Microsoft, with email scanning, easy to install, easy to use.
    ** Your PC must run genuine Windows to install Microsoft Security Essentials.
  • Antivir PersonalEdition Classic- Superior detection, the "free" version has no email scan.
  • Note: remember to Uncheck any extra software downloads you may be offered (optional)


A good (pay for) Anti-virus program is ESET NOD32 Antivirus - 30 day free trial.


Please update your antivirus and run a full system scan now.


2. OTL fix
Please make sure OTL.exe is on your Desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop
  • Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  • Copy the following text... do not include the quote box title "Quote'
    Quote:
    :OTL
    CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
    CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {0EEDB912-C5FA-486F-8334-57288578C627} - No CLSID value found.
    O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
    O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll File not found
    O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
    O3 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Morpheus Music\RazaWebHook.dll/3000 File not found
    @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1


    :Files
    C:\Program Files\Java\jre6
    C:\Program Files\MyWebSearch
    C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus
    C:\Program Files\iMesh Applications
    C:\Program Files\Morpheus Music
    C:\Program Files\FrostWire
    C:\Program Files\iolo

    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" =-

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\iMesh Applications\iMesh\iMesh.exe" =-
    "C:\Program Files\FrostWire\FrostWire.exe" =-
    "C:\Program Files\iolo\System Mechanic\SysMech.exe" =-


    :Commands
    [EmptyTemp]
    [Emptyjava]
    [EmptyFlash]
    [CreateRestorePoint]

  • Click under the Custom Scan/Fixes box and paste the copied text.
  • Click the Run Fix button. If prompted... click OK.
  • Let the program run unhindered and reboot. You will get a fix log when it is done, please post that in your reply
  • After that, please re-run OTL and create a new OTL report....
  • Click the "Scan All Users" checkbox.
  • Click the "Run Scan button.
  • A report will open, copy and paste it in a reply here.



3. Java SE Runtime Environment (JRE).
Please download from HERE
  • Find Java SE 7u2, (JRE) Java SE 7.
  • Click the Download JRE button to the right.
  • check the box that says Accept License Agreement. Next, click the correct Product / File Description (in your case the jre-7u2-windows-x64.exe).
  • Save the file to your desktop.
  • Close all active windows.
  • Install the program.
  • Note: remember to Uncheck any extra software downloads you may be offered (optional)



4. ESET online scannner
Note: You can use either Internet Explorer or Mozilla FireFox for this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Then click on Run ESET Online Scanner
    Quote:
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on Start.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.



5. Checklist
Please post:

  • avgremover.log
  • OTL fix result
  • OTL.txt only
  • Eset online scanning result
  • An update on your problems

note: These logs can be lengthy, please post in several replies if needed. Please ensure you post COMPLETE log.

Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Wed Feb 01, 2012 1:56 pm    Post subject: New logs Reply with quote

Ok here you go. Oh yea the AVG remover did not work and the Java I needed was for the 32 bit system not the 64bit I found the right one and downloaded it. Anyway here are my new logs.

