Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removed Conduit but can't get if off homepage...


  • This topic is locked This topic is locked
28 replies to this topic

#1 RushSonic

RushSonic

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 11 October 2014 - 09:50 PM

Hi, I was recommended by boopme to post a DDS log in this topic.

http://www.bleepingcomputer.com/forums/t/551333/multiple-malware-infections-on-a-relatives-computer/

 

I have been battling various adware,spyware, and malware. The system is almost clean, but I can not get the homepage back to normal in Chrome. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16447
Run by Innes at 22:48:37 on 2014-10-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2663.1474 [GMT -4:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.toshiba.com/
uDefault_Page_URL = hxxp://start.toshiba.com
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [GoogleChromeAutoLaunch_3E5DBCA7DE952ED603C5534E2C6D6B63] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
mRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{45EB10FD-90DA-46D0-BF21-22421A3D7307} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{45EB10FD-90DA-46D0-BF21-22421A3D7307}\7457563747 : DHCPNameServer = 4.2.2.2 4.2.2.1 4.2.2.3
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-3-17 75904]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-3-17 38016]
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2014-10-10 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2014-10-10 224896]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2014-10-10 1041168]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2014-10-10 427360]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-17 204288]
R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-10-10 29208]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2014-10-10 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-10 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-7-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-7-14 1767520]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2012-3-17 123320]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2012-3-17 126392]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2010-11-11 137512]
R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2012-3-17 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-17 38096]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2012-3-17 1109096]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-3-17 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152]
S2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-10-10 92008]
S2 AVGIDSAgent;AVGIDSAgent;"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" --> C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-5-3 158856]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-3-17 243712]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-6-5 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-10-11 04:05:37 122584 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-10-11 04:05:07 91352 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2014-10-11 04:05:07 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2014-10-11 04:05:07 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-10-11 04:05:07 -------- d-----w- C:\ProgramData\Malwarebytes
2014-10-11 04:05:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 03:58:48 -------- d-----w- C:\Users\Innes\AppData\Roaming\AVAST Software
2014-10-11 03:57:08 92008 ----a-w- C:\windows\System32\drivers\aswStm.sys
2014-10-11 03:57:06 224896 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2014-10-11 03:57:05 1041168 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2014-10-11 03:57:03 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2014-10-11 03:57:01 79184 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2014-10-11 03:57:01 29208 ----a-w- C:\windows\System32\drivers\aswHwid.sys
2014-10-11 03:56:59 93568 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2014-10-11 03:56:45 43152 ----a-w- C:\windows\avastSS.scr
2014-10-11 03:56:11 -------- d-----w- C:\Program Files\AVAST Software
2014-10-11 03:55:08 -------- d-----w- C:\ProgramData\AVAST Software
2014-10-11 03:09:50 111016 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2014-10-11 03:08:51 -------- d-----w- C:\ProgramData\Oracle
2014-10-11 02:06:11 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2014-10-09 23:52:05 -------- d-----w- C:\Program Files (x86)\ESET
2014-10-09 23:37:42 -------- d-----w- C:\windows\ERUNT
2014-10-09 22:40:41 536576 ----a-w- C:\windows\SysWow64\sqlite3.dll
2014-10-09 22:39:01 -------- d-----w- C:\AdwCleaner
2014-10-09 22:31:18 -------- d-----w- C:\TDSSKiller_Quarantine
2014-09-25 23:39:58 -------- d-----w- C:\Users\Innes\AppData\Local\14261
.
==================== Find3M  ====================
.
.
============= FINISH: 22:49:09.27 ===============
 


BC AdBot (Login to Remove)

 


#2 pystryker

pystryker

  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:10 PM

Posted 12 October 2014 - 06:16 AM

Hello and welcome to Bleeping Computer! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
  • If you are receiving help for this issue at another forum, please let me know so I can close this thread.
  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly" This will send an email to you as soon as I reply to your topic, allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.
  • Please read through my instructions carefully and completely before executing them. I will lay the instructions out in a step by step order to make them easy to follow.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you (if you are able) to print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please remember, the fixes are for your machine and your machine ONLY! Do not use these fixes on any other machine, each fix is tailor made for your system only. Using a fix on another machine can and will cause serious damage.
  • Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future
  • Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)
Now, let's get started, shall we? :thumbsup:


