Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help removing Yontoo - DDS scan won't complete


  • This topic is locked This topic is locked
36 replies to this topic

#1 adman_dan

adman_dan

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 07 September 2013 - 09:55 AM

Can't remove Yontoo using the Add/Remove control panel

 

Trying to follow the instructions for asking for help as described in the prep guide but DDS scan won't complete.  It keeps "hanging" at about 80% complete.  I've kept from clicking on the window because I've read in a post that can cause problems.  Walked away for 10 minutes and still the same thing happens.

 

Please help.

 

Thanks,

Dan



BC AdBot (Login to Remove)

 


#2 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 11 September 2013 - 04:40 PM

Hello adman_dan, and welcome to Bleeping Computer!

Sorry for the delay in response to your topic. We can get busy at times, but now that I'm with you I will stay with you until the end!

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

A few things to keep in mind while we are working together:

  • If you have since resolved the original problem you were having, I would appreciate it if you let me know.
  • If you are unsure about any of the steps just post what you can and I will guide you!
  • Please tell me if you have your original Windows CD/DVD available.
  • Please copy and paste all logs here unless otherwise instructed!
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • Please do not run any other tools without my instruction to do so!

==========

Since you were unable to get a DDS log posted, let's try another tool:

We need to create an OTL Report

  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the otlicon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the runscan.png button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

==========

Yontoo is not a problem to remove, but I'd like to check for more serious malware first and that is the reason I suggested the OTL log.

bloopie



#3 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 11 September 2013 - 06:45 PM

Thank you for your reply bloopie.  The computer in question is my mother's.  She is her senior citizen and I am her unofficial IT department! 

 

I will not have access to her computer for 48 hours and at that time will be using Team Viewer to access remotely.  Will this negatively impact the process you requested?

 

 

 

Thanks

Dan



#4 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 11 September 2013 - 08:49 PM

Hello Dan,
 

The computer in question is my mother's.  She is her senior citizen and I am her unofficial IT department!

I know the feeling and the situation very well! :wink:
 

I will not have access to her computer for 48 hours and at that time will be using Team Viewer to access remotely.  Will this negatively impact the process you requested?

The above process will not be affected, but later processes may be, but we'll see. Team viewer works very well in situations like this, and I've also done the same thing for my own mother!
 
So we already have something in common. :) Not to worry. If yontoo is the only issue, then we'll easily take care of that.
 
==========
 
Now that I understand your situation, I'd like to make it easiest for you. Let's forget about OTL for the time being. If we need it, we can also do it later. 
 
Considering your situation, I'm going to change my helping structure to suit your needs and make it easy enough for you to take care of this for your mother, with minimal effort (our automated tools should take care of this easily enough) from you.
 
==========
 
Since we have a tool in our arsenal that should take care of this problem all by itself, we'll run that first, then follow up with another:

Step :step1:

thisisujrt.gif Please download Junkware Removal Tool to the desktop of your mothers machine.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • ==========

    I've stopped with my instructions here, and would like you to tell me how the machine is running now, after running this tool!

    Do you still experience Yontoo? Are there any other problems with the machine?

    ==========

    Next, I would have you run Malwarebytes on this machine with the instructions below:

    Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  •  
  • Under the Scanner tab, make sure the "Perform Full Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
  • Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

==========

Please let me know how the machine is running now!

bloopie



#5 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 13 September 2013 - 04:49 PM

Hi bloopie,

 

I ran the JRT and it found a few things (log below).  I also ran Malwarebytes (log also below).  It found a few more things.

 

The computer seems to be running fine right now.  The only suspicious thig is there are a few applications in the Add/Remove control panel that cannot be removed (this is how I found Yontoo).  They look like games (i.e. Cradle of Rome, Heros of Hellas).  Why I try to remove them I get an error message which says "Missing Required Resource.  Try to reinstall EXEtender.exe from your service provider's web site."  I don't know if they're a problem or just some residual from something that used to be there.

 

Let me know if you think we're clear.

 

Thanks,

Dan

 

 

 

JRT Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 09/13/2013 at 13:16:26.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [Service] bprotector
Failed to delete: [Service] bprotector
Successfully stopped: [Service] cltmngsvc
Successfully deleted: [Service] cltmngsvc
Successfully stopped: [Service] ibupdaterservice
Failed to delete: [Service] ibupdaterservice
Successfully stopped: [Service] yontoo desktop updater
Successfully deleted: [Service] yontoo desktop updater

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\web assistant
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\gametreatwidget.gametreatwidget
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\Free Ride Games
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\updater service
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2b7bdadb-ec8c-4c54-b5dd-ce45a016d3a7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2724386
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289847
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3297951
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

 

~~~ Files

Successfully deleted: [File] C:\WINDOWS\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Documents and Settings\Administrator\Local Settings\Application Data\google\chrome\user data\default\bprotector web data"
Successfully deleted: [File] "C:\Documents and Settings\Administrator\Local Settings\Application Data\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"
Successfully deleted: [File] "C:\end"

 

~~~ Folders

Failed to delete: [Folder] "C:\Documents and Settings\All Users\application data\bprotectorforwindows"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\free ride games"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\gamesbar"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ibupdaterservice"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\tarma installer"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\trymedia"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\drivercure"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\file scout"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\pricegong"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\searchprotect"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\swvupdater"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\systweak"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\yontoo"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\iac"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\funwebproducts"
Successfully deleted: [Folder] "C:\Program Files\mywebsearch"
Successfully deleted: [Folder] "C:\Program Files\regclean pro"
Successfully deleted: [Folder] "C:\Program Files\searchprotect"
Successfully deleted: [Folder] "C:\Program Files\web assistant"
Successfully deleted: [Folder] "C:\Program Files\yontoo"

 

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/13/2013 at 13:22:09.79
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Malwarebytes Log:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.13.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: CFI-1E1C37BCEB4 [administrator]

Protection: Enabled

9/13/2013 1:43:32 PM
mbam-log-2013-09-13 (13-43-32).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273067
Time elapsed: 1 hour(s), 28 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com (PUP.TidyNetwork) -> Quarantined and deleted successfully.
HKCR\CLSID\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 8
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com (PUP.TidyNetwork) -> Quarantined and deleted successfully.

Files Detected: 40
C:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.6.1519.190\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\protector.dll (PUP.Optional.BrowserDefender.A) -> Delete on reboot.
C:\Program Files\Uninstall Information\ib_uninst_0\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files\Uninstall Information\ib_uninst_411\uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP904\A0098218.exe (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP904\A0098219.dll (Adware.BProtector) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP904\A0098220.exe (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP932\A0102991.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP949\A0108293.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP949\A0108294.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP949\A0108298.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP949\A0108302.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{FB292F2D-0942-4687-AE68-238E0C74B596}\RP949\A0108315.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.6.1519.190\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\bProtect.exe (PUP.Optional.PerformerSoft.A) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.6.1519.190\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\uninstall.exe (PUP.Optional.PerformerSoft.A) -> Delete on reboot.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\popupTransparent.xul (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Application Data\SearchProtect\ffprotect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com\sidTRCA01.tidy (PUP.TidyNetwork) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com\tidy2ie.dll (PUP.TidyNetwork) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com\tidy2networkTRCA01.exe (PUP.TidyNetwork) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com\tidy2update.exe (PUP.TidyNetwork) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\TidyNetwork.com\tidynetwork.log (PUP.TidyNetwork) -> Quarantined and deleted successfully.

(end)



#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 13 September 2013 - 05:03 PM

Hello again,

 

It looks like JRT took care of Yontoo, and MBAM took care of a few potentially unwanted programs, so that's good. The entries in your Add/Remove programs list do very much look like games. We can try to remove those also, but the best way is to re-install them, and then try again to uninstall them from Add/Remove Programs.

 

Too early to call it clean just yet.

 

Try to run OTL from Post #2, and post that log for my review please.

 

bloopie



#7 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 16 September 2013 - 11:18 AM

Hi Bloopie,

 

Here are the OTL logs.  Also, posted below are two samples of the daily logs from Malwarebytes.  (The free subscription is still running - I don't know if you wanted that turned off permanently, but I did turn it off to download/run OTL).  There appears to be something stil being blocked.

 

Thanks,

Dan

 

 

 

OTL logfile created on: 9/16/2013 12:00:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.33% Memory free
2.57 Gb Paging File | 1.93 Gb Available in Paging File | 75.08% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 21.92 Gb Free Space | 58.81% Space Free | Partition Type: NTFS
 
Computer Name: CFI-1E1C37BCEB4 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/09/16 12:00:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2013/09/12 04:31:24 | 004,536,160 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013/09/12 04:31:23 | 012,614,496 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/09/12 04:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/09/12 04:22:33 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2013/08/30 13:54:50 | 003,233,806 | ---- | M] () -- C:\Program Files\Tor\tor.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
PRC - [2013/07/02 12:08:35 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\IncMail.exe
PRC - [2013/07/02 12:08:34 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\bin\ImApp.exe
PRC - [2013/07/01 16:36:51 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/07/28 18:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/07/28 18:33:58 | 006,995,864 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/07/28 18:33:58 | 001,485,208 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/12 23:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 23:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2008/08/21 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/23 04:00:00 | 000,692,224 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2003/06/18 09:54:10 | 000,294,972 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
PRC - [2003/02/04 08:22:30 | 000,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/02 12:08:45 | 000,072,104 | ---- | M] () -- C:\Program Files\IncrediMail\bin\wlessfp1.dll
MOD - [2013/07/02 12:08:39 | 000,268,712 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImLookExU.dll
MOD - [2013/07/02 12:08:37 | 000,033,128 | ---- | M] () -- C:\Program Files\IncrediMail\bin\IMHttpComm.dll
MOD - [2013/07/02 12:08:36 | 000,133,544 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImComUtlU.dll
MOD - [2013/07/02 12:08:36 | 000,080,296 | ---- | M] () -- C:\Program Files\IncrediMail\bin\ImAppRU.dll
MOD - [2013/01/23 16:17:12 | 000,108,888 | ---- | M] () -- C:\Program Files\IncrediMail\bin\PMC.dll
MOD - [2010/07/28 18:34:04 | 000,022,424 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2010/07/28 18:02:58 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/06/23 19:12:28 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/06/23 19:11:52 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/06/23 19:11:48 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/06/23 19:11:48 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/06/23 18:38:18 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2008/08/21 08:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/08/21 08:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2003/02/04 08:22:30 | 000,181,312 | ---- | M] () -- C:\WINDOWS\system32\ScsiAccess.EXE
 