2012-02-01 01:48:30,468 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 01:48:30,562 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 01:48:30,562 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 01:48:30,578 WARN AvgDir param empty.
2012-02-01 01:48:30,578 WARN AvgDataDir param empty.
2012-02-01 01:48:37,843 INFO AvgRemover runs in attempt number 1
2012-02-01 01:48:37,843 INFO ***** Services *****
2012-02-01 01:48:37,843 INFO Processing service avg8emc
2012-02-01 01:48:37,843 INFO Service avg8emc is not installed
2012-02-01 01:48:37,859 DEBUG Service avg8emc RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avg8emc are not present
2012-02-01 01:48:37,859 INFO Processing service avgfws8
2012-02-01 01:48:37,859 INFO Service avgfws8 is not installed
2012-02-01 01:48:37,859 DEBUG Service avgfws8 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avgfws8 are not present
2012-02-01 01:48:37,859 INFO Processing service avg8wd
2012-02-01 01:48:37,859 INFO Service avg8wd is not installed
2012-02-01 01:48:37,859 DEBUG Service avg8wd RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avg8wd are not present
2012-02-01 01:48:37,859 INFO Processing service AvgWFPx
2012-02-01 01:48:37,859 INFO Service AvgWFPx is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgWFPx RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgWFPx are not present
2012-02-01 01:48:37,859 INFO Processing service AvgWFPa
2012-02-01 01:48:37,859 INFO Service AvgWFPa is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgWFPa RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgWFPa are not present
2012-02-01 01:48:37,859 INFO Processing service AvgMfx86
2012-02-01 01:48:37,859 INFO Service AvgMfx86 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgMfx86 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgMfx86 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgMfx64
2012-02-01 01:48:37,859 INFO Service AvgMfx64 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgMfx64 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgMfx64 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgLdx86
2012-02-01 01:48:37,859 INFO Service AvgLdx86 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgLdx86 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgLdx86 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgLdx64
2012-02-01 01:48:37,859 INFO Service AvgLdx64 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgLdx64 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgLdx64 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgTdiX
2012-02-01 01:48:37,859 INFO Service AvgTdiX is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgTdiX RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgTdiX are not present
2012-02-01 01:48:37,859 INFO Processing service AvgTdiA
2012-02-01 01:48:37,906 INFO Service AvgTdiA is not installed
2012-02-01 01:48:37,968 DEBUG Service AvgTdiA RegCleanup
2012-02-01 01:48:37,968 DEBUG Registry keys for service AvgTdiA are not present
2012-02-01 01:48:37,968 INFO Processing service AvgRkx86
2012-02-01 01:48:38,015 INFO Service AvgRkx86 is not installed
2012-02-01 01:48:38,062 DEBUG Service AvgRkx86 RegCleanup
2012-02-01 01:48:38,062 DEBUG Registry keys for service AvgRkx86 are not present
2012-02-01 01:48:38,062 INFO Processing service AvgRkx64
2012-02-01 01:48:38,125 INFO Service AvgRkx64 is not installed
2012-02-01 01:48:38,171 DEBUG Service AvgRkx64 RegCleanup
2012-02-01 01:48:38,171 DEBUG Registry keys for service AvgRkx64 are not present
2012-02-01 01:48:38,171 INFO Processing service avg9emc
2012-02-01 01:48:38,218 INFO Service avg9emc is not installed
2012-02-01 01:48:38,265 DEBUG Service avg9emc RegCleanup
2012-02-01 01:48:38,265 DEBUG Registry keys for service avg9emc are not present
2012-02-01 01:48:38,265 INFO Processing service avgfws9
2012-02-01 01:48:38,328 INFO Service avgfws9 is not installed
2012-02-01 01:48:38,375 DEBUG Service avgfws9 RegCleanup
2012-02-01 01:48:38,375 DEBUG Registry keys for service avgfws9 are not present
2012-02-01 01:48:38,375 INFO Processing service avg9wd
2012-02-01 01:48:38,421 INFO Service avg9wd is not installed
2012-02-01 01:48:38,468 DEBUG Service avg9wd RegCleanup
2012-02-01 01:48:38,468 DEBUG Registry keys for service avg9wd are not present
2012-02-01 01:48:38,468 INFO Processing service AVGIDSAgent
2012-02-01 01:48:38,531 INFO Service AVGIDSAgent is not installed
2012-02-01 01:48:38,578 DEBUG Service AVGIDSAgent RegCleanup
2012-02-01 01:48:38,578 DEBUG Registry keys for service AVGIDSAgent are not present
2012-02-01 01:48:38,578 INFO Processing service AVGIDSShimxpx
2012-02-01 01:48:38,625 INFO Service AVGIDSShimxpx is not installed
2012-02-01 01:48:38,671 DEBUG Service AVGIDSShimxpx RegCleanup
2012-02-01 01:48:38,671 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-02-01 01:48:38,671 INFO Processing service AVGIDSFilterxpx
2012-02-01 01:48:38,734 INFO Service AVGIDSFilterxpx is not installed
2012-02-01 01:48:38,781 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-02-01 01:48:38,781 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-02-01 01:48:38,781 INFO Processing service AVGIDSDriverxpx
2012-02-01 01:48:38,828 INFO Service AVGIDSDriverxpx is not installed
2012-02-01 01:48:38,875 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-02-01 01:48:38,875 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-02-01 01:48:38,875 INFO Processing service AVGIDSShimvtx
2012-02-01 01:48:38,937 INFO Service AVGIDSShimvtx is not installed
2012-02-01 01:48:38,984 DEBUG Service AVGIDSShimvtx RegCleanup
2012-02-01 01:48:38,984 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-02-01 01:48:38,984 INFO Processing service AVGIDSFiltervtx
2012-02-01 01:48:39,031 INFO Service AVGIDSFiltervtx is not installed
2012-02-01 01:48:39,078 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-02-01 01:48:39,078 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-02-01 01:48:39,078 INFO Processing service AVGIDSDrivervtx
2012-02-01 01:48:39,140 INFO Service AVGIDSDrivervtx is not installed
2012-02-01 01:48:39,187 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-02-01 01:48:39,187 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-02-01 01:48:39,187 INFO Processing service AVGIDSFiltervta
2012-02-01 01:48:39,234 INFO Service AVGIDSFiltervta is not installed
2012-02-01 01:48:39,296 DEBUG Service AVGIDSFiltervta RegCleanup
2012-02-01 01:48:39,296 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-02-01 01:48:39,296 INFO Processing service AVGIDSDrivervta
2012-02-01 01:48:39,343 INFO Service AVGIDSDrivervta is not installed
2012-02-01 01:48:39,390 DEBUG Service AVGIDSDrivervta RegCleanup
2012-02-01 01:48:39,390 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-02-01 01:48:39,390 INFO Processing service AVGIDSShimw7x
2012-02-01 01:48:39,437 INFO Service AVGIDSShimw7x is not installed
2012-02-01 01:48:39,500 DEBUG Service AVGIDSShimw7x RegCleanup
2012-02-01 01:48:39,500 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-02-01 01:48:39,500 INFO Processing service AVGIDSFilterw7x
2012-02-01 01:48:39,546 INFO Service AVGIDSFilterw7x is not installed
2012-02-01 01:48:39,593 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-02-01 01:48:39,593 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-02-01 01:48:39,593 INFO Processing service AVGIDSDriverw7x
2012-02-01 01:48:39,640 INFO Service AVGIDSDriverw7x is not installed
2012-02-01 01:48:39,703 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-02-01 01:48:39,703 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-02-01 01:48:39,703 INFO Processing service AVGIDSFilterw7a
2012-02-01 01:48:39,750 INFO Service AVGIDSFilterw7a is not installed
2012-02-01 01:48:39,796 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-02-01 01:48:39,796 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-02-01 01:48:39,796 INFO Processing service AVGIDSDriverw7a
2012-02-01 01:48:39,843 INFO Service AVGIDSDriverw7a is not installed
2012-02-01 01:48:39,906 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-02-01 01:48:39,906 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-02-01 01:48:39,906 INFO Processing service AVGIDSErHrxpx
2012-02-01 01:48:39,953 INFO Service AVGIDSErHrxpx is not installed
2012-02-01 01:48:40,000 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-02-01 01:48:40,000 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-02-01 01:48:40,000 INFO Processing service AVGIDSErHrvtx
2012-02-01 01:48:40,062 INFO Service AVGIDSErHrvtx is not installed
2012-02-01 01:48:40,109 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-02-01 01:48:40,109 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-02-01 01:48:40,109 INFO Processing service AVGIDSErHrvta
2012-02-01 01:48:40,156 INFO Service AVGIDSErHrvta is not installed
2012-02-01 01:48:40,203 DEBUG Service AVGIDSErHrvta RegCleanup
2012-02-01 01:48:40,203 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-02-01 01:48:40,203 INFO Processing service AVGIDSErHrw7x
2012-02-01 01:48:40,265 INFO Service AVGIDSErHrw7x is not installed
2012-02-01 01:48:40,312 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-02-01 01:48:40,312 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-02-01 01:48:40,312 INFO Processing service AVGIDSErHrw7a
2012-02-01 01:48:40,359 INFO Service AVGIDSErHrw7a is not installed
2012-02-01 01:48:40,406 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-02-01 01:48:40,406 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-02-01 01:48:40,406 INFO ***** Registry keys and values *****
2012-02-01 01:48:40,468 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 01:48:40,562 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-02-01 01:48:40,562 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-02-01 01:48:40,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 01:48:40,765 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-02-01 01:48:40,765 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-02-01 01:48:40,859 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-02-01 01:48:40,968 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-02-01 01:48:40,968 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-02-01 01:48:40,968 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-02-01 01:48:41,062 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-02-01 01:48:41,062 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-02-01 01:48:41,062 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-02-01 01:48:41,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-02-01 01:48:41,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-02-01 01:48:41,171 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 01:48:41,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 01:48:41,265 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 01:48:41,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 01:48:41,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 01:48:41,375 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-02-01 01:48:41,468 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-02-01 01:48:41,468 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-02-01 01:48:41,468 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:41,578 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:41,578 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:41,578 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-02-01 01:48:41,671 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 01:48:41,671 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 01:48:41,781 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:41,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:41,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:41,875 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 01:48:41,968 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-02-01 01:48:41,968 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 01:48:42,078 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-02-01 01:48:42,078 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-02-01 01:48:42,171 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-02-01 01:48:42,281 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-02-01 01:48:42,281 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-02-01 01:48:42,281 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-02-01 01:48:42,281 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,375 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,390 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,484 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,578 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,578 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,781 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,781 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,890 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,984 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,984 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:43,093 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 01:48:43,187 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2012-02-01 01:48:43,187 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2012-02-01 01:48:43,281 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 01:48:43,390 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2012-02-01 01:48:43,390 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2012-02-01 01:48:43,484 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2012-02-01 01:48:43,593 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2012-02-01 01:48:43,593 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2012-02-01 01:48:43,593 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2012-02-01 01:48:43,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2012-02-01 01:48:43,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2012-02-01 01:48:43,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2012-02-01 01:48:43,796 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2012-02-01 01:48:43,796 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2012-02-01 01:48:43,796 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:43,937 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:43,937 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:43,937 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 01:48:44,046 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 01:48:44,046 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 01:48:44,046 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 01:48:44,140 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 01:48:44,140 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 01:48:44,140 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 01:48:44,203 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 01:48:44,203 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 01:48:44,203 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 01:48:44,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 01:48:44,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 01:48:44,250 INFO Processing registry SOFTWARE\Classes\.avgdi
2012-02-01 01:48:44,296 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2012-02-01 01:48:44,296 DEBUG Key SOFTWARE\Classes\.avgdi not found
2012-02-01 01:48:44,296 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,390 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,406 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,406 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,500 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,500 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,500 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,593 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,593 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,593 INFO Processing registry SOFTWARE\AVG\Clients
2012-02-01 01:48:44,656 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2012-02-01 01:48:44,656 DEBUG Key SOFTWARE\AVG\Clients not found
2012-02-01 01:48:44,656 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 01:48:44,703 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 01:48:44,703 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 01:48:44,703 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 01:48:44,750 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 01:48:44,750 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 01:48:44,750 INFO Processing registry SOFTWARE\AVG\AVG IDS
2012-02-01 01:48:44,796 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2012-02-01 01:48:44,796 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2012-02-01 01:48:44,796 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:44,859 DEBUG Value SOFTWARE\AVG:DumpType Remove
2012-02-01 01:48:44,859 INFO Value SOFTWARE\AVG:DumpType is not present
2012-02-01 01:48:44,906 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:44,953 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 01:48:44,953 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2012-02-01 01:48:45,046 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 01:48:45,109 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 01:48:45,109 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 01:48:45,109 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 01:48:45,156 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 01:48:45,156 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 01:48:45,156 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 01:48:45,203 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 01:48:45,203 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 01:48:45,203 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:45,250 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 01:48:45,250 DEBUG Key SOFTWARE\AVG not found
2012-02-01 01:48:45,250 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 01:48:45,312 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 01:48:45,312 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 01:48:45,312 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2012-02-01 01:48:45,406 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2012-02-01 01:48:45,406 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2012-02-01 01:48:45,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:45,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:45,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:45,609 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2012-02-01 01:48:45,703 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 01:48:45,703 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 01:48:45,812 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:45,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:45,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:45,906 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:46,015 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:46,015 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:46,015 INFO Processing registry aAvgAPI.AvgBro
2012-02-01 01:48:46,062 DEBUG Key aAvgAPI.AvgBro ForceRemove
2012-02-01 01:48:46,062 DEBUG Key aAvgAPI.AvgBro not found
2012-02-01 01:48:46,062 INFO Processing registry AVG.Office
2012-02-01 01:48:46,125 DEBUG Key AVG.Office ForceRemove
2012-02-01 01:48:46,125 DEBUG Key AVG.Office not found
2012-02-01 01:48:46,125 INFO Processing registry AVG.Office.8
2012-02-01 01:48:46,171 DEBUG Key AVG.Office.8 ForceRemove
2012-02-01 01:48:46,171 DEBUG Key AVG.Office.8 not found
2012-02-01 01:48:46,171 INFO Processing registry avgtoolbar.AVGTOOLBAR
2012-02-01 01:48:46,218 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2012-02-01 01:48:46,218 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2012-02-01 01:48:46,218 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2012-02-01 01:48:46,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2012-02-01 01:48:46,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2012-02-01 01:48:46,328 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2012-02-01 01:48:46,421 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2012-02-01 01:48:46,421 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2012-02-01 01:48:46,421 INFO Processing registry LinkScannerIE.NavFilter
2012-02-01 01:48:46,468 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2012-02-01 01:48:46,468 DEBUG Key LinkScannerIE.NavFilter not found
2012-02-01 01:48:46,468 INFO Processing registry LinkScannerIE.NavFilter.1
2012-02-01 01:48:46,515 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2012-02-01 01:48:46,515 DEBUG Key LinkScannerIE.NavFilter.1 not found
2012-02-01 01:48:46,515 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2012-02-01 01:48:46,625 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2012-02-01 01:48:46,625 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2012-02-01 01:48:46,625 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2012-02-01 01:48:46,718 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2012-02-01 01:48:46,718 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2012-02-01 01:48:46,718 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2012-02-01 01:48:46,828 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2012-02-01 01:48:46,828 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2012-02-01 01:48:46,828 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 01:48:46,921 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 01:48:46,921 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 01:48:46,921 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 01:48:47,031 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 01:48:47,031 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 01:48:47,031 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2012-02-01 01:48:47,125 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2012-02-01 01:48:47,125 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2012-02-01 01:48:47,125 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2012-02-01 01:48:47,234 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2012-02-01 01:48:47,234 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2012-02-01 01:48:47,234 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2012-02-01 01:48:47,328 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2012-02-01 01:48:47,328 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2012-02-01 01:48:47,328 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2012-02-01 01:48:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2012-02-01 01:48:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2012-02-01 01:48:47,437 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2012-02-01 01:48:47,531 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2012-02-01 01:48:47,531 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2012-02-01 01:48:47,531 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:47,625 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:47,640 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:47,640 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:47,734 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:47,734 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:47,734 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2012-02-01 01:48:47,843 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2012-02-01 01:48:47,843 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2012-02-01 01:48:47,843 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2012-02-01 01:48:47,937 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2012-02-01 01:48:47,937 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2012-02-01 01:48:47,937 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2012-02-01 01:48:48,046 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2012-02-01 01:48:48,046 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2012-02-01 01:48:48,046 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2012-02-01 01:48:48,140 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2012-02-01 01:48:48,156 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2012-02-01 01:48:48,156 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2012-02-01 01:48:48,250 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2012-02-01 01:48:48,250 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2012-02-01 01:48:48,250 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2012-02-01 01:48:48,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2012-02-01 01:48:48,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2012-02-01 01:48:48,375 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:48,468 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:48,468 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:48,468 INFO ***** Files and folders *****
2012-02-01 01:48:48,531 DEBUG Missing ParentDir path for fileItem number 0
2012-02-01 01:48:48,531 DEBUG Missing ParentDir path for fileItem number 1
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 2
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 3
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 4
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 5
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 6
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 7
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 8
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 9
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 10
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 11
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 12
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 13
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 14
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 15
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 16
2012-02-01 01:48:48,546 DEBUG Processing item C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR
2012-02-01 01:48:48,546 INFO Directory C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR not found
2012-02-01 01:48:48,656 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:48,656 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0
2012-02-01 01:48:48,656 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0 not found
2012-02-01 01:48:48,750 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0
2012-02-01 01:48:48,750 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0 not found
2012-02-01 01:48:48,859 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5
2012-02-01 01:48:48,859 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5 not found
2012-02-01 01:48:48,953 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5
2012-02-01 01:48:48,953 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5 not found
2012-02-01 01:48:49,062 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk
2012-02-01 01:48:49,062 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk not found
2012-02-01 01:48:49,156 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk
2012-02-01 01:48:49,156 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk not found
2012-02-01 01:48:49,265 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk
2012-02-01 01:48:49,265 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk not found
2012-02-01 01:48:49,359 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk
2012-02-01 01:48:49,359 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk not found
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 27
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 28
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 29
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 30
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 31
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 32
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 33
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 34
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 35
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 36
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 37
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 38
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 39
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 40
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 41
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 42
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 43
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 44
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 45
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 46
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 47
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 48
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 49
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 50
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 51
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 52
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 53
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 54
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 55
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 56
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 57
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 58
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 59
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 60
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 61
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 62
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 63
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 64
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 65
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 66
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 67
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 68
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 69
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 70
2012-02-01 01:48:49,468 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2012-02-01 01:48:49,468 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2012-02-01 01:48:49,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-02-01 01:48:49,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2012-02-01 01:48:49,671 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,671 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk
2012-02-01 01:48:49,671 INFO File C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk not found
2012-02-01 01:48:49,781 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk
2012-02-01 01:48:49,781 INFO File C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk not found
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 76
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 77
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 78
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 79
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 80
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 81
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 82
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 83
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 84
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 85
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 86
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 87
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 88
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 89
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 90
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 91
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 92
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 93
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 94
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 95
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 96
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 97
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 98
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 99
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 100
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 101
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 102
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 103
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 104
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 105
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 106
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 107
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 108
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 109
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 110
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 111
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 112
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 113
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 114
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 115
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 116
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 117
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 118
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 119
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 120
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 121
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 122
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 123
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 124
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 125
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 126
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 127
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 128
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 129
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 130
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 131
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 132
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 133
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 134
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 135
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 136
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 137
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 138
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 139
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 140
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 141
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 142
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 143
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 144
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 145
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 146
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 147
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 148
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 149
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 150
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 151
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 152
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 153
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 154
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 155
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 156
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 157
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 158
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 159
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 160
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 161
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 162
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 163
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 164
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 165
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 166
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 167
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 168
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 169
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 170
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 171
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 172
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 173
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 174
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 175
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 176
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 177
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 178
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 179
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 180
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 181
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 182
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 183
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 184
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 185
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2012-02-01 01:48:49,968 INFO File C:\WINDOWS\System32\Drivers\avg\compat12.txt deleted
2012-02-01 01:48:50,093 INFO File C:\WINDOWS\System32\Drivers\avg\iavichjg.avm deleted
2012-02-01 01:48:50,187 INFO File C:\WINDOWS\System32\Drivers\avg\iavichjw.avm deleted
2012-02-01 01:48:50,296 INFO File C:\WINDOWS\System32\Drivers\avg\iavifw.avm deleted
2012-02-01 01:48:50,453 INFO File C:\WINDOWS\System32\Drivers\avg\incavi.avm deleted
2012-02-01 01:48:50,640 INFO Directory C:\WINDOWS\System32\Drivers\avg deleted
2012-02-01 01:48:50,687 DEBUG Processing item C:\WINDOWS\System32
2012-02-01 01:48:50,687 DEBUG Processing item C:\Program Files\AVG
2012-02-01 01:48:50,703 DEBUG Directory C:\Program Files\AVG not deleted (error c0070091)
2012-02-01 01:48:50,703 DEBUG Missing ParentDir path for fileItem number 194
2012-02-01 01:48:50,703 INFO ***** Avg Fw NDIS driver *****
2012-02-01 01:48:51,671 INFO FW NDIS driver not present
2012-02-01 02:11:57,078 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 02:11:57,125 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 02:11:57,125 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 02:11:57,125 WARN AvgDir param empty.
2012-02-01 02:11:57,125 WARN AvgDataDir param empty.
2012-02-01 02:12:01,000 INFO AvgRemover runs in attempt number 1
2012-02-01 02:12:01,000 INFO ***** Services *****
2012-02-01 02:12:01,031 INFO Processing service avg8emc
2012-02-01 02:12:01,046 INFO Service avg8emc is not installed
2012-02-01 02:12:01,046 DEBUG Service avg8emc RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avg8emc are not present
2012-02-01 02:12:01,046 INFO Processing service avgfws8
2012-02-01 02:12:01,046 INFO Service avgfws8 is not installed
2012-02-01 02:12:01,046 DEBUG Service avgfws8 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avgfws8 are not present
2012-02-01 02:12:01,046 INFO Processing service avg8wd
2012-02-01 02:12:01,046 INFO Service avg8wd is not installed
2012-02-01 02:12:01,046 DEBUG Service avg8wd RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avg8wd are not present
2012-02-01 02:12:01,046 INFO Processing service AvgWFPx
2012-02-01 02:12:01,046 INFO Service AvgWFPx is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgWFPx RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgWFPx are not present
2012-02-01 02:12:01,046 INFO Processing service AvgWFPa
2012-02-01 02:12:01,046 INFO Service AvgWFPa is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgWFPa RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgWFPa are not present
2012-02-01 02:12:01,046 INFO Processing service AvgMfx86
2012-02-01 02:12:01,046 INFO Service AvgMfx86 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgMfx86 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgMfx86 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgMfx64
2012-02-01 02:12:01,046 INFO Service AvgMfx64 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgMfx64 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgMfx64 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgLdx86
2012-02-01 02:12:01,046 INFO Service AvgLdx86 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgLdx86 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgLdx86 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgLdx64
2012-02-01 02:12:01,046 INFO Service AvgLdx64 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgLdx64 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgLdx64 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgTdiX
2012-02-01 02:12:01,046 INFO Service AvgTdiX is not installed
2012-02-01 02:12:01,062 DEBUG Service AvgTdiX RegCleanup
2012-02-01 02:12:01,062 DEBUG Registry keys for service AvgTdiX are not present
2012-02-01 02:12:01,062 INFO Processing service AvgTdiA
2012-02-01 02:12:01,109 INFO Service AvgTdiA is not installed
2012-02-01 02:12:01,156 DEBUG Service AvgTdiA RegCleanup
2012-02-01 02:12:01,156 DEBUG Registry keys for service AvgTdiA are not present
2012-02-01 02:12:01,156 INFO Processing service AvgRkx86
2012-02-01 02:12:01,203 INFO Service AvgRkx86 is not installed
2012-02-01 02:12:01,265 DEBUG Service AvgRkx86 RegCleanup
2012-02-01 02:12:01,265 DEBUG Registry keys for service AvgRkx86 are not present
2012-02-01 02:12:01,265 INFO Processing service AvgRkx64
2012-02-01 02:12:01,312 INFO Service AvgRkx64 is not installed
2012-02-01 02:12:01,359 DEBUG Service AvgRkx64 RegCleanup
2012-02-01 02:12:01,359 DEBUG Registry keys for service AvgRkx64 are not present
2012-02-01 02:12:01,359 INFO Processing service avg9emc
2012-02-01 02:12:01,406 INFO Service avg9emc is not installed
2012-02-01 02:12:01,468 DEBUG Service avg9emc RegCleanup
2012-02-01 02:12:01,468 DEBUG Registry keys for service avg9emc are not present
2012-02-01 02:12:01,468 INFO Processing service avgfws9
2012-02-01 02:12:01,515 INFO Service avgfws9 is not installed
2012-02-01 02:12:01,562 DEBUG Service avgfws9 RegCleanup
2012-02-01 02:12:01,562 DEBUG Registry keys for service avgfws9 are not present
2012-02-01 02:12:01,562 INFO Processing service avg9wd
2012-02-01 02:12:01,609 INFO Service avg9wd is not installed
2012-02-01 02:12:01,671 DEBUG Service avg9wd RegCleanup
2012-02-01 02:12:01,671 DEBUG Registry keys for service avg9wd are not present
2012-02-01 02:12:01,671 INFO Processing service AVGIDSAgent
2012-02-01 02:12:01,718 INFO Service AVGIDSAgent is not installed
2012-02-01 02:12:01,765 DEBUG Service AVGIDSAgent RegCleanup
2012-02-01 02:12:01,765 DEBUG Registry keys for service AVGIDSAgent are not present
2012-02-01 02:12:01,765 INFO Processing service AVGIDSShimxpx
2012-02-01 02:12:01,812 INFO Service AVGIDSShimxpx is not installed
2012-02-01 02:12:01,875 DEBUG Service AVGIDSShimxpx RegCleanup
2012-02-01 02:12:01,875 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-02-01 02:12:01,875 INFO Processing service AVGIDSFilterxpx
2012-02-01 02:12:01,921 INFO Service AVGIDSFilterxpx is not installed
2012-02-01 02:12:01,968 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-02-01 02:12:01,984 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-02-01 02:12:01,984 INFO Processing service AVGIDSDriverxpx
2012-02-01 02:12:02,031 INFO Service AVGIDSDriverxpx is not installed
2012-02-01 02:12:02,093 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-02-01 02:12:02,093 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-02-01 02:12:02,093 INFO Processing service AVGIDSShimvtx
2012-02-01 02:12:02,171 INFO Service AVGIDSShimvtx is not installed
2012-02-01 02:12:02,218 DEBUG Service AVGIDSShimvtx RegCleanup
2012-02-01 02:12:02,218 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-02-01 02:12:02,234 INFO Processing service AVGIDSFiltervtx
2012-02-01 02:12:02,281 INFO Service AVGIDSFiltervtx is not installed
2012-02-01 02:12:02,328 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-02-01 02:12:02,328 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-02-01 02:12:02,328 INFO Processing service AVGIDSDrivervtx
2012-02-01 02:12:02,390 INFO Service AVGIDSDrivervtx is not installed
2012-02-01 02:12:02,437 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-02-01 02:12:02,437 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-02-01 02:12:02,437 INFO Processing service AVGIDSFiltervta
2012-02-01 02:12:02,484 INFO Service AVGIDSFiltervta is not installed
2012-02-01 02:12:02,546 DEBUG Service AVGIDSFiltervta RegCleanup
2012-02-01 02:12:02,546 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-02-01 02:12:02,546 INFO Processing service AVGIDSDrivervta
2012-02-01 02:12:02,609 INFO Service AVGIDSDrivervta is not installed
2012-02-01 02:12:02,656 DEBUG Service AVGIDSDrivervta RegCleanup
2012-02-01 02:12:02,656 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-02-01 02:12:02,656 INFO Processing service AVGIDSShimw7x
2012-02-01 02:12:02,703 INFO Service AVGIDSShimw7x is not installed
2012-02-01 02:12:02,765 DEBUG Service AVGIDSShimw7x RegCleanup
2012-02-01 02:12:02,765 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-02-01 02:12:02,765 INFO Processing service AVGIDSFilterw7x
2012-02-01 02:12:02,828 INFO Service AVGIDSFilterw7x is not installed
2012-02-01 02:12:02,875 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-02-01 02:12:02,875 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-02-01 02:12:02,875 INFO Processing service AVGIDSDriverw7x
2012-02-01 02:12:02,921 INFO Service AVGIDSDriverw7x is not installed
2012-02-01 02:12:02,968 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-02-01 02:12:02,968 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-02-01 02:12:02,968 INFO Processing service AVGIDSFilterw7a
2012-02-01 02:12:03,031 INFO Service AVGIDSFilterw7a is not installed
2012-02-01 02:12:03,078 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-02-01 02:12:03,078 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-02-01 02:12:03,078 INFO Processing service AVGIDSDriverw7a
2012-02-01 02:12:03,125 INFO Service AVGIDSDriverw7a is not installed
2012-02-01 02:12:03,171 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-02-01 02:12:03,171 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-02-01 02:12:03,187 INFO Processing service AVGIDSErHrxpx
2012-02-01 02:12:03,234 INFO Service AVGIDSErHrxpx is not installed
2012-02-01 02:12:03,281 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-02-01 02:12:03,281 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-02-01 02:12:03,281 INFO Processing service AVGIDSErHrvtx
2012-02-01 02:12:03,328 INFO Service AVGIDSErHrvtx is not installed
2012-02-01 02:12:03,375 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-02-01 02:12:03,375 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-02-01 02:12:03,375 INFO Processing service AVGIDSErHrvta
2012-02-01 02:12:03,437 INFO Service AVGIDSErHrvta is not installed
2012-02-01 02:12:03,484 DEBUG Service AVGIDSErHrvta RegCleanup
2012-02-01 02:12:03,484 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-02-01 02:12:03,484 INFO Processing service AVGIDSErHrw7x
2012-02-01 02:12:03,531 INFO Service AVGIDSErHrw7x is not installed
2012-02-01 02:12:03,578 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-02-01 02:12:03,578 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-02-01 02:12:03,578 INFO Processing service AVGIDSErHrw7a
2012-02-01 02:12:03,640 INFO Service AVGIDSErHrw7a is not installed
2012-02-01 02:12:03,687 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-02-01 02:12:03,687 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-02-01 02:12:03,687 INFO ***** Registry keys and values *****
2012-02-01 02:12:03,734 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 02:12:03,843 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-02-01 02:12:03,875 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-02-01 02:12:03,968 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 02:12:04,078 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-02-01 02:12:04,078 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-02-01 02:12:04,171 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-02-01 02:12:04,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-02-01 02:12:04,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-02-01 02:12:04,265 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-02-01 02:12:04,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-02-01 02:12:04,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-02-01 02:12:04,375 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-02-01 02:12:04,468 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-02-01 02:12:04,468 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-02-01 02:12:04,468 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 02:12:04,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 02:12:04,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 02:12:04,671 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 02:12:04,671 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 02:12:04,671 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-02-01 02:12:04,781 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-02-01 02:12:04,781 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-02-01 02:12:04,781 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 02:12:04,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 02:12:04,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 02:12:04,875 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-02-01 02:12:04,984 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 02:12:04,984 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 02:12:05,078 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 02:12:05,187 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 02:12:05,187 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 02:12:05,187 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 02:12:05,281 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-02-01 02:12:05,281 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2012-02-01 02:12:05,375 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 02:12:05,484 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-02-01 02:12:05,484 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-02-01 02:12:05,578 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-02-01 02:12:05,687 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-02-01 02:12:05,687 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-02-01 02:12:05,687 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-02-
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Wed Feb 01, 2012 2:01 pm    Post subject: hmm didn't all post Reply with quote