Hello, let's get a look at your system and see what's going on. :)


Step 1: Scan with Farbar's Recovery Scan Tool (FRST)


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Step 2: Scan with aswMBR
  • Please download aswMBR.exe to your desktop.
  • Double click the file to run it.
  • It will ask if you want to download the latest Avast! virus definitions, please answer yes.
aswmbrscan_zpsdc05b0f9.jpg
  • Click the Scan button to begin the scan.
If your computer supports Virtualization Technology, select Yes to use it for rootkit detection.


aswmbrsavelog_zps1aeef48e.jpg
  • Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
  • Click Exit
Things I need to see in your next post:


FRST Log

Addition.txt Log

aswMBR Log

I close my topics if there is no response after 3 days. Please PM a moderator or myself to reopen your topic.

Please PM me only if I'm helping you with your computer issues and I have not responded in 2 days. Please remember, I'm a volunteer and sometimes life does get in the way. :)

Please stay with me until I declare your machine clean. Absence of symptoms does not ensure your machine is clean.

If you'd like to make a donation via Paypal, please click here.





#3 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 13 October 2014 - 08:39 PM

How can I check if the laptop supports virtualization? I tried looking at Toshiba's website but I could not find any information on that.



#4 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 13 October 2014 - 09:30 PM

Here are the logs from Farbar

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Innes (administrator) on TCHUME on 13-10-2014 22:25:39
Running from C:\Users\Innes\Desktop
Loaded Profile: Innes (Available profiles: Innes)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Toshiba) C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-10] (AVAST Software)
HKU\S-1-5-21-100449044-2964483482-1597375923-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [17355912 2012-05-03] (Skype Technologies S.A.)
HKU\S-1-5-21-100449044-2964483482-1597375923-1001\...\Run: [GoogleChromeAutoLaunch_3E5DBCA7DE952ED603C5534E2C6D6B63] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-100449044-2964483482-1597375923-1001\...\Policies\Explorer: [HideSCAHealth] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0BB02192-4631-41DC-9423-495A154710C3} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Innes\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\snwehtx@ggoslbyermzeiwe.org [2013-08-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-10]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\ff [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://start.toshiba.com
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN38388784623041017&UM=2&sspv=&UP=SP498247FC-A809-4E74-95FB-227B20BDF228"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll No File
CHR Plugin: (Skype Click to Call) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Profile: C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-14]
CHR Extension: (avast! Online Security) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-11]
CHR Extension: (Skype Click to Call) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-03]
CHR Extension: (getsav-in) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-06-20]
CHR Extension: (Google Wallet) - C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [deghmimjoppmofpmkgjmpfogeideodog] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9306\ch\WebexpEnhancedV1alpha9306.crx []
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-10] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [123320 2011-07-19] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-10] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-10] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-10-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-10] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-13 22:25 - 2014-10-13 22:26 - 00017636 _____ () C:\Users\Innes\Desktop\FRST.txt
2014-10-13 22:25 - 2014-10-13 22:25 - 00000000 ____D () C:\FRST