 
========== Services (SafeList) ==========
 
SRV - [2013/09/13 18:03:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/12 04:31:23 | 005,071,712 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/08/30 13:54:50 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files\Tor\tor.exe -- (tor)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/07/23 02:46:22 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/07/23 02:46:22 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/07/01 16:36:51 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Stopped] -- C:\Program Files\FromDocToPDF_65\bar\1.bin\65barsvc.exe -- (FromDocToPDF_65Service)
SRV - [2013/06/21 10:13:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/07/28 18:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2003/06/18 09:54:10 | 000,294,972 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - [2003/02/04 08:22:30 | 000,181,312 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ScsiAccess.EXE -- (ScsiAccess)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\Free Ride Games\X4HSEx_Pr143.Sys -- (X4HSEx_Pr143)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGMp50.sys -- (AFGMp50)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/06/23 19:12:50 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AFGSp50.sys -- (AFGSp50)
DRV - [2009/09/08 18:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2007/04/11 15:33:06 | 000,079,376 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2007/04/11 15:32:58 | 000,036,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007/04/11 15:32:52 | 000,034,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/04/11 15:32:38 | 000,063,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2007/04/11 15:32:30 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2005/10/09 22:35:30 | 000,017,792 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
DRV - [2003/06/18 09:53:08 | 000,138,485 | ---- | M] (Eastman Kodak Company) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit)
DRV - [2003/06/18 09:53:08 | 000,063,002 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP)
DRV - [2003/06/18 09:53:08 | 000,061,568 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint)
DRV - [2003/06/18 09:53:08 | 000,038,997 | ---- | M] (Eastman Kodak Company) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K)
DRV - [2003/06/18 09:53:08 | 000,036,826 | ---- | M] (Eastman Kodak Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam)
DRV - [2003/06/18 09:53:08 | 000,008,058 | ---- | M] (Eastman Kodak Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.variety104.com/
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0&ocid=iehp
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 BB 4E CC C8 AB CE 01  [binary data]
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\URLSearchHook: {4c60e5ab-5c68-4c59-abaa-885010b24b32} - No CLSID value found
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\SearchScopes,DefaultScope = {50A937C6-2A77-4E9C-993D-4E68C7821C60}
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\SearchScopes\{50A937C6-2A77-4E9C-993D-4E68C7821C60}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;localhost
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files\Free Ride Games\NPGameTreatPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/11 09:25:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\Documents and Settings\All Users\Application Data\bProtectorForWindows\2.2.448.52\FirefoxExtension
 
[2012/05/08 16:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2008/08/21 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (FromDocToPDF) - {C66A678D-5E6C-4AF9-8F57-C6192F42CF74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [Hpppta] C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan\hpppta.exe /ICON File not found
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\.DEFAULT..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Application Data\SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Application Data\SearchProtect\bin\cltmng.exe File not found
O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-736010218-2072973334-1520989802-500..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-21-736010218-2072973334-1520989802-500..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKLM..\RunOnceEx: []  File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Product Registration.lnk =  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1300552242031 (WUWebControl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49608F02-ED9D-4FDE-9012-0E1456F0A778}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/18 00:54:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/09/16 12:00:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/09/14 09:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2013/09/13 14:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 8
[2013/09/13 13:41:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2013/09/13 13:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/13 13:40:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/09/13 13:40:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/09/13 13:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/09/13 13:09:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/08/30 13:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\tor
[2013/08/30 13:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\Tor
[2013/08/28 07:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2013/08/28 07:22:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/08/28 07:22:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013/08/27 16:00:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/09/16 12:03:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/16 12:00:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/09/16 11:48:57 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/09/16 11:39:35 | 000,012,660 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/16 11:38:51 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk
[2013/09/16 11:38:28 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/09/16 11:38:28 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
[2013/09/16 11:38:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/16 11:14:00 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\TidyNetwork Update.job
[2013/09/16 10:57:47 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/09/16 10:10:01 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013/09/15 20:40:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013/09/15 18:46:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2013/09/15 14:00:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2013/09/15 10:22:27 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/15 08:20:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\Dr. CleanUp.job
[2013/09/13 18:03:35 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/09/13 18:03:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/09/13 14:20:36 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 8.lnk
[2013/09/13 13:40:58 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/12 11:25:00 | 000,246,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/09/12 11:20:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/09/04 17:42:40 | 000,304,607 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Picture 002.jpg
[2013/08/23 09:33:20 | 000,009,823 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Untitled 1.odt
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/09/13 13:40:58 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/07 10:07:11 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/09/04 17:54:03 | 000,304,607 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Picture 002.jpg
[2013/06/04 16:15:19 | 000,000,446 | ---- | C] () -- C:\Program Files\0604201316151981.bat
[2013/05/12 18:43:04 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Ament.ini
[2013/04/03 15:07:22 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2013/03/01 20:59:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2013/02/28 15:58:45 | 000,000,079 | ---- | C] () -- C:\WINDOWS\ENX130.ini
[2012/08/11 09:39:16 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\dt.dat
[2012/06/27 10:52:12 | 000,246,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/23 21:07:33 | 000,000,072 | ---- | C] () -- C:\WINDOWS\tvml.INI
[2012/06/20 20:43:25 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SPADES~1.INI
[2012/02/20 21:36:32 | 000,000,185 | ---- | C] () -- C:\WINDOWS\HEARTS~1.INI
[2012/02/15 08:36:28 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/01 10:20:00 | 000,000,022 | ---- | C] () -- C:\WINDOWS\CRIBBA~1.INI
[2011/10/16 18:45:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ds.INI
[2011/10/16 18:44:08 | 000,000,029 | ---- | C] () -- C:\WINDOWS\NGOptimz.INI
[2011/10/15 10:18:25 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll
[2011/03/24 21:24:37 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/19 11:43:08 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\setup_ldm.iss
[2011/03/19 00:06:53 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\FASTWiz.html
 
========== ZeroAccess Check ==========
 
[2012/06/13 21:02:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/12/20 18:15:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/08/21 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1BA9C8DC
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C5B78274

< End of report >

 

 

 

OTL Extras logfile created on: 9/16/2013 12:00:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 64.33% Memory free
2.57 Gb Paging File | 1.93 Gb Available in Paging File | 75.08% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.27 Gb Total Space | 21.92 Gb Free Space | 58.81% Space Free | Partition Type: NTFS
 
Computer Name: CFI-1E1C37BCEB4 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hta [@ = HemeraThumbnail.Archive] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_USERS\S-1-5-21-736010218-2072973334-1520989802-500\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Administrator\Application Data\File Scout\filescout.exe" /open "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe" = C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe:LocalSubNet:Enabled:Belkin Setup -- (Affinegy, Inc.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
"C:\Program Files\IncrediMail\bin\ImApp.exe" = C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\ImpCnt.exe" = C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\IncrediMail\bin\IncMail.exe" = C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe" = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe:*:Enabled:backWeb-7288971 -- ()
"C:\Program Files\Magentic\bin\Magentic.exe" = C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic
"C:\Program Files\Magentic\bin\MgApp.exe" = C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic
"C:\Program Files\Magentic\bin\MgImp.exe" = C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\ISBTXF1K\incredimail_install[1].exe" = C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\ISBTXF1K\incredimail_install[1].exe:*:Enabled:IncrediMail Installer
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe" = C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe:LocalSubNet:Enabled:Belkin Setup -- (Affinegy, Inc.)
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe" = C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup (HP Deskjet 3520 series) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe" = C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator (HP Deskjet 3520 series) -- (Hewlett-Packard Co.)
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" = C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Network Communicator COM (HP Deskjet 3520 series) -- (Hewlett-Packard Co.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{015E4B8A-29B5-4AE3-BD08-38220FADFF4C}" = aspi
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{469730CC-78DF-4CD3-B286-562D459EA619}" = ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{55FB8585-9F5F-482E-BDE3-57F338C1DE97}" = ArcSoft WebCam Companion 3
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5C2ECF15-B7FF-4E0E-9D00-2000354BD9C2}" = HP Deskjet 3520 series Basic Device Software
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64A90D6D-E741-4BCD-935C-BB09F3AEBF98}" = HP Deskjet 3520 series Product Improvement Study
"{69BD6399-3D8F-45B7-81D9-819361F5101D}" = PCDLNCH
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{788A0222-5690-4212-AA9C-C48FD0E1C9AE}" = Photo Notifier and Animation Creator
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}" = CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}" = ESSANUP
"{A7259DDF-33BC-4E37-B3C9-41AA7AD988F6}" = TPM Device Driver
"{ABE068DF-8DC4-4947-ABFC-DD2B40850225}" = SFR2
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}" = HP Deskjet 3520 series Setup Guide
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}" = HP Deskjet 3520 series Help
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}" = SFR
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}" = ESSAdpt
"{D322A9E3-758B-4D60-A7C4-65C88FD378D0}" = Bing Bar
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F9C62746-BB57-48B2-853D-38DE983A703C}" = IncrediMail
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"8C4A0110061C7DE8FAF26F04E56574C95D322DC2" = Windows Driver Package - Winbond Electronics Corporation Winbond Trusted Platform Module (06/30/2005 5.1.47.2011)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"Data Access Objects (DAO) 3.5" = Data Access Objects (DAO) 3.5
"exent_532150" = Heroes of Hellas
"exent_554750" = Cradle of Rome
"exent_598050" = Mahjong World
"exent_683150" = Time Riddles: The Mansion
"FromDocToPDF_65bar Uninstall Internet Explorer" = FromDocToPDF Internet Explorer Toolbar
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hemera NetGraphics Optimizer for HP" = Hemera NetGraphics Optimizer for HP
"hp deskjet 840c series_Driver" = hp deskjet 840c series
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"Internet Design Shop Gold" = Internet Design Shop Gold
"LTCM Client" = LTCM Client
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PROSet" = Intel® PRO Network Connections Drivers
"QuickTime" = QuickTime
"TeamViewer 8" = TeamViewer 8
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wheel Of Fortune" = Wheel Of Fortune
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/4/2013 8:52:52 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 9/5/2013 8:23:17 PM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 9/5/2013 10:30:42 PM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 9/5/2013 10:30:48 PM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
 