AVG remover log
2012-02-01 01:48:30,468 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 01:48:30,562 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 01:48:30,562 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 01:48:30,578 WARN AvgDir param empty.
2012-02-01 01:48:30,578 WARN AvgDataDir param empty.
2012-02-01 01:48:37,843 INFO AvgRemover runs in attempt number 1
2012-02-01 01:48:37,843 INFO ***** Services *****
2012-02-01 01:48:37,843 INFO Processing service avg8emc
2012-02-01 01:48:37,843 INFO Service avg8emc is not installed
2012-02-01 01:48:37,859 DEBUG Service avg8emc RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avg8emc are not present
2012-02-01 01:48:37,859 INFO Processing service avgfws8
2012-02-01 01:48:37,859 INFO Service avgfws8 is not installed
2012-02-01 01:48:37,859 DEBUG Service avgfws8 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avgfws8 are not present
2012-02-01 01:48:37,859 INFO Processing service avg8wd
2012-02-01 01:48:37,859 INFO Service avg8wd is not installed
2012-02-01 01:48:37,859 DEBUG Service avg8wd RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service avg8wd are not present
2012-02-01 01:48:37,859 INFO Processing service AvgWFPx
2012-02-01 01:48:37,859 INFO Service AvgWFPx is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgWFPx RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgWFPx are not present
2012-02-01 01:48:37,859 INFO Processing service AvgWFPa
2012-02-01 01:48:37,859 INFO Service AvgWFPa is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgWFPa RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgWFPa are not present
2012-02-01 01:48:37,859 INFO Processing service AvgMfx86
2012-02-01 01:48:37,859 INFO Service AvgMfx86 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgMfx86 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgMfx86 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgMfx64
2012-02-01 01:48:37,859 INFO Service AvgMfx64 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgMfx64 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgMfx64 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgLdx86
2012-02-01 01:48:37,859 INFO Service AvgLdx86 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgLdx86 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgLdx86 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgLdx64
2012-02-01 01:48:37,859 INFO Service AvgLdx64 is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgLdx64 RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgLdx64 are not present
2012-02-01 01:48:37,859 INFO Processing service AvgTdiX
2012-02-01 01:48:37,859 INFO Service AvgTdiX is not installed
2012-02-01 01:48:37,859 DEBUG Service AvgTdiX RegCleanup
2012-02-01 01:48:37,859 DEBUG Registry keys for service AvgTdiX are not present
2012-02-01 01:48:37,859 INFO Processing service AvgTdiA
2012-02-01 01:48:37,906 INFO Service AvgTdiA is not installed
2012-02-01 01:48:37,968 DEBUG Service AvgTdiA RegCleanup
2012-02-01 01:48:37,968 DEBUG Registry keys for service AvgTdiA are not present
2012-02-01 01:48:37,968 INFO Processing service AvgRkx86
2012-02-01 01:48:38,015 INFO Service AvgRkx86 is not installed
2012-02-01 01:48:38,062 DEBUG Service AvgRkx86 RegCleanup
2012-02-01 01:48:38,062 DEBUG Registry keys for service AvgRkx86 are not present
2012-02-01 01:48:38,062 INFO Processing service AvgRkx64
2012-02-01 01:48:38,125 INFO Service AvgRkx64 is not installed
2012-02-01 01:48:38,171 DEBUG Service AvgRkx64 RegCleanup
2012-02-01 01:48:38,171 DEBUG Registry keys for service AvgRkx64 are not present
2012-02-01 01:48:38,171 INFO Processing service avg9emc
2012-02-01 01:48:38,218 INFO Service avg9emc is not installed
2012-02-01 01:48:38,265 DEBUG Service avg9emc RegCleanup
2012-02-01 01:48:38,265 DEBUG Registry keys for service avg9emc are not present
2012-02-01 01:48:38,265 INFO Processing service avgfws9
2012-02-01 01:48:38,328 INFO Service avgfws9 is not installed
2012-02-01 01:48:38,375 DEBUG Service avgfws9 RegCleanup
2012-02-01 01:48:38,375 DEBUG Registry keys for service avgfws9 are not present
2012-02-01 01:48:38,375 INFO Processing service avg9wd
2012-02-01 01:48:38,421 INFO Service avg9wd is not installed
2012-02-01 01:48:38,468 DEBUG Service avg9wd RegCleanup
2012-02-01 01:48:38,468 DEBUG Registry keys for service avg9wd are not present
2012-02-01 01:48:38,468 INFO Processing service AVGIDSAgent
2012-02-01 01:48:38,531 INFO Service AVGIDSAgent is not installed
2012-02-01 01:48:38,578 DEBUG Service AVGIDSAgent RegCleanup
2012-02-01 01:48:38,578 DEBUG Registry keys for service AVGIDSAgent are not present
2012-02-01 01:48:38,578 INFO Processing service AVGIDSShimxpx
2012-02-01 01:48:38,625 INFO Service AVGIDSShimxpx is not installed
2012-02-01 01:48:38,671 DEBUG Service AVGIDSShimxpx RegCleanup
2012-02-01 01:48:38,671 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-02-01 01:48:38,671 INFO Processing service AVGIDSFilterxpx
2012-02-01 01:48:38,734 INFO Service AVGIDSFilterxpx is not installed
2012-02-01 01:48:38,781 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-02-01 01:48:38,781 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-02-01 01:48:38,781 INFO Processing service AVGIDSDriverxpx
2012-02-01 01:48:38,828 INFO Service AVGIDSDriverxpx is not installed
2012-02-01 01:48:38,875 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-02-01 01:48:38,875 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-02-01 01:48:38,875 INFO Processing service AVGIDSShimvtx
2012-02-01 01:48:38,937 INFO Service AVGIDSShimvtx is not installed
2012-02-01 01:48:38,984 DEBUG Service AVGIDSShimvtx RegCleanup
2012-02-01 01:48:38,984 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-02-01 01:48:38,984 INFO Processing service AVGIDSFiltervtx
2012-02-01 01:48:39,031 INFO Service AVGIDSFiltervtx is not installed
2012-02-01 01:48:39,078 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-02-01 01:48:39,078 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-02-01 01:48:39,078 INFO Processing service AVGIDSDrivervtx
2012-02-01 01:48:39,140 INFO Service AVGIDSDrivervtx is not installed
2012-02-01 01:48:39,187 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-02-01 01:48:39,187 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-02-01 01:48:39,187 INFO Processing service AVGIDSFiltervta
2012-02-01 01:48:39,234 INFO Service AVGIDSFiltervta is not installed
2012-02-01 01:48:39,296 DEBUG Service AVGIDSFiltervta RegCleanup
2012-02-01 01:48:39,296 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-02-01 01:48:39,296 INFO Processing service AVGIDSDrivervta
2012-02-01 01:48:39,343 INFO Service AVGIDSDrivervta is not installed
2012-02-01 01:48:39,390 DEBUG Service AVGIDSDrivervta RegCleanup
2012-02-01 01:48:39,390 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-02-01 01:48:39,390 INFO Processing service AVGIDSShimw7x
2012-02-01 01:48:39,437 INFO Service AVGIDSShimw7x is not installed
2012-02-01 01:48:39,500 DEBUG Service AVGIDSShimw7x RegCleanup
2012-02-01 01:48:39,500 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-02-01 01:48:39,500 INFO Processing service AVGIDSFilterw7x
2012-02-01 01:48:39,546 INFO Service AVGIDSFilterw7x is not installed
2012-02-01 01:48:39,593 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-02-01 01:48:39,593 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-02-01 01:48:39,593 INFO Processing service AVGIDSDriverw7x
2012-02-01 01:48:39,640 INFO Service AVGIDSDriverw7x is not installed
2012-02-01 01:48:39,703 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-02-01 01:48:39,703 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-02-01 01:48:39,703 INFO Processing service AVGIDSFilterw7a
2012-02-01 01:48:39,750 INFO Service AVGIDSFilterw7a is not installed
2012-02-01 01:48:39,796 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-02-01 01:48:39,796 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-02-01 01:48:39,796 INFO Processing service AVGIDSDriverw7a
2012-02-01 01:48:39,843 INFO Service AVGIDSDriverw7a is not installed
2012-02-01 01:48:39,906 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-02-01 01:48:39,906 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-02-01 01:48:39,906 INFO Processing service AVGIDSErHrxpx
2012-02-01 01:48:39,953 INFO Service AVGIDSErHrxpx is not installed
2012-02-01 01:48:40,000 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-02-01 01:48:40,000 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-02-01 01:48:40,000 INFO Processing service AVGIDSErHrvtx
2012-02-01 01:48:40,062 INFO Service AVGIDSErHrvtx is not installed
2012-02-01 01:48:40,109 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-02-01 01:48:40,109 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-02-01 01:48:40,109 INFO Processing service AVGIDSErHrvta
2012-02-01 01:48:40,156 INFO Service AVGIDSErHrvta is not installed
2012-02-01 01:48:40,203 DEBUG Service AVGIDSErHrvta RegCleanup
2012-02-01 01:48:40,203 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-02-01 01:48:40,203 INFO Processing service AVGIDSErHrw7x
2012-02-01 01:48:40,265 INFO Service AVGIDSErHrw7x is not installed
2012-02-01 01:48:40,312 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-02-01 01:48:40,312 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-02-01 01:48:40,312 INFO Processing service AVGIDSErHrw7a
2012-02-01 01:48:40,359 INFO Service AVGIDSErHrw7a is not installed
2012-02-01 01:48:40,406 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-02-01 01:48:40,406 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-02-01 01:48:40,406 INFO ***** Registry keys and values *****
2012-02-01 01:48:40,468 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 01:48:40,562 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-02-01 01:48:40,562 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-02-01 01:48:40,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 01:48:40,765 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-02-01 01:48:40,765 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-02-01 01:48:40,859 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-02-01 01:48:40,968 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-02-01 01:48:40,968 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-02-01 01:48:40,968 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-02-01 01:48:41,062 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-02-01 01:48:41,062 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-02-01 01:48:41,062 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-02-01 01:48:41,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-02-01 01:48:41,171 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-02-01 01:48:41,171 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 01:48:41,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 01:48:41,265 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 01:48:41,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 01:48:41,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 01:48:41,375 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-02-01 01:48:41,468 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-02-01 01:48:41,468 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-02-01 01:48:41,468 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:41,578 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:41,578 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:41,578 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-02-01 01:48:41,671 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 01:48:41,671 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 01:48:41,781 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:41,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:41,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:41,875 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 01:48:41,968 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-02-01 01:48:41,968 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 01:48:42,078 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-02-01 01:48:42,078 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-02-01 01:48:42,171 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-02-01 01:48:42,281 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-02-01 01:48:42,281 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-02-01 01:48:42,281 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-02-01 01:48:42,281 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,375 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,390 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,484 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,578 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,578 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,781 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,781 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:42,890 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 01:48:42,984 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 01:48:42,984 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 01:48:43,093 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 01:48:43,187 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2012-02-01 01:48:43,187 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2012-02-01 01:48:43,281 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 01:48:43,390 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2012-02-01 01:48:43,390 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2012-02-01 01:48:43,484 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2012-02-01 01:48:43,593 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2012-02-01 01:48:43,593 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2012-02-01 01:48:43,593 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2012-02-01 01:48:43,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2012-02-01 01:48:43,687 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2012-02-01 01:48:43,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2012-02-01 01:48:43,796 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2012-02-01 01:48:43,796 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2012-02-01 01:48:43,796 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:43,937 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:43,937 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:43,937 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 01:48:44,046 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 01:48:44,046 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 01:48:44,046 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 01:48:44,140 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 01:48:44,140 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 01:48:44,140 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 01:48:44,203 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 01:48:44,203 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 01:48:44,203 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 01:48:44,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 01:48:44,250 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 01:48:44,250 INFO Processing registry SOFTWARE\Classes\.avgdi
2012-02-01 01:48:44,296 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2012-02-01 01:48:44,296 DEBUG Key SOFTWARE\Classes\.avgdi not found
2012-02-01 01:48:44,296 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,390 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,406 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,406 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,500 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,500 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,500 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 01:48:44,593 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 01:48:44,593 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 01:48:44,593 INFO Processing registry SOFTWARE\AVG\Clients
2012-02-01 01:48:44,656 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2012-02-01 01:48:44,656 DEBUG Key SOFTWARE\AVG\Clients not found
2012-02-01 01:48:44,656 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 01:48:44,703 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 01:48:44,703 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 01:48:44,703 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 01:48:44,750 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 01:48:44,750 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 01:48:44,750 INFO Processing registry SOFTWARE\AVG\AVG IDS
2012-02-01 01:48:44,796 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2012-02-01 01:48:44,796 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2012-02-01 01:48:44,796 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:44,859 DEBUG Value SOFTWARE\AVG:DumpType Remove
2012-02-01 01:48:44,859 INFO Value SOFTWARE\AVG:DumpType is not present
2012-02-01 01:48:44,906 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:44,953 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 01:48:44,953 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2012-02-01 01:48:45,046 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 01:48:45,109 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 01:48:45,109 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 01:48:45,109 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 01:48:45,156 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 01:48:45,156 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 01:48:45,156 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 01:48:45,203 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 01:48:45,203 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 01:48:45,203 INFO Processing registry SOFTWARE\AVG
2012-02-01 01:48:45,250 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 01:48:45,250 DEBUG Key SOFTWARE\AVG not found
2012-02-01 01:48:45,250 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 01:48:45,312 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 01:48:45,312 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 01:48:45,312 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2012-02-01 01:48:45,406 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2012-02-01 01:48:45,406 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2012-02-01 01:48:45,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:45,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:45,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:45,609 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2012-02-01 01:48:45,703 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 01:48:45,703 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 01:48:45,812 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:45,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:45,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:45,906 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:46,015 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:46,015 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:46,015 INFO Processing registry aAvgAPI.AvgBro
2012-02-01 01:48:46,062 DEBUG Key aAvgAPI.AvgBro ForceRemove
2012-02-01 01:48:46,062 DEBUG Key aAvgAPI.AvgBro not found
2012-02-01 01:48:46,062 INFO Processing registry AVG.Office
2012-02-01 01:48:46,125 DEBUG Key AVG.Office ForceRemove
2012-02-01 01:48:46,125 DEBUG Key AVG.Office not found
2012-02-01 01:48:46,125 INFO Processing registry AVG.Office.8
2012-02-01 01:48:46,171 DEBUG Key AVG.Office.8 ForceRemove
2012-02-01 01:48:46,171 DEBUG Key AVG.Office.8 not found
2012-02-01 01:48:46,171 INFO Processing registry avgtoolbar.AVGTOOLBAR
2012-02-01 01:48:46,218 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2012-02-01 01:48:46,218 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2012-02-01 01:48:46,218 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2012-02-01 01:48:46,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2012-02-01 01:48:46,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2012-02-01 01:48:46,328 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2012-02-01 01:48:46,421 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2012-02-01 01:48:46,421 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2012-02-01 01:48:46,421 INFO Processing registry LinkScannerIE.NavFilter
2012-02-01 01:48:46,468 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2012-02-01 01:48:46,468 DEBUG Key LinkScannerIE.NavFilter not found
2012-02-01 01:48:46,468 INFO Processing registry LinkScannerIE.NavFilter.1
2012-02-01 01:48:46,515 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2012-02-01 01:48:46,515 DEBUG Key LinkScannerIE.NavFilter.1 not found
2012-02-01 01:48:46,515 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2012-02-01 01:48:46,625 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2012-02-01 01:48:46,625 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2012-02-01 01:48:46,625 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2012-02-01 01:48:46,718 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2012-02-01 01:48:46,718 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2012-02-01 01:48:46,718 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2012-02-01 01:48:46,828 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2012-02-01 01:48:46,828 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2012-02-01 01:48:46,828 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 01:48:46,921 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 01:48:46,921 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 01:48:46,921 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 01:48:47,031 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 01:48:47,031 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 01:48:47,031 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2012-02-01 01:48:47,125 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2012-02-01 01:48:47,125 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2012-02-01 01:48:47,125 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2012-02-01 01:48:47,234 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2012-02-01 01:48:47,234 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2012-02-01 01:48:47,234 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2012-02-01 01:48:47,328 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2012-02-01 01:48:47,328 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2012-02-01 01:48:47,328 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2012-02-01 01:48:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2012-02-01 01:48:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2012-02-01 01:48:47,437 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2012-02-01 01:48:47,531 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2012-02-01 01:48:47,531 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2012-02-01 01:48:47,531 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 01:48:47,625 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 01:48:47,640 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 01:48:47,640 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:47,734 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:47,734 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:47,734 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2012-02-01 01:48:47,843 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2012-02-01 01:48:47,843 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2012-02-01 01:48:47,843 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2012-02-01 01:48:47,937 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2012-02-01 01:48:47,937 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2012-02-01 01:48:47,937 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2012-02-01 01:48:48,046 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2012-02-01 01:48:48,046 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2012-02-01 01:48:48,046 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2012-02-01 01:48:48,140 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2012-02-01 01:48:48,156 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2012-02-01 01:48:48,156 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2012-02-01 01:48:48,250 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2012-02-01 01:48:48,250 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2012-02-01 01:48:48,250 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2012-02-01 01:48:48,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2012-02-01 01:48:48,375 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2012-02-01 01:48:48,375 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 01:48:48,468 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 01:48:48,468 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 01:48:48,468 INFO ***** Files and folders *****
2012-02-01 01:48:48,531 DEBUG Missing ParentDir path for fileItem number 0
2012-02-01 01:48:48,531 DEBUG Missing ParentDir path for fileItem number 1
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 2
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 3
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 4
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 5
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 6
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 7
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 8