2014-10-13 22:24 - 2014-10-13 22:24 - 02110464 _____ (Farbar) C:\Users\Innes\Desktop\FRST64.exe
2014-10-13 21:53 - 2014-10-13 21:56 - 217221161 _____ () C:\Users\Innes\Documents\grandpa-memoir.zip
2014-10-11 22:49 - 2014-10-11 22:49 - 00014637 _____ () C:\Users\Innes\Desktop\dds.txt
2014-10-11 22:49 - 2014-10-11 22:49 - 00007956 _____ () C:\Users\Innes\Desktop\attach.txt
2014-10-11 22:45 - 2014-10-11 22:46 - 00688992 ____R (Swearware) C:\Users\Innes\Desktop\dds.com
2014-10-11 00:05 - 2014-10-11 00:05 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 00:05 - 2014-10-11 00:05 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-11 00:05 - 2014-10-11 00:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-11 00:05 - 2014-10-11 00:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 00:05 - 2014-10-11 00:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 00:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-10-11 00:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-10-11 00:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-10-11 00:00 - 2014-10-11 00:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Innes\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-10 23:58 - 2014-10-10 23:58 - 00000000 ____D () C:\Users\Innes\AppData\Roaming\AVAST Software
2014-10-10 23:57 - 2014-10-13 21:41 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-10-10 23:57 - 2014-10-10 23:57 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-10-10 23:57 - 2014-10-10 23:57 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-10 23:57 - 2014-10-10 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-10 23:57 - 2014-10-10 23:56 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-10-10 23:57 - 2014-10-10 23:56 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-10-10 23:57 - 2014-10-10 23:56 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-10-10 23:57 - 2014-10-10 23:56 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-10-10 23:57 - 2014-10-10 23:56 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-10-10 23:57 - 2014-10-10 23:56 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-10-10 23:56 - 2014-10-10 23:56 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-10-10 23:56 - 2014-10-10 23:56 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-10-10 23:56 - 2014-10-10 23:56 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-10-10 23:56 - 2014-10-10 23:56 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-10 23:55 - 2014-10-10 23:56 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-10 23:54 - 2014-10-10 23:54 - 91906368 _____ (AVAST Software) C:\Users\Innes\Downloads\avast_free_antivirus_setup.exe
2014-10-10 23:22 - 2014-10-10 23:22 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Innes\Downloads\avira_en_av___ws.exe
2014-10-10 23:18 - 2014-10-10 23:18 - 00896048 _____ () C:\Users\Innes\Desktop\Norton_Removal_Tool.exe
2014-10-10 23:09 - 2014-10-10 23:09 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2014-10-10 23:09 - 2014-10-10 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-10 23:08 - 2014-10-10 23:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-10 23:08 - 2014-10-10 23:08 - 00000000 ____D () C:\Program Files\Java
2014-10-10 23:06 - 2014-10-10 23:07 - 96138664 _____ (Oracle Corporation) C:\Users\Innes\Downloads\jre-8u20-windows-x64.exe
2014-10-10 22:53 - 2014-10-10 22:53 - 00000000 ____D () C:\Users\Innes\AppData\Roaming\InstallShield
2014-10-10 22:06 - 2014-10-10 22:06 - 00001275 _____ () C:\Users\Innes\Desktop\Revo Uninstaller.lnk
2014-10-10 22:06 - 2014-10-10 22:06 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-10 22:05 - 2014-10-10 22:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Innes\Downloads\revosetup.exe
2014-10-10 18:14 - 2014-10-10 18:14 - 00448512 _____ (OldTimer Tools) C:\Users\Innes\Desktop\TFC.exe
2014-10-10 18:11 - 2014-10-10 18:11 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security
2014-10-09 22:36 - 2014-10-09 22:36 - 00022887 _____ () C:\Users\Innes\Desktop\ESETScan.txt