Error - 9/6/2013 11:55:04 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 9/6/2013 11:55:13 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
 
Error - 9/7/2013 8:16:02 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 9/7/2013 8:16:06 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Application Hang | ID = 1001
Description = Fault bucket 1180947459.
 
Error - 9/13/2013 1:09:19 PM | Computer Name = CFI-1E1C37BCEB4 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
 P4 4.3.215.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
 NIL.
 
Error - 9/16/2013 11:58:49 AM | Computer Name = CFI-1E1C37BCEB4 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
 P4 4.3.215.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
 NIL.
 
[ System Events ]
Error - 9/13/2013 5:17:53 PM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   AVGIDSHX
 
Error - 9/14/2013 8:21:14 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7000
Description = The X4HSEx_Pr143 service failed to start due to the following error:
   %%3
 
Error - 9/14/2013 8:21:20 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   AVGIDSHX
 
Error - 9/15/2013 7:04:00 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7000
Description = The X4HSEx_Pr143 service failed to start due to the following error:
   %%3
 
Error - 9/15/2013 7:04:04 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   AVGIDSHX
 
Error - 9/15/2013 7:04:08 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly.  It has done this
 1 time(s).
 
Error - 9/16/2013 8:01:09 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7000
Description = The X4HSEx_Pr143 service failed to start due to the following error:
   %%3
 
Error - 9/16/2013 8:01:18 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   AVGIDSHX
 
Error - 9/16/2013 11:39:22 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7000
Description = The X4HSEx_Pr143 service failed to start due to the following error:
   %%3
 
Error - 9/16/2013 11:39:30 AM | Computer Name = CFI-1E1C37BCEB4 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   AVGIDSHX
 
 
< End of report >
 

Malewarebytes daily log #1

 

2013/09/14 08:20:41 -0400 CFI-1E1C37BCEB4  MESSAGE Starting protection
2013/09/14 08:20:41 -0400 CFI-1E1C37BCEB4  MESSAGE Protection started successfully
2013/09/14 08:20:41 -0400 CFI-1E1C37BCEB4  MESSAGE Starting IP protection
2013/09/14 08:21:47 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection started successfully
2013/09/14 08:24:13 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Executing scheduled update:  Daily
2013/09/14 08:24:33 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Scheduled update executed successfully:  database updated from version v2013.09.13.08 to version v2013.09.14.04
2013/09/14 08:24:33 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Starting database refresh
2013/09/14 08:24:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Stopping IP protection
2013/09/14 08:24:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection stopped successfully
2013/09/14 08:24:42 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Database refreshed successfully
2013/09/14 08:24:42 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Starting IP protection
2013/09/14 08:24:50 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection started successfully
2013/09/14 09:21:07 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/14 09:21:10 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/14 09:21:16 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
 

 

Malewarebytes daily log #2

 

2013/09/16 08:00:16 -0400 CFI-1E1C37BCEB4  MESSAGE Starting protection
2013/09/16 08:00:17 -0400 CFI-1E1C37BCEB4  MESSAGE Protection started successfully
2013/09/16 08:00:17 -0400 CFI-1E1C37BCEB4  MESSAGE Starting IP protection
2013/09/16 08:01:40 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection started successfully
2013/09/16 08:01:40 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:01:41 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:01:42 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:01:43 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:01:47 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:01:53 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:02:06 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:02:33 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:03:26 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:05:12 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:05:15 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: incoming)
2013/09/16 08:06:09 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:11 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:13 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:18 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:27 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:46 -0400 CFI-1E1C37BCEB4 Administrator IP-BLOCK 93.114.45.194 (Type: outgoing)
2013/09/16 08:06:59 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Executing scheduled update:  Daily
2013/09/16 08:07:20 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Scheduled update executed successfully:  database updated from version v2013.09.15.01 to version v2013.09.16.03
2013/09/16 08:07:20 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Starting database refresh
2013/09/16 08:07:21 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Stopping IP protection
2013/09/16 08:07:22 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection stopped successfully
2013/09/16 08:07:30 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Database refreshed successfully
2013/09/16 08:07:30 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Starting IP protection
2013/09/16 08:07:39 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection started successfully
2013/09/16 11:38:46 -0400 CFI-1E1C37BCEB4  MESSAGE Starting protection
2013/09/16 11:38:48 -0400 CFI-1E1C37BCEB4  MESSAGE Protection started successfully
2013/09/16 11:38:48 -0400 CFI-1E1C37BCEB4  MESSAGE Starting IP protection
2013/09/16 11:39:49 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection started successfully
2013/09/16 11:56:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Stopping protection
2013/09/16 11:56:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Protection stopped successfully
2013/09/16 11:56:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Stopping IP protection
2013/09/16 11:56:34 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE IP Protection stopped successfully
2013/09/16 11:56:35 -0400 CFI-1E1C37BCEB4 Administrator MESSAGE Protection stopped
 



#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 16 September 2013 - 03:12 PM

Hello again,

Okay, let's address some of the things in that log before we run a couple of follow-up scans. Then we'll do some updates.

==========

Step :step1:

We need to run an OTL Fix

  • Please reopen otlicon.png on your desktop.
  • Copy and Paste the following code into the customscanfix.png textbox.
    :Services
    X4HSEx_Pr143
    
    :otl
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (Toolbar BHO) - {a235e1e3-6296-4710-af39-104a7faa6c7c} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
    O2 - BHO: (Search Assistant BHO) - {f236ca79-3123-4afb-9f74-e98117ad5625} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
    O3 - HKLM\..\Toolbar: (FromDocToPDF) - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
    O3 - HKU\S-1-5-21-736010218-2072973334-1520989802-500\..\Toolbar\WebBrowser: (FromDocToPDF) - {C66A678D-5E6C-4AF9-8F57-C6192F42CF74} - C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [FromDocToPDF Search Scope Monitor] C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrchMn.exe (MindSpark)
    O4 - HKLM..\Run: [FromDocToPDF_65 Browser Plugin Loader] C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe (VER_COMPANY_NAME)
    O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\.DEFAULT..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Application Data\SearchProtect\bin\cltmng.exe File not found
    O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-18..\Run: [SearchProtect] C:\Documents and Settings\LocalService\Application Data\SearchProtect\bin\cltmng.exe File not found
    O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-21-736010218-2072973334-1520989802-500..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKLM..\RunOnceEx: []  File not found
    O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Product Registration.lnk =  File not found
    
    :commands
    [EMPTYTEMP]
    [EMPTYJAVA]
    
  • Push runfix.png
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

==========

Step :step2:

Run Combofix

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out here or here

Combofix may need to reboot your computer more than once to do its job...this is normal.

You can download Combofix from one of these links.

  • Close any open browsers or any other programs that are open.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you C:\Combofix.txt. Please include that in your next reply.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

==========

Please post both requested logs in your next reply, or let me know if you had any trouble running the steps above!

bloopie


Edited by bloopie, 16 September 2013 - 08:43 PM.


#9 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 16 September 2013 - 07:22 PM

Hi bloopie,

 

The OTL fix script isn't working.  It hangs right from the beginning with the status bar at the bottom of the window saying "Killing processes.  DO NOT INTERUPT."  But nothing ever happens.  Even after an hour.  I've tried running it with all virus protection off and have even talked my Mom through initiating the fix so that Team Viewer wasn't running... nothing gets it past that point.

 

Any ideas?

 

FYI - I will be offline tomorrow.

 

 

Thanks,

Dan



#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 16 September 2013 - 08:42 PM

Hello again,

Please then proceed with Step :step2: from the above instructions and let me know how that went.

bloopie



#11 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 18 September 2013 - 02:26 PM

Hi bloopie,

 

I discovered an old version of AVG still runing on the computer which I uninstalled.  This allowed me to run the OTL scan (log below).  However I could not run the Combo Fix.  The scan starts but hangs after about 10 minutes (I did not click the windw as instructed).