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 9
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 10
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 11
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 12
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 13
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 14
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 15
2012-02-01 01:48:48,546 DEBUG Missing ParentDir path for fileItem number 16
2012-02-01 01:48:48,546 DEBUG Processing item C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR
2012-02-01 01:48:48,546 INFO Directory C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR not found
2012-02-01 01:48:48,656 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:48,656 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0
2012-02-01 01:48:48,656 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0 not found
2012-02-01 01:48:48,750 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0
2012-02-01 01:48:48,750 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0 not found
2012-02-01 01:48:48,859 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5
2012-02-01 01:48:48,859 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5 not found
2012-02-01 01:48:48,953 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5
2012-02-01 01:48:48,953 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5 not found
2012-02-01 01:48:49,062 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk
2012-02-01 01:48:49,062 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk not found
2012-02-01 01:48:49,156 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk
2012-02-01 01:48:49,156 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk not found
2012-02-01 01:48:49,265 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk
2012-02-01 01:48:49,265 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk not found
2012-02-01 01:48:49,359 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk
2012-02-01 01:48:49,359 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk not found
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 27
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 28
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 29
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 30
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 31
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 32
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 33
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 34
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 35
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 36
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 37
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 38
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 39
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 40
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 41
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 42
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 43
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 44
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 45
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 46
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 47
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 48
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 49
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 50
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 51
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 52
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 53
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 54
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 55
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 56
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 57
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 58
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 59
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 60
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 61
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 62
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 63
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 64
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 65
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 66
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 67
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 68
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 69
2012-02-01 01:48:49,468 DEBUG Missing ParentDir path for fileItem number 70
2012-02-01 01:48:49,468 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2012-02-01 01:48:49,468 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2012-02-01 01:48:49,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-02-01 01:48:49,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2012-02-01 01:48:49,671 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,671 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk
2012-02-01 01:48:49,671 INFO File C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk not found
2012-02-01 01:48:49,781 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk
2012-02-01 01:48:49,781 INFO File C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk not found
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 76
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 77
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 78
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 79
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 80
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 81
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 82
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 83
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 84
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 85
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 86
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 87
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 88
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 89
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 90
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 91
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 92
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 93
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 94
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 95
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 96
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 97
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 98
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 99
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 100
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 101
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 102
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 103
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 104
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 105
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 106
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 107
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 108
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 109
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 110
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 111
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 112
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 113
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 114
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 115
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 116
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 117
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 118
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 119
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 120
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 121
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 122
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 123
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 124
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 125
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 126
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 127
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 128
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 129
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 130
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 131
2012-02-01 01:48:49,875 DEBUG Missing ParentDir path for fileItem number 132
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 133
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 134
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 135
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 136
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 137
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 138
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 139
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 140
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 141
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 142
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 143
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 144
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 145
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 146
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 147
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 148
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 149
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 150
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 151
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 152
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 153
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 154
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 155
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 156
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 157
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 158
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 159
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 160
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 161
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 162
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 163
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 164
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 165
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 166
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 167
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 168
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 169
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 170
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 171
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 172
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 173
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 174
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 175
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 176
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 177
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 178
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 179
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 180
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 181
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 182
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 183
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 184
2012-02-01 01:48:49,890 DEBUG Missing ParentDir path for fileItem number 185
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 01:48:49,890 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2012-02-01 01:48:49,968 INFO File C:\WINDOWS\System32\Drivers\avg\compat12.txt deleted
2012-02-01 01:48:50,093 INFO File C:\WINDOWS\System32\Drivers\avg\iavichjg.avm deleted
2012-02-01 01:48:50,187 INFO File C:\WINDOWS\System32\Drivers\avg\iavichjw.avm deleted
2012-02-01 01:48:50,296 INFO File C:\WINDOWS\System32\Drivers\avg\iavifw.avm deleted
2012-02-01 01:48:50,453 INFO File C:\WINDOWS\System32\Drivers\avg\incavi.avm deleted
2012-02-01 01:48:50,640 INFO Directory C:\WINDOWS\System32\Drivers\avg deleted
2012-02-01 01:48:50,687 DEBUG Processing item C:\WINDOWS\System32
2012-02-01 01:48:50,687 DEBUG Processing item C:\Program Files\AVG
2012-02-01 01:48:50,703 DEBUG Directory C:\Program Files\AVG not deleted (error c0070091)
2012-02-01 01:48:50,703 DEBUG Missing ParentDir path for fileItem number 194
2012-02-01 01:48:50,703 INFO ***** Avg Fw NDIS driver *****
2012-02-01 01:48:51,671 INFO FW NDIS driver not present
2012-02-01 02:11:57,078 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 02:11:57,125 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 02:11:57,125 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 02:11:57,125 WARN AvgDir param empty.
2012-02-01 02:11:57,125 WARN AvgDataDir param empty.
2012-02-01 02:12:01,000 INFO AvgRemover runs in attempt number 1
2012-02-01 02:12:01,000 INFO ***** Services *****
2012-02-01 02:12:01,031 INFO Processing service avg8emc
2012-02-01 02:12:01,046 INFO Service avg8emc is not installed
2012-02-01 02:12:01,046 DEBUG Service avg8emc RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avg8emc are not present
2012-02-01 02:12:01,046 INFO Processing service avgfws8
2012-02-01 02:12:01,046 INFO Service avgfws8 is not installed
2012-02-01 02:12:01,046 DEBUG Service avgfws8 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avgfws8 are not present
2012-02-01 02:12:01,046 INFO Processing service avg8wd
2012-02-01 02:12:01,046 INFO Service avg8wd is not installed
2012-02-01 02:12:01,046 DEBUG Service avg8wd RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service avg8wd are not present
2012-02-01 02:12:01,046 INFO Processing service AvgWFPx
2012-02-01 02:12:01,046 INFO Service AvgWFPx is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgWFPx RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgWFPx are not present
2012-02-01 02:12:01,046 INFO Processing service AvgWFPa
2012-02-01 02:12:01,046 INFO Service AvgWFPa is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgWFPa RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgWFPa are not present
2012-02-01 02:12:01,046 INFO Processing service AvgMfx86
2012-02-01 02:12:01,046 INFO Service AvgMfx86 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgMfx86 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgMfx86 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgMfx64
2012-02-01 02:12:01,046 INFO Service AvgMfx64 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgMfx64 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgMfx64 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgLdx86
2012-02-01 02:12:01,046 INFO Service AvgLdx86 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgLdx86 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgLdx86 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgLdx64
2012-02-01 02:12:01,046 INFO Service AvgLdx64 is not installed
2012-02-01 02:12:01,046 DEBUG Service AvgLdx64 RegCleanup
2012-02-01 02:12:01,046 DEBUG Registry keys for service AvgLdx64 are not present
2012-02-01 02:12:01,046 INFO Processing service AvgTdiX
2012-02-01 02:12:01,046 INFO Service AvgTdiX is not installed
2012-02-01 02:12:01,062 DEBUG Service AvgTdiX RegCleanup
2012-02-01 02:12:01,062 DEBUG Registry keys for service AvgTdiX are not present
2012-02-01 02:12:01,062 INFO Processing service AvgTdiA
2012-02-01 02:12:01,109 INFO Service AvgTdiA is not installed
2012-02-01 02:12:01,156 DEBUG Service AvgTdiA RegCleanup
2012-02-01 02:12:01,156 DEBUG Registry keys for service AvgTdiA are not present
2012-02-01 02:12:01,156 INFO Processing service AvgRkx86
2012-02-01 02:12:01,203 INFO Service AvgRkx86 is not installed
2012-02-01 02:12:01,265 DEBUG Service AvgRkx86 RegCleanup
2012-02-01 02:12:01,265 DEBUG Registry keys for service AvgRkx86 are not present
2012-02-01 02:12:01,265 INFO Processing service AvgRkx64
2012-02-01 02:12:01,312 INFO Service AvgRkx64 is not installed
2012-02-01 02:12:01,359 DEBUG Service AvgRkx64 RegCleanup
2012-02-01 02:12:01,359 DEBUG Registry keys for service AvgRkx64 are not present
2012-02-01 02:12:01,359 INFO Processing service avg9emc
2012-02-01 02:12:01,406 INFO Service avg9emc is not installed
2012-02-01 02:12:01,468 DEBUG Service avg9emc RegCleanup
2012-02-01 02:12:01,468 DEBUG Registry keys for service avg9emc are not present
2012-02-01 02:12:01,468 INFO Processing service avgfws9
2012-02-01 02:12:01,515 INFO Service avgfws9 is not installed
2012-02-01 02:12:01,562 DEBUG Service avgfws9 RegCleanup
2012-02-01 02:12:01,562 DEBUG Registry keys for service avgfws9 are not present
2012-02-01 02:12:01,562 INFO Processing service avg9wd
2012-02-01 02:12:01,609 INFO Service avg9wd is not installed
2012-02-01 02:12:01,671 DEBUG Service avg9wd RegCleanup
2012-02-01 02:12:01,671 DEBUG Registry keys for service avg9wd are not present
2012-02-01 02:12:01,671 INFO Processing service AVGIDSAgent
2012-02-01 02:12:01,718 INFO Service AVGIDSAgent is not installed
2012-02-01 02:12:01,765 DEBUG Service AVGIDSAgent RegCleanup
2012-02-01 02:12:01,765 DEBUG Registry keys for service AVGIDSAgent are not present
2012-02-01 02:12:01,765 INFO Processing service AVGIDSShimxpx
2012-02-01 02:12:01,812 INFO Service AVGIDSShimxpx is not installed
2012-02-01 02:12:01,875 DEBUG Service AVGIDSShimxpx RegCleanup
2012-02-01 02:12:01,875 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-02-01 02:12:01,875 INFO Processing service AVGIDSFilterxpx
2012-02-01 02:12:01,921 INFO Service AVGIDSFilterxpx is not installed
2012-02-01 02:12:01,968 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-02-01 02:12:01,984 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-02-01 02:12:01,984 INFO Processing service AVGIDSDriverxpx
2012-02-01 02:12:02,031 INFO Service AVGIDSDriverxpx is not installed
2012-02-01 02:12:02,093 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-02-01 02:12:02,093 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-02-01 02:12:02,093 INFO Processing service AVGIDSShimvtx
2012-02-01 02:12:02,171 INFO Service AVGIDSShimvtx is not installed
2012-02-01 02:12:02,218 DEBUG Service AVGIDSShimvtx RegCleanup
2012-02-01 02:12:02,218 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-02-01 02:12:02,234 INFO Processing service AVGIDSFiltervtx
2012-02-01 02:12:02,281 INFO Service AVGIDSFiltervtx is not installed
2012-02-01 02:12:02,328 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-02-01 02:12:02,328 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-02-01 02:12:02,328 INFO Processing service AVGIDSDrivervtx
2012-02-01 02:12:02,390 INFO Service AVGIDSDrivervtx is not installed
2012-02-01 02:12:02,437 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-02-01 02:12:02,437 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-02-01 02:12:02,437 INFO Processing service AVGIDSFiltervta
2012-02-01 02:12:02,484 INFO Service AVGIDSFiltervta is not installed
2012-02-01 02:12:02,546 DEBUG Service AVGIDSFiltervta RegCleanup
2012-02-01 02:12:02,546 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-02-01 02:12:02,546 INFO Processing service AVGIDSDrivervta
2012-02-01 02:12:02,609 INFO Service AVGIDSDrivervta is not installed
2012-02-01 02:12:02,656 DEBUG Service AVGIDSDrivervta RegCleanup
2012-02-01 02:12:02,656 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-02-01 02:12:02,656 INFO Processing service AVGIDSShimw7x
2012-02-01 02:12:02,703 INFO Service AVGIDSShimw7x is not installed
2012-02-01 02:12:02,765 DEBUG Service AVGIDSShimw7x RegCleanup
2012-02-01 02:12:02,765 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-02-01 02:12:02,765 INFO Processing service AVGIDSFilterw7x
2012-02-01 02:12:02,828 INFO Service AVGIDSFilterw7x is not installed
2012-02-01 02:12:02,875 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-02-01 02:12:02,875 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-02-01 02:12:02,875 INFO Processing service AVGIDSDriverw7x
2012-02-01 02:12:02,921 INFO Service AVGIDSDriverw7x is not installed
2012-02-01 02:12:02,968 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-02-01 02:12:02,968 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-02-01 02:12:02,968 INFO Processing service AVGIDSFilterw7a
2012-02-01 02:12:03,031 INFO Service AVGIDSFilterw7a is not installed
2012-02-01 02:12:03,078 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-02-01 02:12:03,078 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-02-01 02:12:03,078 INFO Processing service AVGIDSDriverw7a
2012-02-01 02:12:03,125 INFO Service AVGIDSDriverw7a is not installed
2012-02-01 02:12:03,171 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-02-01 02:12:03,171 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-02-01 02:12:03,187 INFO Processing service AVGIDSErHrxpx
2012-02-01 02:12:03,234 INFO Service AVGIDSErHrxpx is not installed
2012-02-01 02:12:03,281 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-02-01 02:12:03,281 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-02-01 02:12:03,281 INFO Processing service AVGIDSErHrvtx
2012-02-01 02:12:03,328 INFO Service AVGIDSErHrvtx is not installed
2012-02-01 02:12:03,375 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-02-01 02:12:03,375 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-02-01 02:12:03,375 INFO Processing service AVGIDSErHrvta
2012-02-01 02:12:03,437 INFO Service AVGIDSErHrvta is not installed
2012-02-01 02:12:03,484 DEBUG Service AVGIDSErHrvta RegCleanup
2012-02-01 02:12:03,484 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-02-01 02:12:03,484 INFO Processing service AVGIDSErHrw7x
2012-02-01 02:12:03,531 INFO Service AVGIDSErHrw7x is not installed
2012-02-01 02:12:03,578 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-02-01 02:12:03,578 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-02-01 02:12:03,578 INFO Processing service AVGIDSErHrw7a
2012-02-01 02:12:03,640 INFO Service AVGIDSErHrw7a is not installed
2012-02-01 02:12:03,687 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-02-01 02:12:03,687 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-02-01 02:12:03,687 INFO ***** Registry keys and values *****
2012-02-01 02:12:03,734 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 02:12:03,843 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-02-01 02:12:03,875 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-02-01 02:12:03,968 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 02:12:04,078 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-02-01 02:12:04,078 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-02-01 02:12:04,171 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-02-01 02:12:04,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-02-01 02:12:04,265 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-02-01 02:12:04,265 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-02-01 02:12:04,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-02-01 02:12:04,375 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-02-01 02:12:04,375 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-02-01 02:12:04,468 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-02-01 02:12:04,468 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-02-01 02:12:04,468 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 02:12:04,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 02:12:04,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 02:12:04,671 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 02:12:04,671 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 02:12:04,671 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-02-01 02:12:04,781 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-02-01 02:12:04,781 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-02-01 02:12:04,781 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 02:12:04,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 02:12:04,875 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 02:12:04,875 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-02-01 02:12:04,984 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 02:12:04,984 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 02:12:05,078 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 02:12:05,187 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 02:12:05,187 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 02:12:05,187 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 02:12:05,281 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-02-01 02:12:05,281 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2012-02-01 02:12:05,375 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 02:12:05,484 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-02-01 02:12:05,484 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-02-01 02:12:05,578 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-02-01 02:12:05,687 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-02-01 02:12:05,687 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-02-01 02:12:05,687 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-02-01 02:12:05,687 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 02:12:05,781 DEBUG Value SOFTWARE\Microsoft\Windo
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Wed Feb 01, 2012 2:04 pm    Post subject: ok trying this again Reply with quote