2014-10-09 19:52 - 2014-10-09 19:52 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-09 19:51 - 2014-10-09 19:51 - 02347384 _____ (ESET) C:\Users\Innes\Desktop\esetsmartinstaller_enu.exe
2014-10-09 19:48 - 2014-10-09 19:48 - 00037499 _____ () C:\Users\Innes\Desktop\AdwCleaner[S0].txt
2014-10-09 19:46 - 2014-10-09 19:46 - 00003430 _____ () C:\Users\Innes\Desktop\JRT.txt
2014-10-09 19:37 - 2014-10-09 19:37 - 00000000 ____D () C:\windows\ERUNT
2014-10-09 19:35 - 2014-10-09 18:55 - 01705755 _____ (Thisisu) C:\Users\Innes\Desktop\JRT.exe
2014-10-09 18:55 - 2014-10-09 18:55 - 01705755 _____ (Thisisu) C:\Users\Innes\Downloads\JRT.exe
2014-10-09 18:46 - 2014-10-09 18:45 - 00037426 _____ () C:\Users\Innes\Desktop\AdwCleaner[R0].txt
2014-10-09 18:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-10-09 18:39 - 2014-10-09 18:49 - 00000000 ____D () C:\AdwCleaner
2014-10-09 18:38 - 2014-10-09 18:38 - 01375089 _____ () C:\Users\Innes\Desktop\AdwCleaner.exe
2014-10-09 18:31 - 2014-10-09 18:31 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-10-09 18:27 - 2014-10-09 18:27 - 04161313 _____ () C:\Users\Innes\Downloads\tdsskiller.zip
2014-10-09 18:21 - 2014-10-09 18:21 - 00034836 _____ () C:\Users\Innes\Desktop\Result.txt
2014-10-09 18:18 - 2014-10-09 18:18 - 00401920 _____ (Farbar) C:\Users\Innes\Desktop\MiniToolBox.exe
2014-10-09 18:15 - 2014-10-09 18:17 - 00080088 _____ () C:\Users\Innes\Desktop\Rkill.txt
2014-10-09 18:15 - 2014-10-09 18:15 - 00000000 ____D () C:\Users\Innes\Desktop\rkill
2014-10-09 18:14 - 2014-10-09 18:14 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Innes\Desktop\rkill.com
2014-09-25 19:39 - 2014-10-11 00:26 - 00000000 ____D () C:\Users\Innes\AppData\Local\14261
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-13 22:24 - 2012-03-17 07:21 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 21:41 - 2014-08-12 02:39 - 00000460 _____ () C:\windows\Tasks\RegCure Pro Startup.job
2014-10-13 21:41 - 2012-03-17 07:21 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 21:41 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-10-13 21:41 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-13 21:41 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-13 21:40 - 2009-07-14 00:51 - 00072237 _____ () C:\windows\setupact.log
2014-10-11 22:39 - 2010-11-20 23:47 - 00140638 _____ () C:\windows\PFRO.log
2014-10-11 00:26 - 2014-05-11 12:58 - 00000000 ____D () C:\Users\Innes\AppData\Local\TB
2014-10-10 23:36 - 2012-03-17 07:22 - 00000000 ____D () C:\Program Files\Google
2014-10-10 23:36 - 2012-03-17 07:21 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-10 23:36 - 2012-03-17 07:14 - 00000000 ____D () C:\ProgramData\Norton
2014-10-10 23:28 - 2012-03-17 07:14 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-10-10 23:01 - 2012-06-03 12:29 - 00000000 ____D () C:\Users\Innes\AppData\Local\Google
2014-10-10 23:01 - 2012-03-17 07:21 - 00000000 ____D () C:\ProgramData\Google
2014-10-10 22:55 - 2012-03-17 07:16 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2014-10-10 22:55 - 2011-10-30 23:37 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-10-10 22:55 - 2011-10-30 23:32 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-10 22:55 - 2011-10-30 23:31 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-10-10 22:53 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-10 22:51 - 2012-03-17 07:16 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-10 22:26 - 2012-06-13 18:48 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-10 22:17 - 2012-08-12 14:29 - 00000000 ____D () C:\Users\Innes\AppData\Local\CrashDumps
2014-10-10 18:06 - 2012-03-17 07:14 - 00003232 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-10-09 21:58 - 2009-07-14 01:13 - 00778834 _____ () C:\windows\system32\PerfStringBackup.INI
2014-10-09 21:55 - 2012-06-03 14:11 - 00000000 ____D () C:\Users\Innes\AppData\Roaming\Skype
2014-10-09 19:35 - 2012-06-13 19:00 - 00006578 _____ () C:\windows\SysWOW64\AppLog.log
2014-10-09 18:27 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Innes\Desktop\TDSSKiller.exe
2014-09-26 18:56 - 2013-06-14 20:45 - 00000000 ____D () C:\Users\Innes\AppData\Roaming\.minecraft
 