 

Thanks,

Dan

 

All processes killed
========== SERVICES/DRIVERS ==========
Service X4HSEx_Pr143 stopped successfully!
Service X4HSEx_Pr143 deleted successfully!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a235e1e3-6296-4710-af39-104a7faa6c7c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a235e1e3-6296-4710-af39-104a7faa6c7c}\ deleted successfully.
C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f236ca79-3123-4afb-9f74-e98117ad5625}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f236ca79-3123-4afb-9f74-e98117ad5625}\ deleted successfully.
C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrcAs.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c66a678d-5e6c-4af9-8f57-c6192f42cf74} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c66a678d-5e6c-4af9-8f57-c6192f42cf74}\ deleted successfully.
File C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}\ not found.
File C:\Program Files\FromDocToPDF_65\bar\1.bin\65bar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FromDocToPDF Search Scope Monitor deleted successfully.
C:\Program Files\FromDocToPDF_65\bar\1.bin\65SrchMn.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FromDocToPDF_65 Browser Plugin Loader deleted successfully.
C:\Program Files\FromDocToPDF_65\bar\1.bin\65brmon.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_USERS\S-1-5-21-736010218-2072973334-1520989802-500\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\ not found.
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Product Registration.lnk moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 65238381 bytes
->Temporary Internet Files folder emptied: 48578321 bytes
->Java cache emptied: 94533654 bytes
->Google Chrome cache emptied: 883001 bytes
->Flash cache emptied: 3107 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 11238403 bytes
 
User: NetworkService
->Temp folder emptied: 2953416 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 3308057 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 280998786 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 163334143 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4425448 bytes
 
Total Files Cleaned = 644.00 mb
 
 
[EMPTYJAVA]
 
User: Administrator
->Java cache emptied: 0 bytes
 
User: All Users
 
User: Default User
 
User: LocalService
 
User: NetworkService
 
Total Java Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 09182013_142443

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



#12 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 18 September 2013 - 05:22 PM

Hello again,

Try running Combofix again. At times, it may appear to hang. But on infected machines the scan can take much longer.

Here's a tip...when Combofix appears to hang, check the computer clock. If the clock is still running, then Combofix is still running.

Let me know how that works!

bloopie

#13 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 19 September 2013 - 02:24 PM

Hi bloopie,

 

The same thing happens.  Combofix runs for a few minutes and then hangs.  The clock stops and the drive quits spinning.

 

I think I may have found one of the issues.  When I was shutting off the antivirus I noticed an old AVG firewall still running.  This is odd because that program was uninstalled a while back and no longer appears in either the Add/Remove list or in the start menu. 

 

I did find AVG folders in the Program Files folder and tried to turn it off by running the AVGUI.exe file.  But the UI is obviously corrupt because the menus are all screwed up and parts of the window are missing (see through to the desktop).  I did manage to identify the advanced tools menu though and tried to disable protection for 15 minutes as instructed in the link provideed but that only returned an error.

 

Any ideas?

 

 

Dan



#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:11:39 AM

Posted 20 September 2013 - 08:12 AM

Hello again,

 

If you're still finding remnants of AVG, then run the AVG Removal tool.

 

Run the version that's compatible with your system, and let me know how things are afterwards.

 

bloopie



#15 adman_dan

adman_dan
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:39 AM

Posted 20 September 2013 - 11:41 AM

Hi bloopie,

 

I ran the AVG removal tool. It took about 10 seconds to run the scan and generate the log below.  I can't understand all of it, but it looks to me like it didn't fid it.  That plus the AVG Firewall is still listed as active in the Security Centre control panel as well as the fact that the AVG folders/files are still in the Program Files folder.

 

I ran Combofix again after a restsart anyway and it still hangs.  The drive stops spinning after a few minutes but the clock was still running though (that's new) so I let it sit for over 3 hours.  No results.

 

 

Dan

 