AVG Remover
2012-02-01 22:02:35,093 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 22:02:35,093 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 22:02:35,093 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 22:02:35,093 WARN AvgDir param empty.
2012-02-01 22:02:35,125 WARN AvgDataDir param empty.
2012-02-01 22:03:07,437 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 22:03:07,437 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-02-01 22:03:07,437 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-02-01 22:03:07,437 WARN AvgDir param empty.
2012-02-01 22:03:07,437 WARN AvgDataDir param empty.
2012-02-01 22:03:09,718 INFO AvgRemover runs in attempt number 1
2012-02-01 22:03:09,718 INFO ***** Services *****
2012-02-01 22:03:09,765 INFO Processing service avg8emc
2012-02-01 22:03:09,781 INFO Service avg8emc is not installed
2012-02-01 22:03:09,781 DEBUG Service avg8emc RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service avg8emc are not present
2012-02-01 22:03:09,781 INFO Processing service avgfws8
2012-02-01 22:03:09,781 INFO Service avgfws8 is not installed
2012-02-01 22:03:09,781 DEBUG Service avgfws8 RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service avgfws8 are not present
2012-02-01 22:03:09,781 INFO Processing service avg8wd
2012-02-01 22:03:09,781 INFO Service avg8wd is not installed
2012-02-01 22:03:09,781 DEBUG Service avg8wd RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service avg8wd are not present
2012-02-01 22:03:09,781 INFO Processing service AvgWFPx
2012-02-01 22:03:09,781 INFO Service AvgWFPx is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgWFPx RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgWFPx are not present
2012-02-01 22:03:09,781 INFO Processing service AvgWFPa
2012-02-01 22:03:09,781 INFO Service AvgWFPa is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgWFPa RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgWFPa are not present
2012-02-01 22:03:09,781 INFO Processing service AvgMfx86
2012-02-01 22:03:09,781 INFO Service AvgMfx86 is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgMfx86 RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgMfx86 are not present
2012-02-01 22:03:09,781 INFO Processing service AvgMfx64
2012-02-01 22:03:09,781 INFO Service AvgMfx64 is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgMfx64 RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgMfx64 are not present
2012-02-01 22:03:09,781 INFO Processing service AvgLdx86
2012-02-01 22:03:09,781 INFO Service AvgLdx86 is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgLdx86 RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgLdx86 are not present
2012-02-01 22:03:09,781 INFO Processing service AvgLdx64
2012-02-01 22:03:09,781 INFO Service AvgLdx64 is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgLdx64 RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgLdx64 are not present
2012-02-01 22:03:09,781 INFO Processing service AvgTdiX
2012-02-01 22:03:09,781 INFO Service AvgTdiX is not installed
2012-02-01 22:03:09,781 DEBUG Service AvgTdiX RegCleanup
2012-02-01 22:03:09,781 DEBUG Registry keys for service AvgTdiX are not present
2012-02-01 22:03:09,781 INFO Processing service AvgTdiA
2012-02-01 22:03:09,843 INFO Service AvgTdiA is not installed
2012-02-01 22:03:09,890 DEBUG Service AvgTdiA RegCleanup
2012-02-01 22:03:09,890 DEBUG Registry keys for service AvgTdiA are not present
2012-02-01 22:03:09,890 INFO Processing service AvgRkx86
2012-02-01 22:03:09,937 INFO Service AvgRkx86 is not installed
2012-02-01 22:03:09,984 DEBUG Service AvgRkx86 RegCleanup
2012-02-01 22:03:09,984 DEBUG Registry keys for service AvgRkx86 are not present
2012-02-01 22:03:09,984 INFO Processing service AvgRkx64
2012-02-01 22:03:10,046 INFO Service AvgRkx64 is not installed
2012-02-01 22:03:10,093 DEBUG Service AvgRkx64 RegCleanup
2012-02-01 22:03:10,093 DEBUG Registry keys for service AvgRkx64 are not present
2012-02-01 22:03:10,093 INFO Processing service avg9emc
2012-02-01 22:03:10,156 INFO Service avg9emc is not installed
2012-02-01 22:03:10,203 DEBUG Service avg9emc RegCleanup
2012-02-01 22:03:10,203 DEBUG Registry keys for service avg9emc are not present
2012-02-01 22:03:10,203 INFO Processing service avgfws9
2012-02-01 22:03:10,265 INFO Service avgfws9 is not installed
2012-02-01 22:03:10,312 DEBUG Service avgfws9 RegCleanup
2012-02-01 22:03:10,312 DEBUG Registry keys for service avgfws9 are not present
2012-02-01 22:03:10,312 INFO Processing service avg9wd
2012-02-01 22:03:10,359 INFO Service avg9wd is not installed
2012-02-01 22:03:10,406 DEBUG Service avg9wd RegCleanup
2012-02-01 22:03:10,406 DEBUG Registry keys for service avg9wd are not present
2012-02-01 22:03:10,406 INFO Processing service AVGIDSAgent
2012-02-01 22:03:10,453 INFO Service AVGIDSAgent is not installed
2012-02-01 22:03:10,515 DEBUG Service AVGIDSAgent RegCleanup
2012-02-01 22:03:10,515 DEBUG Registry keys for service AVGIDSAgent are not present
2012-02-01 22:03:10,515 INFO Processing service AVGIDSShimxpx
2012-02-01 22:03:10,562 INFO Service AVGIDSShimxpx is not installed
2012-02-01 22:03:10,609 DEBUG Service AVGIDSShimxpx RegCleanup
2012-02-01 22:03:10,609 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-02-01 22:03:10,609 INFO Processing service AVGIDSFilterxpx
2012-02-01 22:03:10,671 INFO Service AVGIDSFilterxpx is not installed
2012-02-01 22:03:10,718 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-02-01 22:03:10,718 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-02-01 22:03:10,718 INFO Processing service AVGIDSDriverxpx
2012-02-01 22:03:10,765 INFO Service AVGIDSDriverxpx is not installed
2012-02-01 22:03:10,828 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-02-01 22:03:10,828 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-02-01 22:03:10,828 INFO Processing service AVGIDSShimvtx
2012-02-01 22:03:10,875 INFO Service AVGIDSShimvtx is not installed
2012-02-01 22:03:10,921 DEBUG Service AVGIDSShimvtx RegCleanup
2012-02-01 22:03:10,921 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-02-01 22:03:10,921 INFO Processing service AVGIDSFiltervtx
2012-02-01 22:03:10,968 INFO Service AVGIDSFiltervtx is not installed
2012-02-01 22:03:11,015 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-02-01 22:03:11,015 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-02-01 22:03:11,015 INFO Processing service AVGIDSDrivervtx
2012-02-01 22:03:11,078 INFO Service AVGIDSDrivervtx is not installed
2012-02-01 22:03:11,125 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-02-01 22:03:11,125 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-02-01 22:03:11,125 INFO Processing service AVGIDSFiltervta
2012-02-01 22:03:11,171 INFO Service AVGIDSFiltervta is not installed
2012-02-01 22:03:11,218 DEBUG Service AVGIDSFiltervta RegCleanup
2012-02-01 22:03:11,218 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-02-01 22:03:11,218 INFO Processing service AVGIDSDrivervta
2012-02-01 22:03:11,281 INFO Service AVGIDSDrivervta is not installed
2012-02-01 22:03:11,328 DEBUG Service AVGIDSDrivervta RegCleanup
2012-02-01 22:03:11,328 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-02-01 22:03:11,328 INFO Processing service AVGIDSShimw7x
2012-02-01 22:03:11,375 INFO Service AVGIDSShimw7x is not installed
2012-02-01 22:03:11,437 DEBUG Service AVGIDSShimw7x RegCleanup
2012-02-01 22:03:11,437 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-02-01 22:03:11,437 INFO Processing service AVGIDSFilterw7x
2012-02-01 22:03:11,484 INFO Service AVGIDSFilterw7x is not installed
2012-02-01 22:03:11,531 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-02-01 22:03:11,531 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-02-01 22:03:11,562 INFO Processing service AVGIDSDriverw7x
2012-02-01 22:03:11,609 INFO Service AVGIDSDriverw7x is not installed
2012-02-01 22:03:11,687 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-02-01 22:03:11,687 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-02-01 22:03:11,687 INFO Processing service AVGIDSFilterw7a
2012-02-01 22:03:11,750 INFO Service AVGIDSFilterw7a is not installed
2012-02-01 22:03:11,796 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-02-01 22:03:11,796 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-02-01 22:03:11,796 INFO Processing service AVGIDSDriverw7a
2012-02-01 22:03:11,859 INFO Service AVGIDSDriverw7a is not installed
2012-02-01 22:03:11,906 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-02-01 22:03:11,906 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-02-01 22:03:11,906 INFO Processing service AVGIDSErHrxpx
2012-02-01 22:03:11,953 INFO Service AVGIDSErHrxpx is not installed
2012-02-01 22:03:12,015 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-02-01 22:03:12,015 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-02-01 22:03:12,015 INFO Processing service AVGIDSErHrvtx
2012-02-01 22:03:12,062 INFO Service AVGIDSErHrvtx is not installed
2012-02-01 22:03:12,109 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-02-01 22:03:12,109 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-02-01 22:03:12,109 INFO Processing service AVGIDSErHrvta
2012-02-01 22:03:12,156 INFO Service AVGIDSErHrvta is not installed
2012-02-01 22:03:12,203 DEBUG Service AVGIDSErHrvta RegCleanup
2012-02-01 22:03:12,218 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-02-01 22:03:12,218 INFO Processing service AVGIDSErHrw7x
2012-02-01 22:03:12,265 INFO Service AVGIDSErHrw7x is not installed
2012-02-01 22:03:12,312 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-02-01 22:03:12,312 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-02-01 22:03:12,312 INFO Processing service AVGIDSErHrw7a
2012-02-01 22:03:12,359 INFO Service AVGIDSErHrw7a is not installed
2012-02-01 22:03:12,421 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-02-01 22:03:12,421 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-02-01 22:03:12,421 INFO ***** Registry keys and values *****
2012-02-01 22:03:12,468 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 22:03:12,578 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-02-01 22:03:12,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-02-01 22:03:12,765 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-02-01 22:03:12,859 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-02-01 22:03:12,859 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-02-01 22:03:12,968 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-02-01 22:03:13,062 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-02-01 22:03:13,109 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-02-01 22:03:13,109 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-02-01 22:03:13,203 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-02-01 22:03:13,203 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-02-01 22:03:13,203 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-02-01 22:03:13,312 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-02-01 22:03:13,312 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-02-01 22:03:13,312 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 22:03:13,406 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 22:03:13,406 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 22:03:13,406 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-02-01 22:03:13,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-02-01 22:03:13,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-02-01 22:03:13,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-02-01 22:03:13,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-02-01 22:03:13,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-02-01 22:03:13,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:13,765 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:13,765 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:13,765 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-02-01 22:03:13,859 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 22:03:13,859 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 22:03:13,968 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:14,062 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:14,109 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:14,109 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 22:03:14,203 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-02-01 22:03:14,234 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2012-02-01 22:03:14,328 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-02-01 22:03:14,437 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-02-01 22:03:14,437 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-02-01 22:03:14,531 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-02-01 22:03:14,640 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-02-01 22:03:14,640 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-02-01 22:03:14,640 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-02-01 22:03:14,640 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 22:03:14,734 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 22:03:15,281 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 22:03:15,390 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 22:03:15,500 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 22:03:15,500 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 22:03:15,593 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 22:03:15,703 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 22:03:15,703 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 22:03:15,796 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-02-01 22:03:15,906 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-02-01 22:03:15,906 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-02-01 22:03:16,015 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 22:03:16,109 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2012-02-01 22:03:16,203 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2012-02-01 22:03:16,312 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-02-01 22:03:16,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2012-02-01 22:03:16,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2012-02-01 22:03:16,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2012-02-01 22:03:16,625 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2012-02-01 22:03:16,625 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2012-02-01 22:03:16,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2012-02-01 22:03:16,734 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2012-02-01 22:03:16,734 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2012-02-01 22:03:16,734 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2012-02-01 22:03:16,828 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2012-02-01 22:03:16,828 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2012-02-01 22:03:16,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 22:03:16,984 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 22:03:17,078 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 22:03:17,078 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 22:03:17,171 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 22:03:17,171 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 22:03:17,171 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-02-01 22:03:17,281 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-02-01 22:03:17,281 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-02-01 22:03:17,281 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 22:03:17,328 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 22:03:17,328 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 22:03:17,328 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-02-01 22:03:17,375 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-02-01 22:03:17,375 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-02-01 22:03:17,375 INFO Processing registry SOFTWARE\Classes\.avgdi
2012-02-01 22:03:17,437 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2012-02-01 22:03:17,437 DEBUG Key SOFTWARE\Classes\.avgdi not found
2012-02-01 22:03:17,437 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 22:03:17,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 22:03:17,593 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 22:03:17,593 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 22:03:17,703 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 22:03:17,703 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 22:03:17,703 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-02-01 22:03:17,796 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-02-01 22:03:17,796 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-02-01 22:03:17,796 INFO Processing registry SOFTWARE\AVG\Clients
2012-02-01 22:03:17,843 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2012-02-01 22:03:17,953 DEBUG Key SOFTWARE\AVG\Clients not found
2012-02-01 22:03:17,953 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 22:03:18,000 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 22:03:18,000 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 22:03:18,000 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 22:03:18,046 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 22:03:18,046 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 22:03:18,046 INFO Processing registry SOFTWARE\AVG\AVG IDS
2012-02-01 22:03:18,109 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2012-02-01 22:03:18,109 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2012-02-01 22:03:18,109 INFO Processing registry SOFTWARE\AVG
2012-02-01 22:03:18,156 DEBUG Value SOFTWARE\AVG:DumpType Remove
2012-02-01 22:03:18,156 INFO Value SOFTWARE\AVG:DumpType is not present
2012-02-01 22:03:18,203 INFO Processing registry SOFTWARE\AVG
2012-02-01 22:03:18,250 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 22:03:18,296 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2012-02-01 22:03:18,390 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 22:03:18,437 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 22:03:18,437 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 22:03:18,437 INFO Processing registry SOFTWARE\AVG\AVG8
2012-02-01 22:03:18,484 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-02-01 22:03:18,484 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-02-01 22:03:18,484 INFO Processing registry SOFTWARE\AVG\AVG9
2012-02-01 22:03:18,546 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-02-01 22:03:18,546 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-02-01 22:03:18,546 INFO Processing registry SOFTWARE\AVG
2012-02-01 22:03:18,593 DEBUG Key SOFTWARE\AVG Remove
2012-02-01 22:03:18,593 DEBUG Key SOFTWARE\AVG not found
2012-02-01 22:03:18,593 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-02-01 22:03:18,640 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-02-01 22:03:18,640 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-02-01 22:03:18,640 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2012-02-01 22:03:18,750 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2012-02-01 22:03:18,750 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2012-02-01 22:03:18,843 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:18,953 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:19,015 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:19,015 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2012-02-01 22:03:19,109 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-02-01 22:03:19,140 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-02-01 22:03:19,250 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:19,343 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:19,343 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:19,343 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 22:03:19,453 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 22:03:19,453 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 22:03:19,453 INFO Processing registry aAvgAPI.AvgBro
2012-02-01 22:03:19,515 DEBUG Key aAvgAPI.AvgBro ForceRemove
2012-02-01 22:03:19,515 DEBUG Key aAvgAPI.AvgBro not found
2012-02-01 22:03:19,515 INFO Processing registry AVG.Office
2012-02-01 22:03:19,562 DEBUG Key AVG.Office ForceRemove
2012-02-01 22:03:19,562 DEBUG Key AVG.Office not found
2012-02-01 22:03:19,562 INFO Processing registry AVG.Office.8
2012-02-01 22:03:19,609 DEBUG Key AVG.Office.8 ForceRemove
2012-02-01 22:03:19,609 DEBUG Key AVG.Office.8 not found
2012-02-01 22:03:19,609 INFO Processing registry avgtoolbar.AVGTOOLBAR
2012-02-01 22:03:19,656 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2012-02-01 22:03:19,671 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2012-02-01 22:03:19,671 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2012-02-01 22:03:19,765 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2012-02-01 22:03:19,765 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2012-02-01 22:03:19,765 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2012-02-01 22:03:19,859 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2012-02-01 22:03:19,859 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2012-02-01 22:03:19,859 INFO Processing registry LinkScannerIE.NavFilter
2012-02-01 22:03:19,921 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2012-02-01 22:03:19,921 DEBUG Key LinkScannerIE.NavFilter not found
2012-02-01 22:03:19,921 INFO Processing registry LinkScannerIE.NavFilter.1
2012-02-01 22:03:19,968 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2012-02-01 22:03:19,968 DEBUG Key LinkScannerIE.NavFilter.1 not found
2012-02-01 22:03:19,968 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2012-02-01 22:03:20,062 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2012-02-01 22:03:20,062 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2012-02-01 22:03:20,062 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2012-02-01 22:03:20,171 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2012-02-01 22:03:20,171 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2012-02-01 22:03:20,171 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2012-02-01 22:03:20,265 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2012-02-01 22:03:20,265 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2012-02-01 22:03:20,265 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 22:03:20,375 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 22:03:20,375 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 22:03:20,375 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-02-01 22:03:20,468 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-02-01 22:03:20,468 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-02-01 22:03:20,468 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2012-02-01 22:03:20,578 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2012-02-01 22:03:20,578 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2012-02-01 22:03:20,578 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2012-02-01 22:03:20,671 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2012-02-01 22:03:20,671 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2012-02-01 22:03:20,671 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2012-02-01 22:03:20,781 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2012-02-01 22:03:20,781 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2012-02-01 22:03:20,781 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2012-02-01 22:03:20,875 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2012-02-01 22:03:20,875 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2012-02-01 22:03:20,875 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2012-02-01 22:03:20,984 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2012-02-01 22:03:20,984 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2012-02-01 22:03:20,984 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-02-01 22:03:21,078 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-02-01 22:03:21,078 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-02-01 22:03:21,078 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:21,187 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:21,187 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:21,187 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2012-02-01 22:03:21,281 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2012-02-01 22:03:21,328 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2012-02-01 22:03:21,328 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2012-02-01 22:03:21,421 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2012-02-01 22:03:21,421 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2012-02-01 22:03:21,421 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2012-02-01 22:03:21,531 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2012-02-01 22:03:21,531 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2012-02-01 22:03:21,531 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2012-02-01 22:03:21,625 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2012-02-01 22:03:21,625 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2012-02-01 22:03:21,625 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2012-02-01 22:03:21,734 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2012-02-01 22:03:21,734 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2012-02-01 22:03:21,734 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2012-02-01 22:03:21,828 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2012-02-01 22:03:21,828 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2012-02-01 22:03:21,828 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-02-01 22:03:21,937 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-02-01 22:03:21,937 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-02-01 22:03:21,937 INFO ***** Files and folders *****
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 0
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 1
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 2
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 3
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 4
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 5
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 6
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 7
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 8
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 9
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 10
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 11
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 12
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 13
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 14
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 15
2012-02-01 22:03:22,015 DEBUG Missing ParentDir path for fileItem number 16
2012-02-01 22:03:22,015 DEBUG Processing item C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR
2012-02-01 22:03:22,015 INFO Directory C:\Documents and Settings\Laptop\Application Data\AVGTOOLBAR not found
2012-02-01 22:03:22,125 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:22,125 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0
2012-02-01 22:03:22,125 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0 not found
2012-02-01 22:03:22,218 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0
2012-02-01 22:03:22,218 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0 not found
2012-02-01 22:03:22,328 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5
2012-02-01 22:03:22,328 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5 not found
2012-02-01 22:03:22,421 DEBUG Processing item C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5
2012-02-01 22:03:22,421 INFO Directory C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5 not found
2012-02-01 22:03:22,515 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk
2012-02-01 22:03:22,515 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk not found
2012-02-01 22:03:22,625 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk
2012-02-01 22:03:22,625 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk not found
2012-02-01 22:03:22,718 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk
2012-02-01 22:03:22,718 INFO File C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk not found
2012-02-01 22:03:22,828 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk
2012-02-01 22:03:22,828 INFO File C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk not found
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 27
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 28
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 29
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 30
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 31
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 32
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 33
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 34
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 35
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 36
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 37
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 38
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 39
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 40
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 41
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 42
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 43
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 44
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 45
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 46
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 47
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 48
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 49
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 50
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 51
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 52
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 53
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 54
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 55
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 56
2012-02-01 22:03:22,921 DEBUG Missing ParentDir path for fileItem number 57
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 58
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 59
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 60
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 61
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 62
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 63
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 64
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 65
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 66
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 67
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 68
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 69
2012-02-01 22:03:22,937 DEBUG Missing ParentDir path for fileItem number 70
2012-02-01 22:03:22,937 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2012-02-01 22:03:22,937 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2012-02-01 22:03:23,031 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-02-01 22:03:23,031 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2012-02-01 22:03:23,125 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,125 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk
2012-02-01 22:03:23,125 INFO File C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk not found
2012-02-01 22:03:23,234 DEBUG Processing item C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk
2012-02-01 22:03:23,234 INFO File C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk not found
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 76
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 77
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 78
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 79
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 80
2012-02-01 22:03:23,328 DEBUG Missing ParentDir path for fileItem number 81
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 82
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 83
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 84
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 85
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 86
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 87
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 88
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 89
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 90
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 91
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 92
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 93
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 94
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 95
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 96
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 97
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 98
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 99
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 100
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 101
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 102
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 103
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 104
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 105
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 106
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 107
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 108
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 109
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 110
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 111
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 112
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 113
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 114
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 115
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 116
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 117
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 118
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 119
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 120
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 121
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 122
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 123
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 124
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 125
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 126
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 127
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 128
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 129
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 130
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 131
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 132
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 133
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 134
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 135
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 136
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 137
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 138
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 139
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 140
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 141
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 142
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 143
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 144
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 145
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 146
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 147
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 148
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 149
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 150
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 151
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 152
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 153
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 154
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 155
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 156
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 157
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 158
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 159
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 160
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 161
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 162
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 163
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 164
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 165
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 166
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 167
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 168
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 169
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 170
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 171
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 172
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 173
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 174
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 175
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 176
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 177
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 178
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 179
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 180
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 181
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 182
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 183
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 184
2012-02-01 22:03:23,343 DEBUG Missing ParentDir path for fileItem number 185
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-02-01 22:03:23,343 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2012-02-01 22:03:23,343 INFO Directory C:\WINDOWS\System32\Drivers\avg not found
2012-02-01 22:03:23,437 DEBUG Processing item C:\WINDOWS\System32
2012-02-01 22:03:23,437 DEBUG Processing item C:\Program Files\AVG
2012-02-01 22:03:23,453 DEBUG Directory C:\Program Files\AVG not deleted (error c0070091)
2012-02-01 22:03:23,453 DEBUG Missing ParentDir path for fileItem number 194
2012-02-01 22:03:23,453 INFO ***** Avg Fw NDIS driver *****
2012-02-01 22:03:24,265 INFO FW NDIS driver not present
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Wed Feb 01, 2012 2:06 pm    Post subject: otl logs and eset logs Reply with quote