2013-09-20 13:36:26,734 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2013-09-20 13:36:26,765 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2013-09-20 13:36:26,765 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2013-09-20 13:36:26,765 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2013-09-20 13:36:26,765 INFO Command line: "C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2012_2125.exe"
2013-09-20 13:36:26,765 WARN AvgDir param empty.
2013-09-20 13:36:26,765 WARN AvgDataDir param empty.
2013-09-20 13:36:36,781 INFO AvgRemover runs in attempt number 1
2013-09-20 13:36:36,781 INFO Attempting to unregister AVG from the Windows Security Center.
2013-09-20 13:36:36,781 INFO Attempting to uninstall AVG Identity Protection.
2013-09-20 13:36:36,796 INFO Attempting to uninstall toolbar
2013-09-20 13:36:36,796 INFO *****     Msi data     *****
2013-09-20 13:36:36,796 DEBUG No product code found for our upgrade codes, nothing to do here
2013-09-20 13:36:36,796 INFO *****     Exchange&Outlook plugins data     *****
2013-09-20 13:36:36,796 INFO Removing AvgOutlook addin
2013-09-20 13:36:36,796 INFO  AvgOutlook Removing HKCR addin keys x86
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'avgoutlook.Addin': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2013-09-20 13:36:36,796 INFO  AvgOutlook Removing HKCR addin keys x64
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'avgoutlook.Addin': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2013-09-20 13:36:36,796 DEBUG   Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2013-09-20 13:36:36,796 INFO Removing Sharepoint plugin if exists
2013-09-20 13:36:36,796 DEBUG  Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2013-09-20 13:36:36,796 DEBUG  Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2013-09-20 13:36:36,796 INFO Removing Antispam plugin for Exchange 2000/2003 if exists
2013-09-20 13:36:36,796 DEBUG Stopping service 'MSExchangeIS' to remove VSAPI plugin...
2013-09-20 13:36:36,796 DEBUG Service MSExchangeIS Stop failed (error: c0070424)
2013-09-20 13:36:36,796 DEBUG Exchange&Outlook plugins removal failed with error 0xc0070424
2013-09-20 13:36:36,796 INFO *****     Services     *****
2013-09-20 13:36:36,796 INFO Processing service avg8emc, it can take several minutes...
2013-09-20 13:36:36,796 INFO Processing service avgfws8, it can take several minutes...
2013-09-20 13:36:36,796 INFO Processing service avg8wd, it can take several minutes...
2013-09-20 13:36:36,796 INFO Service avg8emc is not installed
2013-09-20 13:36:36,812 INFO Processing service AvgWFPx, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgWFPa, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service avg9wd, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service avgfws8 is not installed
2013-09-20 13:36:36,812 INFO Processing service AvgMfx86, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service avg8wd is not installed
2013-09-20 13:36:36,812 INFO Processing service AvgLdx86, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgMfx64, it can take several minutes...
2013-09-20 13:36:36,812 DEBUG Service avg8emc RegCleanup
2013-09-20 13:36:36,812 INFO Processing service AvgTdiX, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgRkx86, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgWfpX, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service avg9emc, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service AvgWFPx is not installed
2013-09-20 13:36:36,812 INFO Processing service avgfws, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSWatcher, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service AvgWFPa is not installed
2013-09-20 13:36:36,812 INFO Processing service AvgLdx64, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service avg9wd is not installed
2013-09-20 13:36:36,812 INFO Processing service AVGIDSShimxpx, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSDriverxpx, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSAgent, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service avgfws9, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgRkx64, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgWfpA, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AvgTdiA, it can take several minutes...
2013-09-20 13:36:36,812 DEBUG Service avgfws8 RegCleanup
2013-09-20 13:36:36,812 INFO Processing service AVGIDSFilterxpx, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSFiltervtx, it can take several minutes...
2013-09-20 13:36:36,812 INFO Service AvgMfx86 is not installed
2013-09-20 13:36:36,812 DEBUG Service avg8wd RegCleanup
2013-09-20 13:36:36,812 INFO Processing service AVGIDSDriverw7x, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSShimw7x, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSFiltervta, it can take several minutes...
2013-09-20 13:36:36,812 INFO Processing service AVGIDSErHrw7x, it can take several minutes...
2013-09-20 13:36:36,828 INFO Service AvgLdx86 is not installed
2013-09-20 13:36:36,828 INFO Processing service AVGIDSErHrvtx, it can take several minutes...
2013-09-20 13:36:36,828 INFO Processing service AVGIDSDriverw7a, it can take several minutes...
2013-09-20 13:36:36,859 INFO Processing service avgwd, it can take several minutes...
2013-09-20 13:36:36,859 DEBUG Registry keys for service avg8emc are not present
2013-09-20 13:36:36,859 INFO Service AvgMfx64 is not installed
2013-09-20 13:36:36,859 INFO Service AvgTdiX is not installed
2013-09-20 13:36:36,859 INFO Processing service AVGIDSShimvtx, it can take several minutes...
2013-09-20 13:36:36,859 INFO Processing service AVGIDSDrivervtx, it can take several minutes...
2013-09-20 13:36:36,859 INFO Service AvgRkx86 is not installed
2013-09-20 13:36:36,859 INFO Processing service AVGIDSFilterw7x, it can take several minutes...
2013-09-20 13:36:36,859 INFO Service AvgWfpX is not installed
2013-09-20 13:36:36,859 INFO Processing service AVGIDSDrivervta, it can take several minutes...
2013-09-20 13:36:36,875 INFO Processing service AVGIDSFilterw7a, it can take several minutes...
2013-09-20 13:36:36,875 INFO Processing service AVGIDSErHrxpx, it can take several minutes...
2013-09-20 13:36:36,875 INFO Processing service AVGIDSErHrw7a, it can take several minutes...
2013-09-20 13:36:36,875 INFO Service avgfws is not installed
2013-09-20 13:36:36,875 INFO Service AVGIDSWatcher is not installed
2013-09-20 13:36:36,875 DEBUG Service AvgWFPa RegCleanup
2013-09-20 13:36:36,875 INFO Processing service AVGIDSErHrvta, it can take several minutes...
2013-09-20 13:36:36,890 INFO Service avg9emc is not installed
2013-09-20 13:36:36,890 INFO Service avgfws9 is not installed
2013-09-20 13:36:36,890 INFO Service AvgRkx64 is not installed
2013-09-20 13:36:36,890 INFO Service AvgWfpA is not installed
2013-09-20 13:36:36,890 DEBUG Registry keys for service avgfws8 are not present
2013-09-20 13:36:36,890 INFO Service AvgTdiA is not installed
2013-09-20 13:36:36,890 INFO Service AVGIDSFilterxpx is not installed
2013-09-20 13:36:36,890 INFO Service AVGIDSFiltervtx is not installed
2013-09-20 13:36:36,890 DEBUG Service AvgMfx86 RegCleanup
2013-09-20 13:36:36,890 DEBUG Registry keys for service avg8wd are not present
2013-09-20 13:36:36,890 INFO Service AVGIDSDriverw7x is not installed
2013-09-20 13:36:36,890 INFO Service AVGIDSShimw7x is not installed
2013-09-20 13:36:36,890 INFO Service AVGIDSFiltervta is not installed
2013-09-20 13:36:36,906 INFO Service AVGIDSErHrw7x is not installed
2013-09-20 13:36:36,906 DEBUG Service AvgLdx86 RegCleanup
2013-09-20 13:36:36,906 INFO Service AVGIDSErHrvtx is not installed
2013-09-20 13:36:36,906 INFO Service AVGIDSDriverw7a is not installed
2013-09-20 13:36:36,906 INFO Service avgwd is not installed
2013-09-20 13:36:36,906 DEBUG Service AvgMfx64 RegCleanup
2013-09-20 13:36:36,906 DEBUG Service AvgTdiX RegCleanup
2013-09-20 13:36:36,906 INFO Service AVGIDSShimvtx is not installed
2013-09-20 13:36:36,906 INFO Service AVGIDSAgent is not installed
2013-09-20 13:36:36,906 INFO Service AVGIDSDrivervtx is not installed
2013-09-20 13:36:36,906 INFO Service AVGIDSFilterw7x is not installed
2013-09-20 13:36:36,906 DEBUG Service AvgRkx86 RegCleanup
2013-09-20 13:36:36,906 INFO Service AVGIDSDriverxpx is not installed
2013-09-20 13:36:36,906 DEBUG Service AvgWfpX RegCleanup
2013-09-20 13:36:36,921 DEBUG Service avg9wd RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AvgWFPx RegCleanup
2013-09-20 13:36:36,921 INFO Service AvgLdx64 is not installed
2013-09-20 13:36:36,921 INFO Service AVGIDSShimxpx is not installed
2013-09-20 13:36:36,921 INFO Service AVGIDSDrivervta is not installed
2013-09-20 13:36:36,921 INFO Service AVGIDSErHrxpx is not installed
2013-09-20 13:36:36,921 INFO Service AVGIDSFilterw7a is not installed
2013-09-20 13:36:36,921 INFO Service AVGIDSErHrw7a is not installed
2013-09-20 13:36:36,921 DEBUG Service avgfws RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AVGIDSWatcher RegCleanup
2013-09-20 13:36:36,921 INFO Service AVGIDSErHrvta is not installed
2013-09-20 13:36:36,921 DEBUG Registry keys for service AvgWFPa are not present
2013-09-20 13:36:36,921 DEBUG Service avg9emc RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AvgRkx64 RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AvgWfpA RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AvgTdiA RegCleanup
2013-09-20 13:36:36,921 DEBUG Service AVGIDSFilterxpx RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSFiltervtx RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgMfx86 are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSDriverw7x RegCleanup
2013-09-20 13:36:36,937 DEBUG Service avgfws9 RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSShimw7x RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSFiltervta RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSErHrw7x RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgLdx86 are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSDriverw7a RegCleanup
2013-09-20 13:36:36,937 DEBUG Service avgwd RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgTdiX are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSShimvtx RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgMfx64 are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSDrivervtx RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSAgent RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSFilterw7x RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgRkx86 are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSDriverxpx RegCleanup
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgWfpX are not present
2013-09-20 13:36:36,937 DEBUG Registry keys for service avg9wd are not present
2013-09-20 13:36:36,937 DEBUG Registry keys for service AvgWFPx are not present
2013-09-20 13:36:36,937 DEBUG Service AVGIDSErHrvtx RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AvgLdx64 RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSShimxpx RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSDrivervta RegCleanup
2013-09-20 13:36:36,937 DEBUG Service AVGIDSErHrxpx RegCleanup
2013-09-20 13:36:37,000 DEBUG Service AVGIDSFilterw7a RegCleanup
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSWatcher are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service avgfws are not present
2013-09-20 13:36:37,000 DEBUG Service AVGIDSErHrw7a RegCleanup
2013-09-20 13:36:37,000 DEBUG Registry keys for service avg9emc are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AvgRkx64 are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSFiltervta are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service avgwd are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSAgent are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSShimvtx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSShimxpx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSShimw7x are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AvgLdx64 are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service avgfws9 are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2013-09-20 13:36:37,000 DEBUG Service AVGIDSErHrvta RegCleanup
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSDrivervta are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AvgWfpA are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSErHrvta are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2013-09-20 13:36:37,000 DEBUG Registry keys for service AvgTdiA are not present
2013-09-20 13:36:37,015 INFO *****     Avg Fw NDIS driver(separate process)     *****
2013-09-20 13:36:37,109 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2013-09-20 13:36:37,109 DEBUG Deleting stuck RunOnce value from registry.
2013-09-20 13:36:37,109 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2013-09-20 13:36:37,109 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2013-09-20 13:36:37,109 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2013-09-20 13:36:37,109 INFO Command line: "C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2012_2125.exe"  /ndisonly /skipask
2013-09-20 13:36:37,109 WARN AvgDir param empty.
2013-09-20 13:36:37,109 WARN AvgDataDir param empty.
2013-09-20 13:36:37,109 INFO AvgRemover runs in attempt number 1
2013-09-20 13:36:37,109 INFO *****     Avg Fw NDIS driver     *****
2013-09-20 13:36:37,109 INFO ...this operation can take several minutes...
2013-09-20 13:36:37,109 INFO FW removing policy
2013-09-20 13:36:38,093 INFO FW NDIS driver not present
2013-09-20 13:36:38,109 DEBUG Remove NDIS driver pass, next uninstalation step is 10, old was 1
2013-09-20 13:36:38,109 INFO *****     end of Fw NDIS separated process     *****
2013-09-20 13:36:38,109 INFO *****     Drivers     *****
2013-09-20 13:36:38,109 INFO *****     Running AVG process     *****
2013-09-20 13:36:39,546 INFO *****     Registry keys and values     *****
2013-09-20 13:36:39,562 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-09-20 13:36:39,562 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2013-09-20 13:36:39,562 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2013-09-20 13:36:39,562 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-09-20 13:36:39,562 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2013-09-20 13:36:39,562 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2013-09-20 13:36:39,562 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-09-20 13:36:39,562 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1E73965B-8B48-48be-9C8D-68B920ABC1C4} Remove
2013-09-20 13:36:39,562 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2013-09-20 13:36:39,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2013-09-20 13:36:39,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt ForceRemove
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt not found
2013-09-20 13:36:39,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt
2013-09-20 13:36:39,578 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt ForceRemove
2013-09-20 13:36:39,578 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2013-09-20 13:36:39,593 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2013-09-20 13:36:39,593 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2013-09-20 13:36:39,593 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2013-09-20 13:36:39,593 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2013-09-20 13:36:39,593 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2013-09-20 13:36:39,593 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2013-09-20 13:36:39,593 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:39,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:39,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2013-09-20 13:36:39,609 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:39,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:39,609 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension not present - Key not found
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension not present - Key not found
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2013-09-20 13:36:39,609 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2013-09-20 13:36:39,609 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-09-20 13:36:39,609 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2013-09-20 13:36:39,609 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-09-20 13:36:39,625 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2013-09-20 13:36:39,625 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-09-20 13:36:39,625 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2013-09-20 13:36:39,625 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-09-20 13:36:39,625 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2013-09-20 13:36:39,625 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-09-20 13:36:39,625 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2013-09-20 13:36:39,625 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2013-09-20 13:36:39,625 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2013-09-20 13:36:39,625 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2013-09-20 13:36:39,625 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-09-20 13:36:39,640 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-09-20 13:36:39,640 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-09-20 13:36:39,703 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-09-20 13:36:39,703 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-09-20 13:36:39,703 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2013-09-20 13:36:39,703 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\.avgdi
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdi not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,718 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,718 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2013-09-20 13:36:39,734 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2013-09-20 13:36:39,734 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2013-09-20 13:36:39,750 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2013-09-20 13:36:39,750 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-09-20 13:36:39,765 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2013-09-20 13:36:39,765 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2013-09-20 13:36:39,765 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-09-20 13:36:39,765 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2013-09-20 13:36:39,765 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2013-09-20 13:36:39,765 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2013-09-20 13:36:39,796 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2013-09-20 13:36:39,796 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2013-09-20 13:36:39,796 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\Control\GroupOrderList
2013-09-20 13:36:39,796 DEBUG Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG Remove
2013-09-20 13:36:39,796 INFO Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG is not present
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\Avg
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avg ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avg not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\Avgfwfd
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\AVG Security Toolbar Service
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\Avgfws
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avgfws ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\Avgfws not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSAgent
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSDriver
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver ForceRemove
2013-09-20 13:36:39,796 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver not found
2013-09-20 13:36:39,796 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSEH
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSFilter
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgldx64
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgldx86
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx64
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx86
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx64
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx86
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgtdia
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgtdia ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgtdia not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgtdix
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgtdix ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgtdix not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgwd
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgwd ForceRemove
2013-09-20 13:36:39,812 DEBUG Key SYSTEM\ControlSet001\services\avgwd not found
2013-09-20 13:36:39,812 INFO Processing registry SYSTEM\ControlSet001\services\avgfwdx
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet001\services\avgfwda
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgfwda ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgfwda not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpa
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpx
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2013-09-20 13:36:39,828 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2013-09-20 13:36:39,828 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2013-09-20 13:36:39,843 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2013-09-20 13:36:39,843 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2013-09-20 13:36:39,843 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2013-09-20 13:36:39,843 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2013-09-20 13:36:39,859 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2013-09-20 13:36:39,859 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2013-09-20 13:36:39,859 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2013-09-20 13:36:39,859 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgfwdx
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgfwda
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgfwda ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgfwda not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgwfpa
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwfpa ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwfpa not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\avgwfpx
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwfpx ForceRemove
2013-09-20 13:36:39,875 DEBUG Key SYSTEM\ControlSet002\services\avgwfpx not found
2013-09-20 13:36:39,875 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2013-09-20 13:36:39,890 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2013-09-20 13:36:39,890 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2013-09-20 13:36:39,906 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER not found
2013-09-20 13:36:39,906 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2013-09-20 13:36:39,937 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 not found
2013-09-20 13:36:39,937 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX ForceRemove
2013-09-20 13:36:39,953 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX not found
2013-09-20 13:36:39,953 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2013-09-20 13:36:39,968 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 not found
2013-09-20 13:36:39,968 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 not found
2013-09-20 13:36:39,984 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 not found
2013-09-20 13:36:39,984 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX ForceRemove
2013-09-20 13:36:39,984 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX not found
2013-09-20 13:36:39,984 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA
2013-09-20 13:36:40,000 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA ForceRemove
2013-09-20 13:36:40,000 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA not found
2013-09-20 13:36:40,000 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2013-09-20 13:36:40,015 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER not found
2013-09-20 13:36:40,015 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX ForceRemove
2013-09-20 13:36:40,031 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX not found
2013-09-20 13:36:40,031 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX ForceRemove
2013-09-20 13:36:40,046 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX not found
2013-09-20 13:36:40,046 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA
2013-09-20 13:36:40,078 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\Clients
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\Clients not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG8
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG8 not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG9
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG9 not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG10
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG10 not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG10
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG10 not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG2012
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG2012
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG2012 not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG IDS
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2013-09-20 13:36:40,078 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2013-09-20 13:36:40,078 INFO Processing registry SOFTWARE\AVG\AVG IDS
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG
2013-09-20 13:36:40,093 DEBUG Value SOFTWARE\AVG:DumpType Remove
2013-09-20 13:36:40,093 INFO Value SOFTWARE\AVG:DumpType is not present
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Remove
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Remove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG Security Toolbar
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG Security Toolbar
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG Secure Search
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Secure Search ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Secure Search not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG Secure Search
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Secure Search ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG Secure Search not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG\AVG8
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2013-09-20 13:36:40,093 DEBUG Key SOFTWARE\AVG\AVG8 not found
2013-09-20 13:36:40,093 INFO Processing registry SOFTWARE\AVG\AVG9
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG9 not found
2013-09-20 13:36:40,109 INFO Processing registry SOFTWARE\AVG\AVG10
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG10 not found
2013-09-20 13:36:40,109 INFO Processing registry SOFTWARE\AVG\AVG10
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG10 not found
2013-09-20 13:36:40,109 INFO Processing registry SOFTWARE\AVG\AVG2012
2013-09-20 13:36:40,109 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2013-09-20 13:36:40,125 INFO Processing registry SOFTWARE\AVG\AVG2012
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG\AVG2012 not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\AVG
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Remove
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\AVG
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Remove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\AVG Security Toolbar
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\AVG Security Toolbar
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2013-09-20 13:36:40,140 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2013-09-20 13:36:40,140 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867}
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867} ForceRemove
2013-09-20 13:36:40,140 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867} not found
2013-09-20 13:36:40,140 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2013-09-20 13:36:40,140 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2013-09-20 13:36:40,140 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\AppDataLow\Avg
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\AppDataLow\Avg ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\AppDataLow\Avg not found
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\AppDataLow\Software\AVG Security Toolbar
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar not found
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-09-20 13:36:40,156 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,156 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-09-20 13:36:40,156 INFO Processing registry .avgdxa
2013-09-20 13:36:40,156 DEBUG Key .avgdxa ForceRemove
2013-09-20 13:36:40,156 DEBUG Key .avgdxa not found
2013-09-20 13:36:40,156 INFO Processing registry aAvgAPI.AvgBro
2013-09-20 13:36:40,156 DEBUG Key aAvgAPI.AvgBro ForceRemove
2013-09-20 13:36:40,156 DEBUG Key aAvgAPI.AvgBro not found
2013-09-20 13:36:40,156 INFO Processing registry AVG.Office
2013-09-20 13:36:40,156 DEBUG Key AVG.Office ForceRemove
2013-09-20 13:36:40,156 DEBUG Key AVG.Office not found
2013-09-20 13:36:40,156 INFO Processing registry AVG.Office.8
2013-09-20 13:36:40,156 DEBUG Key AVG.Office.8 ForceRemove
2013-09-20 13:36:40,156 DEBUG Key AVG.Office.8 not found
2013-09-20 13:36:40,156 INFO Processing registry AvgDiagFile
2013-09-20 13:36:40,156 DEBUG Key AvgDiagFile ForceRemove
2013-09-20 13:36:40,156 DEBUG Key AvgDiagFile not found
2013-09-20 13:36:40,156 INFO Processing registry AvgDiagExFile
2013-09-20 13:36:40,171 DEBUG Key AvgDiagExFile ForceRemove
2013-09-20 13:36:40,171 DEBUG Key AvgDiagExFile not found
2013-09-20 13:36:40,171 INFO Processing registry avgtoolbar.AVGTOOLBAR
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2013-09-20 13:36:40,171 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2013-09-20 13:36:40,171 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2013-09-20 13:36:40,171 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2013-09-20 13:36:40,171 INFO Processing registry LinkScannerIE.NavFilter
2013-09-20 13:36:40,171 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2013-09-20 13:36:40,171 DEBUG Key LinkScannerIE.NavFilter not found
2013-09-20 13:36:40,171 INFO Processing registry LinkScannerIE.NavFilter.1
2013-09-20 13:36:40,171 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2013-09-20 13:36:40,171 DEBUG Key LinkScannerIE.NavFilter.1 not found
2013-09-20 13:36:40,171 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2013-09-20 13:36:40,171 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2013-09-20 13:36:40,171 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2013-09-20 13:36:40,171 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2013-09-20 13:36:40,171 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2013-09-20 13:36:40,171 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2013-09-20 13:36:40,171 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,171 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,171 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-09-20 13:36:40,171 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-09-20 13:36:40,203 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-09-20 13:36:40,203 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-09-20 13:36:40,203 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2013-09-20 13:36:40,218 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2013-09-20 13:36:40,218 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2013-09-20 13:36:40,218 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2013-09-20 13:36:40,218 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:40,218 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:40,218 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2013-09-20 13:36:40,218 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2013-09-20 13:36:40,218 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2013-09-20 13:36:40,218 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2013-09-20 13:36:40,218 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2013-09-20 13:36:40,218 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2013-09-20 13:36:40,218 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2013-09-20 13:36:40,218 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-09-20 13:36:40,218 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-09-20 13:36:40,218 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2013-09-20 13:36:40,218 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2013-09-20 13:36:40,218 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-09-20 13:36:40,234 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-09-20 13:36:40,234 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-09-20 13:36:40,234 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-09-20 13:36:40,234 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-09-20 13:36:40,250 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-09-20 13:36:40,250 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-09-20 13:36:40,250 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-09-20 13:36:40,250 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-09-20 13:36:40,250 DEBUG Removing Session Manager values
2013-09-20 13:36:40,250 DEBUG Registry remover failed for some registry item(s)
2013-09-20 13:36:40,250 INFO *****     Files and folders     *****
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 0
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 1
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 2
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 3
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 4
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 5
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 6
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 7
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 8
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 9
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 10
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 11
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 12
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 13
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 14
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 15
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 16
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 17
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 18
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 19
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 20
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 21
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 22
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 23
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 24
2013-09-20 13:36:40,250 DEBUG Missing ParentDir path for fileItem number 25
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR'
2013-09-20 13:36:40,250 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR' not found
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0'