All processes killed
========== OTL ==========
C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll moved successfully.
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll moved successfully.
File C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
File C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry value HKEY_USERS\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Shareaza\ deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
C:\Program Files\Java\jre6\lib\zi\SystemV folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Pacific folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Indian folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Europe folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Etc folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Australia folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Atlantic folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Asia folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Antarctica folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\America\North_Dakota folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\America\Kentucky folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\America\Indiana folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\America\Argentina folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\America folder moved successfully.
C:\Program Files\Java\jre6\lib\zi\Africa folder moved successfully.
C:\Program Files\Java\jre6\lib\zi folder moved successfully.
C:\Program Files\Java\jre6\lib\servicetag folder moved successfully.
C:\Program Files\Java\jre6\lib\security folder moved successfully.
C:\Program Files\Java\jre6\lib\management folder moved successfully.
C:\Program Files\Java\jre6\lib\images\cursors folder moved successfully.
C:\Program Files\Java\jre6\lib\images folder moved successfully.
C:\Program Files\Java\jre6\lib\im folder moved successfully.
C:\Program Files\Java\jre6\lib\i386 folder moved successfully.
C:\Program Files\Java\jre6\lib\fonts folder moved successfully.
C:\Program Files\Java\jre6\lib\ext folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs\ie folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs\ff\chrome\content folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs\ff\chrome folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs\ff folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy\jqs folder moved successfully.
C:\Program Files\Java\jre6\lib\deploy folder moved successfully.
C:\Program Files\Java\jre6\lib\cmm folder moved successfully.
C:\Program Files\Java\jre6\lib\audio folder moved successfully.
C:\Program Files\Java\jre6\lib\applet folder moved successfully.
C:\Program Files\Java\jre6\lib folder moved successfully.
C:\Program Files\Java\jre6\bin\new_plugin folder moved successfully.
C:\Program Files\Java\jre6\bin\client folder moved successfully.
C:\Program Files\Java\jre6\bin folder moved successfully.
C:\Program Files\Java\jre6 folder moved successfully.
File\Folder C:\Program Files\MyWebSearch not found.
File\Folder C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus not found.
C:\Program Files\iMesh Applications folder moved successfully.
File\Folder C:\Program Files\Morpheus Music not found.
File\Folder C:\Program Files\FrostWire not found.
File\Folder C:\Program Files\iolo not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\iMesh Applications\iMesh\iMesh.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iMesh Applications\iMesh\iMesh.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\FrostWire\FrostWire.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iolo\System Mechanic\SysMech.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Laptop
->Temp folder emptied: 1186338 bytes
->Temporary Internet Files folder emptied: 1481978 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4108672 bytes