2013-09-20 13:36:40,250 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0' not found
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0'
2013-09-20 13:36:40,250 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0' not found
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5'
2013-09-20 13:36:40,250 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5' not found
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5'
2013-09-20 13:36:40,250 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5' not found
2013-09-20 13:36:40,250 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk'
2013-09-20 13:36:40,250 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk' not found
2013-09-20 13:36:40,281 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk'
2013-09-20 13:36:40,281 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk' not found
2013-09-20 13:36:40,281 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk'
2013-09-20 13:36:40,281 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk' not found
2013-09-20 13:36:40,281 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk'
2013-09-20 13:36:40,281 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk' not found
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 36
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 37
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 38
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 39
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 40
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 41
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 42
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 43
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 44
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 45
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 46
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 47
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 48
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 49
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 50
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 51
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 52
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 53
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 54
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 55
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 56
2013-09-20 13:36:40,281 DEBUG Missing ParentDir path for fileItem number 57
2013-09-20 13:36:40,281 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages'
2013-09-20 13:36:40,281 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages' not found
2013-09-20 13:36:40,281 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update'
2013-09-20 13:36:40,281 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update' not found
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar'
2013-09-20 13:36:40,296 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar' not found
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0'
2013-09-20 13:36:40,296 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0' not found
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0'
2013-09-20 13:36:40,296 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0' not found
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk'
2013-09-20 13:36:40,296 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk' not found
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk'
2013-09-20 13:36:40,296 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk' not found
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 66
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 67
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 68
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 69
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 70
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 71
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 72
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 73
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 74
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 75
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 76
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 77
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 78
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 79
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 80
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 81
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 82
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 83
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 84
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 85
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 86
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 87
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 88
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 89
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 90
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 91
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 92
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 93
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 94
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 95
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 96
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 97
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 98
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 99
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 100
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 101
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 102
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 103
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 104
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 105
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 106
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 107
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 108
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 109
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 110
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 111
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 112
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 113
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 114
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 115
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 116
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 117
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 118
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 119
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 120
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 121
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 122
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 123
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 124
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 125
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 126
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 127
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 128
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 129
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 130
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 131
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 132
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 133
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 134
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 135
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 136
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 137
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 138
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 139
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 140
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 141
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 142
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 143
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 144
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 145
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 146
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 147
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 148
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 149
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 150
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 151
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 152
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 153
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 154
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 155
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 156
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 157
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 158
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 159
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 160
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 161
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 162
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 163
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 164
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 165
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 166
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 167
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 168
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 169
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 170
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 171
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 172
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 173
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 174
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 175
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 176
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 177
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 178
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 179
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 180
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 181
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 182
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 183
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 184
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 185
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 186
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 187
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 188
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 189
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 190
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 191
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 192
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 193
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 194
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 195
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 196
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 197
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 198
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 199
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 200
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 201
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 202
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 203
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 204
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 205
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 206
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 207
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 208
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 209
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 210
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 211
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 212
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 213
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 214
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 215
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 216
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 217
2013-09-20 13:36:40,296 DEBUG Missing ParentDir path for fileItem number 218
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,296 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\AVG'
2013-09-20 13:36:40,312 INFO Directory 'C:\WINDOWS\System32\Drivers\AVG' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsdriverx.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsdriverx.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsdrivera.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsdrivera.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsehx.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsehx.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidseha.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidseha.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsfilterx.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsfilterx.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsfiltera.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsfiltera.sys' not found
2013-09-20 13:36:40,312 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsshimx.sys'
2013-09-20 13:36:40,312 INFO File 'C:\WINDOWS\System32\Drivers\avgidsshimx.sys' not found
2013-09-20 13:36:40,343 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsshimw8x.sys'
2013-09-20 13:36:40,343 INFO File 'C:\WINDOWS\System32\Drivers\avgidsshimw8x.sys' not found
2013-09-20 13:36:40,343 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsuniversalddx.sys'
2013-09-20 13:36:40,343 INFO File 'C:\WINDOWS\System32\Drivers\avgidsuniversalddx.sys' not found
2013-09-20 13:36:40,343 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsuniversaldda.sys'
2013-09-20 13:36:40,343 INFO File 'C:\WINDOWS\System32\Drivers\avgidsuniversaldda.sys' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\WINDOWS\System32'
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2013-09-20 13:36:40,359 INFO Directory 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2013-09-20 13:36:40,359 DEBUG Missing ParentDir path for fileItem number 238
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011'
2013-09-20 13:36:40,359 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk'
2013-09-20 13:36:40,359 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk'
2013-09-20 13:36:40,359 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk' not found
2013-09-20 13:36:40,359 DEBUG Processing item 'C:\WINDOWS\SysWOW64\Drivers\AVG'
2013-09-20 13:36:40,359 INFO Directory 'C:\WINDOWS\SysWOW64\Drivers\AVG' not found
2013-09-20 13:36:40,375 DEBUG Missing ParentDir path for fileItem number 249
2013-09-20 13:36:40,375 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\logs'
2013-09-20 13:36:40,375 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\logs' not found
2013-09-20 13:36:40,375 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\pack'
2013-09-20 13:36:40,375 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\pack' not found
2013-09-20 13:36:40,375 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\mkt'
2013-09-20 13:36:40,375 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\mkt' not found
2013-09-20 13:36:40,375 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData'
2013-09-20 13:36:40,375 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\public_installation_log.xml' in whitelist
2013-09-20 13:36:40,390 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\public_installation_log.xml' deleted
2013-09-20 13:36:40,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\setup_tp.cab' in whitelist
2013-09-20 13:36:40,406 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\setup_tp.cab' deleted
2013-09-20 13:36:40,421 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\state.dat' in whitelist
2013-09-20 13:36:40,421 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\state.dat' deleted
2013-09-20 13:36:40,421 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\sucamp.html' in whitelist
2013-09-20 13:36:40,421 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\sucamp.html' deleted
2013-09-20 13:36:40,421 DEBUG Directory C:\Documents and Settings\All Users\Application Data\MFAData not deleted (error c0070091)
2013-09-20 13:36:40,421 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupCoreBackup'
2013-09-20 13:36:40,437 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupCoreBackup' not found
2013-09-20 13:36:40,437 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupBackup'
2013-09-20 13:36:40,453 INFO Trying HardForce delete 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupBackup'
2013-09-20 13:36:40,765 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupBackup' deleted
2013-09-20 13:36:40,765 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw'
2013-09-20 13:36:40,812 INFO Trying HardForce delete 'C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw'
2013-09-20 13:36:41,312 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw' deleted
2013-09-20 13:36:41,328 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam'
2013-09-20 13:36:41,375 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\errorAi1ezAfS.gz' in whitelist
2013-09-20 13:36:41,390 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\errorAi1ezAfS.gz' deleted
2013-09-20 13:36:41,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\errorW8cBQArf.gz' in whitelist
2013-09-20 13:36:41,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\errorW8cBQArf.gz' deleted
2013-09-20 13:36:41,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatAw9JR7wW.gz' in whitelist