Total Files Cleaned = 7.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: Laptop
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Laptop
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.31.0 log created on 02012012_145550

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

OTL logfile created on: 2/1/2012 3:01:22 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 84.65 Mb Available Physical Memory | 18.98% Memory free
1.03 Gb Paging File | 0.70 Gb Available in Paging File | 68.20% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 40.89 Gb Free Space | 73.16% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/10 09:03:41 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2006/03/15 08:30:24 | 000,593,920 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/01 03:10:15 | 001,697,280 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12020100\algo.dll
MOD - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/04/14 15:09:56 | 005,069,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/03/08 16:28:00 | 000,255,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/01/05 00:33:00 | 000,034,144 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2006/01/05 00:33:00 | 000,028,800 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/09/29 19:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 13:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE 62 4C F5 AF DE CC 01 [binary data]
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/?ref=hp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\


========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={4000513C-D421-4EE7-AFAB-47B243124E41}&mid=5fbf2f5ada7247d6a8e1d15a959e3e5d-0&lang=en&ds=AVG&pr=pr&d=2006-04-22 06:00:58&v=10.0.0.7&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" File not found
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/06 11:24:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell - "" = AutoRun
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{eda6d518-59ef-11df-8b3c-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: ("autocheck autochk *")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/01 15:04:47 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avg_remover_stf_x64_2012_1796.exe
[2012/01/31 21:18:13 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/31 21:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/01/31 21:18:12 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/31 21:18:08 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/31 21:18:07 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/31 21:18:06 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/31 21:18:05 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/31 21:18:05 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/31 21:18:04 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/31 21:17:29 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/01/31 21:17:28 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/31 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/31 21:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/01/31 20:48:06 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avgremover.exe
[2012/01/30 16:34:24 | 002,059,056 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 12:56:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/29 12:19:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/01/29 04:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2012/01/29 03:56:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2012/01/29 02:34:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012/01/28 12:07:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/28 11:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Application Data\Malwarebytes
[2012/01/28 11:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 11:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/28 11:53:35 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/28 11:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/01/28 10:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/28 10:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/01/28 10:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/01/26 09:20:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laptop\Recent
[2012/01/26 08:47:55 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 05:08:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/24 06:19:06 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/23 23:48:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/01/23 23:47:40 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

========== Files - Modified Within 30 Days ==========

[2012/02/01 15:11:13 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003UA.job
[2012/02/01 15:11:12 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003Core.job
[2012/02/01 15:10:23 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/01 15:04:54 | 002,540,688 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avg_remover_stf_x64_2012_1796.exe
[2012/02/01 14:57:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/31 21:18:13 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/31 21:18:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/31 21:16:22 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\setup_av_free_cnet.exe
[2012/01/31 20:48:09 | 000,718,104 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avgremover.exe
[2012/01/30 16:34:33 | 002,059,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 13:16:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/29 12:19:37 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:36:13 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/29 04:36:13 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/28 11:53:39 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:27:16 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:43 | 003,514,358 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2012/01/26 14:09:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/26 08:47:55 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 10:13:41 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/25 10:13:40 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\Google Chrome.lnk
[2012/01/25 08:26:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/25 06:42:43 | 000,241,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/24 06:19:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com

========== Files Created - No Company Name ==========

[2012/01/31 21:18:13 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/31 21:16:10 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\setup_av_free_cnet.exe
[2012/01/29 12:19:37 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:36:14 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:24 | 003,514,358 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2011/09/30 18:49:13 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/04/24 16:31:16 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/10 12:31:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 18:00:23 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/25 13:59:00 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/25 13:59:00 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2009/04/25 13:59:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2008/06/06 15:08:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/06 11:28:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/06 11:20:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/06 06:45:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/06 06:44:19 | 000,241,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/10 00:22:38 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\FASTWiz.html
[2006/01/05 00:33:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2006/01/05 00:33:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,315,076 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,041,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

< End of report >


This is what I copied to clipboard for ESET Scan

C:\Documents and Settings\All Users\Application Data\Fighters\SLOW-PCfighter\InstallCache\{FD995981-7B0B-4590-B76C-C976AF3C9B9B}\SLOW-PCfighter.msi a variant of Win32/SlowPCfighter application
C:\Documents and Settings\Laptop\My Documents\Downloads\frostwire-4.21.3.windows.exe Win32/OpenCandy application
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Thu Feb 02, 2012 9:30 am    Post subject: Reply with quote

Hi Kthomas :


Quote:
Ok here you go. Oh yea the AVG remover did not work

We will try with RevoUninstaller.

Quote:
the Java I needed was for the 32 bit system not the 64bit I found the right one and downloaded it.

Opps, I had overlooked that and you are right about the 32bits java.

Let's continue:

1. Reset Google Chrome
  • Open the Google Chrome browser.
  • Click the spanner icon on the browser toolbar.
  • Click Options.
  • In the Google Chrome Options window, click the basics.
  • Click manage search engines
  • Under Default search options, click on any search engine (but not the searchqu.com) and click on the make default
  • Now, click the AVG Secure Search and click x and the right hand side of the same row to remove the searchqu.com search engine.
  • Close the browser.



2. Run revo uninstaller
  • Start Revo Uninstaller.
  • From the list of programs click on AVG 2011 and chose Uninstall.
  • When prompted click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, when prompted again click Yes > Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Next > Yes.
  • Once done click Finish.
.
Note: Repeat the processes for all AVG related entries.


3. OTL fix
Please make sure OTL.exe is on your Desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop
  • Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  • Copy the following text... do not include the quote box title "Quote'
    Quote:
    :OTL
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
    CHR - default_search_provider: AVG Secure Search (Enabled)
    CHR - default_search_provider: search_url = http://isearch.avg.com/search?cid={4000513C-D421-4EE7-AFAB-47B243124E41}&mid=5fbf2f5ada7247d6a8e1d15a959e3e5d-0&lang=en&ds=AVG&pr=pr&d=2006-04-22 06:00:58&v=10.0.0.7&sap=dsp&q={searchTerms}
    CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
    CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
    CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
    CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O4 - HKLM..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" File not found
    O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
    O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
    [2012/02/01 15:04:47 | 002,540,688 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avg_remover_stf_x64_2012_1796.exe
    [2012/01/31 20:48:06 | 000,718,104 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Laptop\Desktop\avgremover.exe
    [2012/01/29 04:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
    [2012/01/29 03:56:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
    [2012/01/28 11:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVG


    :Files
    C:\Documents and Settings\All Users\Application Data\Fighters
    C:\Documents and Settings\Laptop\My Documents\Downloads\frostwire-4.21.3.windows.exe
    C:\Program Files\AVG Secure Search
    C:\Program Files\Java\jre6
    C:\Program Files\MyWebSearch
    C:\Documents and Settings\Laptop\Local Settings\Application Data\Yahoo!\BrowserPlus

    :Commands
    [EmptyTemp]
    [CreateRestorePoint]

  • Click under the Custom Scan/Fixes box and paste the copied text.
  • Click the Run Fix button. If prompted... click OK.
  • Let the program run unhindered and reboot. You will get a fix log when it is done, please post that in your reply
  • After that, please re-run OTL and create a new OTL report....
  • Click the "Scan All Users" checkbox.
  • Click the "Run Scan button.
  • A report will open, copy and paste it in a reply here.




4. Checklist
Please post:

  • OTL.txt only
  • An update on your problems

note: These logs can be lengthy, please post in several replies if needed. Please ensure you post COMPLETE log.

Thanks,
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Thu Feb 02, 2012 12:44 pm    Post subject: Hello again Reply with quote

Where do I get the RevoUninstaller?
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Thu Feb 02, 2012 2:19 pm    Post subject: Reply with quote

Sorry, I forget to include the link.

Please download and install Revo Uninstaller Free

torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Kthomas
Junior Member


Joined: 24 Jan 2012
Last Visit: 06 Feb 2012
Posts: 17

PostPosted: Fri Feb 03, 2012 11:33 am    Post subject: OTL Log Reply with quote

Ok here is the new OTL log. My computer was running a little better but seems to have slowed down again since I installed the avast.


OTL logfile created on: 2/3/2012 2:22:44 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Laptop\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.04 Mb Total Physical Memory | 121.72 Mb Available Physical Memory | 27.29% Memory free
1.03 Gb Paging File | 0.72 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 39.28 Gb Free Space | 70.28% Space Free | Partition Type: NTFS

Computer Name: KIA | User Name: Laptop | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
PRC - [2011/11/28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/03/15 08:30:24 | 000,593,920 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/03 13:41:52 | 001,688,576 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12020301\algo.dll
MOD - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\o2flash.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (JavaQuickStarterService)
SRV - [2011/11/28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006/01/05 00:33:00 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\o2flash.exe -- (O2Flash)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/04/14 15:09:56 | 005,069,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/03/08 16:28:00 | 000,255,232 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/01/05 00:33:00 | 000,034,144 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2media.sys -- (O2MDRDR)
DRV - [2006/01/05 00:33:00 | 000,028,800 | ---- | M] (O2Micro ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\o2sd.sys -- (O2SDRDR)
DRV - [2006/01/04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005/09/29 19:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/08/04 07:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 07:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2001/08/17 13:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE 62 4C F5 AF DE CC 01 [binary data]
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.facebook.com/?ref=hp
IE - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff


========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Gmail = C:\Documents and Settings\Laptop\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1708537768-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1242062566640 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AFE0008-413F-42D6-81D9-58D549AE47C1}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Laptop\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/06 11:24:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell - "" = AutoRun
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95363155-c111-11da-8c0e-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setup.exe -a
O33 - MountPoints2\{eda6d518-59ef-11df-8b3c-0013d37ad7ae}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: ("autocheck autochk *")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/03 14:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Start Menu\Programs\Revo Uninstaller
[2012/02/03 14:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/02/03 14:09:22 | 002,617,176 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Laptop\Desktop\revosetup.exe
[2012/02/02 22:59:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\My Documents\New Folder
[2012/02/02 22:42:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Desktop\New Folder
[2012/02/01 17:15:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Start Menu\Programs\Google Chrome
[2012/02/01 15:48:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/01 15:48:25 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/02/01 15:48:25 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/02/01 15:48:25 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/02/01 15:48:25 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/01 15:46:13 | 000,909,600 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Laptop\Desktop\JavaSetup6u30.exe
[2012/02/01 15:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/01/31 21:18:13 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/01/31 21:18:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2012/01/31 21:18:12 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/01/31 21:18:08 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/01/31 21:18:07 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/01/31 21:18:06 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/01/31 21:18:05 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/01/31 21:18:05 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/01/31 21:18:04 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/01/31 21:17:29 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/01/31 21:17:28 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/01/31 21:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/31 21:17:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/01/30 16:34:24 | 002,059,056 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 12:56:55 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/29 12:19:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2012/01/29 02:34:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012/01/28 12:07:14 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/28 11:53:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Laptop\Application Data\Malwarebytes
[2012/01/28 11:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/28 11:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/01/28 11:53:35 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/28 11:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/28 10:40:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/01/28 10:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2012/01/28 10:39:14 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/01/26 09:20:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Laptop\Recent
[2012/01/26 08:47:55 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 05:08:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/01/24 06:19:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/01/24 06:19:06 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com
[2012/01/23 23:48:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/01/23 23:47:40 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys

========== Files - Modified Within 30 Days ==========

[2012/02/03 14:19:06 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003UA.job
[2012/02/03 14:18:53 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/03 14:18:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/03 14:10:02 | 000,000,926 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\Revo Uninstaller.lnk
[2012/02/03 14:09:35 | 002,617,176 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Laptop\Desktop\revosetup.exe
[2012/02/02 17:19:03 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003Core.job
[2012/02/02 14:09:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/01 21:33:43 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/01 17:16:10 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\Google Chrome.lnk
[2012/02/01 17:16:10 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/01 15:48:04 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012/02/01 15:48:04 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012/02/01 15:48:04 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2012/02/01 15:48:04 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/01 15:48:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2012/02/01 15:46:17 | 000,909,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Laptop\Desktop\JavaSetup6u30.exe
[2012/01/31 21:18:13 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/31 21:18:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/01/31 21:16:22 | 064,207,032 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\setup_av_free_cnet.exe
[2012/01/30 16:34:33 | 002,059,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Laptop\Desktop\tdsskiller.exe
[2012/01/29 12:19:37 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/29 12:19:24 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Laptop\Desktop\OTL.exe
[2012/01/29 04:36:13 | 000,315,076 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/29 04:36:13 | 000,041,238 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/28 11:53:39 | 000,000,793 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:27:16 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:43 | 003,514,358 | ---- | M] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2012/01/26 08:47:55 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Laptop\Desktop\MGADiag.exe
[2012/01/25 08:26:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/25 06:42:43 | 000,241,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/01/24 06:19:15 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Laptop\Desktop\dds.com

========== Files Created - No Company Name ==========

[2012/02/03 14:10:02 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\Revo Uninstaller.lnk
[2012/02/01 17:16:10 | 000,002,302 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\Google Chrome.lnk
[2012/02/01 17:16:10 | 000,002,280 | ---- | C] () -- C:\Documents and Settings\Laptop\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/01 17:14:34 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003UA.job
[2012/02/01 17:14:31 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-1708537768-839522115-1003Core.job
[2012/01/31 21:18:13 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/01/31 21:16:10 | 064,207,032 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\setup_av_free_cnet.exe
[2012/01/29 12:19:37 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\SystemLook.exe
[2012/01/28 11:53:39 | 000,000,793 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/28 10:39:20 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\NTREGOPT.lnk
[2012/01/28 10:39:20 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\ERUNT.lnk
[2012/01/28 10:36:14 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\CKScanner.exe
[2012/01/27 14:53:24 | 003,514,358 | ---- | C] () -- C:\Documents and Settings\Laptop\Desktop\WVCheck.exe
[2011/09/30 18:49:13 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/04/24 16:31:16 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/10 12:31:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/07 18:00:23 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/04/25 13:59:00 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2009/04/25 13:59:00 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2009/04/25 13:59:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2008/06/06 15:08:56 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/06/06 11:28:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/06/06 11:20:05 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/06/06 06:45:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/06/06 06:44:19 | 000,241,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/10 00:22:38 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Laptop\Local Settings\Application Data\FASTWiz.html
[2006/01/05 00:33:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\o2flash.exe
[2006/01/05 00:33:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,315,076 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,041,238 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

< End of report >
Back to top
View user's profile Send private message
torreattack
SWW Graduate


Joined: 21 Apr 2011
Last Visit: 24 Apr 2013
Posts: 283

PostPosted: Sat Feb 04, 2012 7:36 pm    Post subject: Reply with quote

Hi Kthomas :

Quote:
My computer was running a little better but seems to have slowed down again since I installed the avast.

Since your logs looked clean. I think the slowness of the computer might not relate to malware.

Your DDS and OTL showed that your did not have sufficient free memory.

Quote:
446.04 Mb Total Physical Memory | 121.72 Mb Available Physical Memory | 27.29% Memory free

If you want to open or operate with any application with just 27.29% free Memory, in my opinion it is not enough.


Though Microsoft claims XP will run with a 512 MB of system memory installed in my opinion a minimum of 2 GB is far better.
If you wish to upgrade the installed memory in your system, Crucial have a small scanner (CrucialScan.exe) which is perfectly safe to download and run in Admin' mode.. Which will advise if your system can support any upgraded memory modules. They cater for the US/UK and Europe.

==============================================================

This is my general post for when your logs show no more signs of malware.

Good news. Your latest set of logs show no more signs of malware.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

OTL fix
Please make sure OTL.exe is on your Desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop
  • Double click on OTL.exe to run it.
  • Copy the following text... do not include the quote box title "Quote'
    Quote:
    :OTL
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\

    :Files
    C:\Program Files\AVG

    :Commands
    [EmptyTemp]
    [ClearAllRestorePoints]

  • Click under the Custom Scan/Fixes box and paste the copied text.
  • Click the Run Fix button. If prompted... click OK.
  • Let the program run unhindered and reboot. You will get a fix log when it is done, just close the log.


Next,

Clean up with OTL
  • Double click OTL.exe to run it.
  • This tool will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.



You can now delete any tools we used if they remain on your Desktop.


Re-enable Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.


Here are some free programs I recommend that could help you improve your computer's security.



WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission.

WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
For more information, please visit HERE


MVPS Hosts
MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE


Update your programs regularly
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check


Read - stay informed.
To help minimize the chances of becoming re-infected, please read.
Computer Security - a short guide to staying safer online

If your computer is running slowly after your clean up, please read.
What to do if your Computer is running slowly


I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing!


thanks
torreattack
_________________
Graduate of Malware Removal University, - You too could train to help others
Failure to post replies within 3 days will result in this thread being closed
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 22 Apr 2014
Posts: 4560
Location: Land Of The Leprechauns

PostPosted: Mon Feb 06, 2012 3:38 am    Post subject: Reply with quote

Quote:
As your issues appear to be resolved, this topic is now closed.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Spyware Warrior Donations

_________________
Admin/Teacher at Malware Removal University
Member of...

Back to top
View user's profile Send private message
Display posts from previous:   
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Archived Spyware Removal Help Topics All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group