2013-09-20 13:36:41,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatAw9JR7wW.gz' deleted
2013-09-20 13:36:41,421 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatGtJanCN1.gz' in whitelist
2013-09-20 13:36:41,421 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatGtJanCN1.gz' deleted
2013-09-20 13:36:41,437 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatLV0chabB.gz' in whitelist
2013-09-20 13:36:41,437 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\mstatLV0chabB.gz' deleted
2013-09-20 13:36:41,453 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin' in whitelist
2013-09-20 13:36:41,453 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin' deleted
2013-09-20 13:36:41,453 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.full.2012.05.30.23.18.22' in whitelist
2013-09-20 13:36:41,453 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.full.2012.05.30.23.18.22' deleted
2013-09-20 13:36:41,453 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.01.21.58.46' in whitelist
2013-09-20 13:36:41,453 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.01.21.58.46' deleted
2013-09-20 13:36:41,453 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.04.18.48.58' in whitelist
2013-09-20 13:36:41,453 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.04.18.48.58' deleted
2013-09-20 13:36:41,468 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.04.18.59.22' in whitelist
2013-09-20 13:36:41,468 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.04.18.59.22' deleted
2013-09-20 13:36:41,468 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.06.22.54.35' in whitelist
2013-09-20 13:36:41,468 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.06.22.54.35' deleted
2013-09-20 13:36:41,468 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.05.38.28' in whitelist
2013-09-20 13:36:41,468 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.05.38.28' deleted
2013-09-20 13:36:41,500 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.21.50.58' in whitelist
2013-09-20 13:36:41,500 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.21.50.58' deleted
2013-09-20 13:36:41,500 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.22.13.11' in whitelist
2013-09-20 13:36:41,500 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.10.22.13.11' deleted
2013-09-20 13:36:41,500 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.11.22.20.14' in whitelist
2013-09-20 13:36:41,500 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.11.22.20.14' deleted
2013-09-20 13:36:41,515 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.12.17.35.09' in whitelist
2013-09-20 13:36:41,515 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.12.17.35.09' deleted
2013-09-20 13:36:41,515 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.13.03.43.53' in whitelist
2013-09-20 13:36:41,546 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.13.03.43.53' deleted
2013-09-20 13:36:41,562 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.13.19.01.52' in whitelist
2013-09-20 13:36:41,578 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.incr.2012.06.13.19.01.52' deleted
2013-09-20 13:36:41,593 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.tmp' in whitelist
2013-09-20 13:36:41,703 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc1.bin.tmp' deleted
2013-09-20 13:36:41,703 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc14.bin.full.2006.06.27.17.01.01' in whitelist
2013-09-20 13:36:41,734 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc14.bin.full.2006.06.27.17.01.01' deleted
2013-09-20 13:36:41,750 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.full.2012.06.10.11.22.29' in whitelist
2013-09-20 13:36:41,750 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.full.2012.06.10.11.22.29' deleted
2013-09-20 13:36:41,750 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.10.13.01.02' in whitelist
2013-09-20 13:36:41,765 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.10.13.01.02' deleted
2013-09-20 13:36:41,765 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.10.20.01.01' in whitelist
2013-09-20 13:36:41,765 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.10.20.01.01' deleted
2013-09-20 13:36:41,765 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.02.01.00' in whitelist
2013-09-20 13:36:41,765 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.02.01.00' deleted
2013-09-20 13:36:41,765 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.07.01.01' in whitelist
2013-09-20 13:36:41,765 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.07.01.01' deleted
2013-09-20 13:36:41,765 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.08.01.01' in whitelist
2013-09-20 13:36:41,765 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.08.01.01' deleted
2013-09-20 13:36:41,781 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.09.01.01' in whitelist
2013-09-20 13:36:41,781 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.09.01.01' deleted
2013-09-20 13:36:41,781 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.10.01.01' in whitelist
2013-09-20 13:36:41,796 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.10.01.01' deleted
2013-09-20 13:36:41,812 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.11.01.00' in whitelist
2013-09-20 13:36:41,828 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.11.01.00' deleted
2013-09-20 13:36:41,828 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.12.01.01' in whitelist
2013-09-20 13:36:41,828 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.12.01.01' deleted
2013-09-20 13:36:41,828 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.14.01.02' in whitelist
2013-09-20 13:36:41,843 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.14.01.02' deleted
2013-09-20 13:36:41,859 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.16.01.02' in whitelist
2013-09-20 13:36:41,859 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.16.01.02' deleted
2013-09-20 13:36:41,859 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.17.01.02' in whitelist
2013-09-20 13:36:41,859 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.17.01.02' deleted
2013-09-20 13:36:41,859 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.18.01.01' in whitelist
2013-09-20 13:36:41,875 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.18.01.01' deleted
2013-09-20 13:36:41,875 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.19.01.01' in whitelist
2013-09-20 13:36:41,890 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.19.01.01' deleted
2013-09-20 13:36:41,890 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.23.01.02' in whitelist
2013-09-20 13:36:41,890 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.11.23.01.02' deleted
2013-09-20 13:36:41,906 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.00.01.01' in whitelist
2013-09-20 13:36:41,906 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.00.01.01' deleted
2013-09-20 13:36:41,906 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.01.01.01' in whitelist
2013-09-20 13:36:41,921 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.01.01.01' deleted
2013-09-20 13:36:41,937 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.02.01.01' in whitelist
2013-09-20 13:36:41,937 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.02.01.01' deleted
2013-09-20 13:36:41,937 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.03.01.01' in whitelist
2013-09-20 13:36:41,937 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.03.01.01' deleted
2013-09-20 13:36:41,937 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.04.01.02' in whitelist
2013-09-20 13:36:41,953 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.04.01.02' deleted
2013-09-20 13:36:41,953 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.05.01.01' in whitelist
2013-09-20 13:36:41,953 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.05.01.01' deleted
2013-09-20 13:36:41,953 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.08.01.01' in whitelist
2013-09-20 13:36:41,953 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.08.01.01' deleted
2013-09-20 13:36:41,953 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.10.01.02' in whitelist
2013-09-20 13:36:41,953 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.10.01.02' deleted
2013-09-20 13:36:41,953 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.11.01.01' in whitelist
2013-09-20 13:36:41,953 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.11.01.01' deleted
2013-09-20 13:36:41,984 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.12.01.01' in whitelist
2013-09-20 13:36:41,984 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.12.01.01' deleted
2013-09-20 13:36:41,984 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.15.01.02' in whitelist
2013-09-20 13:36:42,000 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.15.01.02' deleted
2013-09-20 13:36:42,015 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.19.01.00' in whitelist
2013-09-20 13:36:42,031 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.19.01.00' deleted
2013-09-20 13:36:42,031 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.20.01.01' in whitelist
2013-09-20 13:36:42,031 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.20.01.01' deleted
2013-09-20 13:36:42,031 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.22.01.02' in whitelist
2013-09-20 13:36:42,031 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.22.01.02' deleted
2013-09-20 13:36:42,031 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.23.01.01' in whitelist
2013-09-20 13:36:42,031 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.12.23.01.01' deleted
2013-09-20 13:36:42,046 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.00.01.01' in whitelist
2013-09-20 13:36:42,046 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.00.01.01' deleted
2013-09-20 13:36:42,062 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.01.01.00' in whitelist
2013-09-20 13:36:42,078 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.01.01.00' deleted
2013-09-20 13:36:42,078 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.03.01.01' in whitelist
2013-09-20 13:36:42,078 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.03.01.01' deleted
2013-09-20 13:36:42,109 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.04.01.01' in whitelist
2013-09-20 13:36:42,109 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.04.01.01' deleted
2013-09-20 13:36:42,109 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.05.01.01' in whitelist
2013-09-20 13:36:42,109 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.05.01.01' deleted
2013-09-20 13:36:42,109 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.08.01.01' in whitelist
2013-09-20 13:36:42,109 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.08.01.01' deleted
2013-09-20 13:36:42,109 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.10.01.01' in whitelist
2013-09-20 13:36:42,109 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.10.01.01' deleted
2013-09-20 13:36:42,109 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.13.01.00' in whitelist
2013-09-20 13:36:42,125 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.13.01.00' deleted
2013-09-20 13:36:42,125 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.14.01.00' in whitelist
2013-09-20 13:36:42,140 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.14.01.00' deleted
2013-09-20 13:36:42,156 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.15.01.01' in whitelist
2013-09-20 13:36:42,171 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.15.01.01' deleted
2013-09-20 13:36:42,187 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.16.01.02' in whitelist
2013-09-20 13:36:42,218 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.16.01.02' deleted
2013-09-20 13:36:42,234 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.17.01.01' in whitelist
2013-09-20 13:36:42,250 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.17.01.01' deleted
2013-09-20 13:36:42,265 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.18.01.01' in whitelist
2013-09-20 13:36:42,281 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.18.01.01' deleted
2013-09-20 13:36:42,281 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.19.01.01' in whitelist
2013-09-20 13:36:42,281 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.19.01.01' deleted
2013-09-20 13:36:42,281 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.21.01.00' in whitelist
2013-09-20 13:36:42,281 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc17.bin.incr.2012.06.13.21.01.00' deleted
2013-09-20 13:36:42,281 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.full.2011.12.17.00.46.57' in whitelist
2013-09-20 13:36:42,281 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.full.2011.12.17.00.46.57' deleted
2013-09-20 13:36:42,312 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.incr.2012.03.03.02.23.43' in whitelist
2013-09-20 13:36:42,312 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.incr.2012.03.03.02.23.43' deleted
2013-09-20 13:36:42,312 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.incr.2012.03.28.21.24.52' in whitelist
2013-09-20 13:36:42,312 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.incr.2012.03.28.21.24.52' deleted
2013-09-20 13:36:42,312 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.tmp1' in whitelist
2013-09-20 13:36:42,343 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.tmp1' deleted
2013-09-20 13:36:42,359 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.tmp2' in whitelist
2013-09-20 13:36:42,359 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc18.bin.tmp2' deleted
2013-09-20 13:36:42,359 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc19.bin.full.2010.02.05.01.51.49' in whitelist
2013-09-20 13:36:42,359 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc19.bin.full.2010.02.05.01.51.49' deleted
2013-09-20 13:36:42,375 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc2.bin' in whitelist
2013-09-20 13:36:42,375 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc2.bin' deleted
2013-09-20 13:36:42,390 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc2.bin.full.2005.02.11.04.44.13' in whitelist
2013-09-20 13:36:42,390 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc2.bin.full.2005.02.11.04.44.13' deleted
2013-09-20 13:36:42,390 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc21.bin.full.2012.04.07.09.02.32' in whitelist
2013-09-20 13:36:42,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc21.bin.full.2012.04.07.09.02.32' deleted
2013-09-20 13:36:42,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc6.bin.full.2010.03.15.20.58.02' in whitelist
2013-09-20 13:36:42,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\sc6.bin.full.2010.03.15.20.58.02' deleted
2013-09-20 13:36:42,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\scdns.bin' in whitelist
2013-09-20 13:36:42,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\scdns.bin' deleted
2013-09-20 13:36:42,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\scoffset.bin.incr' in whitelist
2013-09-20 13:36:42,406 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\scoffset.bin.incr' deleted
2013-09-20 13:36:42,406 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\spamcatcher.conf' in whitelist
2013-09-20 13:36:42,453 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam\spamcatcher.conf' deleted
2013-09-20 13:36:42,453 DEBUG Directory C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam not deleted (error c0070091)
2013-09-20 13:36:42,453 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012'
2013-09-20 13:36:42,453 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\AVG2012\process.bin' in whitelist
2013-09-20 13:36:42,484 INFO File 'C:\Documents and Settings\All Users\Application Data\AVG2012\process.bin' deleted
2013-09-20 13:36:42,484 DEBUG Directory C:\Documents and Settings\All Users\Application Data\AVG2012 not deleted (error c0070091)
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012'
2013-09-20 13:36:42,484 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012' not found
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2012'
2013-09-20 13:36:42,484 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2012' not found
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk'
2013-09-20 13:36:42,484 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk' not found
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2012.lnk'
2013-09-20 13:36:42,484 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2012.lnk' not found
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0'
2013-09-20 13:36:42,484 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0' not found
2013-09-20 13:36:42,484 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG Standalone LinkScanner'
2013-09-20 13:36:42,484 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG Standalone LinkScanner' not found
2013-09-20 13:36:42,500 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk'
2013-09-20 13:36:42,500 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk' not found
2013-09-20 13:36:42,500 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG'
2013-09-20 13:36:42,500 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG' not found
2013-09-20 13:36:42,500 DEBUG Processing item 'C:\Program Files\AVG Secure Search'
2013-09-20 13:36:42,500 INFO Trying HardForce delete 'C:\Program Files\AVG Secure Search'
2013-09-20 13:36:43,031 DEBUG Directory C:\Program Files\AVG Secure Search not deleted (error c0070091)
2013-09-20 13:36:43,031 DEBUG Missing ParentDir path for fileItem number 269
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users