Some content of TEMP:
====================
C:\Users\Innes\AppData\Local\Temp\IeSearchProvider7453749312248388953.exe
C:\Users\Innes\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Innes\AppData\Local\Temp\updater_uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-11 00:56
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by Innes at 2014-10-13 22:27:15
Running from C:\Users\Innes\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Media Foundation Decoders (Version: 1.0.60607.2201 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{4ACA5AE7-E68C-5A48-F8E6-D67946267506}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0607.2212.38019 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help English (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help French (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help German (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
ccc-utility64 (Version: 2011.0607.2212.38019 - ATI) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.115 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.3 - TOSHIBA Corporation) Hidden
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
26-12-2012 01:00:23 Scheduled Checkpoint
02-04-2013 18:51:30 Scheduled Checkpoint
11-10-2014 02:10:06 Revo Uninstaller's restore point - Mighty Magoo Games Console
11-10-2014 02:13:20 Revo Uninstaller's restore point - Genieo
11-10-2014 02:17:16 Revo Uninstaller's restore point - MightyMagoo Packages
11-10-2014 02:19:01 Revo Uninstaller's restore point - Swiki_IE
11-10-2014 02:20:59 Revo Uninstaller's restore point - Swiki version 1.0
11-10-2014 02:23:26 Revo Uninstaller's restore point - SavetheChildren Reminder by We-Care.com v4.1.19.4
11-10-2014 02:24:33 Removed SavetheChildren Reminder by We-Care.com v4.1.19.4
11-10-2014 02:25:40 Revo Uninstaller's restore point - PC Tools Registry Mechanic 11.0
11-10-2014 02:27:54 Revo Uninstaller's restore point - UnLock Root Pro 4.12
11-10-2014 02:29:48 Revo Uninstaller's restore point - UnLock Root 3.2.1
11-10-2014 02:46:06 Revo Uninstaller's restore point - K-Lite Codec Pack 7.0.0 (Standard)
11-10-2014 02:47:29 Revo Uninstaller's restore point - RegCure Pro
11-10-2014 02:49:02 Revo Uninstaller's restore point - Webexp Enhanced
11-10-2014 02:50:35 Revo Uninstaller's restore point - WildTangent Games
11-10-2014 02:53:31 Revo Uninstaller's restore point - Amazon Links
11-10-2014 02:54:15 Revo Uninstaller's restore point - Amazon Links
11-10-2014 02:54:41 Removed Amazon Links
11-10-2014 02:56:25 Revo Uninstaller's restore point - getsav-in
11-10-2014 02:59:09 Revo Uninstaller's restore point - Define Ext
11-10-2014 03:00:41 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
11-10-2014 03:55:48 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1442C19F-60D9-425A-B363-A26622F96001} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: {345CB24D-90C2-434B-A715-604A39B7C5C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-17] (Google Inc.)
Task: {432C1FC5-1CB5-4CA2-9702-32C638D26C95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-17] (Google Inc.)
Task: {63EE8BA5-D4A8-411E-BC56-FD8FDA48C3B3} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe
Task: {67355559-FA44-42CA-A15F-BE41D081C4A3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\SymErr.exe
Task: {8C0E3837-A229-4946-BB32-8DF3F32292ED} - System32\Tasks\RegCure Pro Startup => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {9319E092-B319-4B3C-ADD4-6C79DE5C0E28} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-10] (AVAST Software)
Task: {9CCB1647-3E84-4509-BF13-2836938B5942} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\WSCStub.exe
Task: {B7F53611-13D6-433B-895F-56DFF68FFDAE} - System32\Tasks\Swiki_Checker => C:\Windows\SChecker\SC_w3i.exe [2012-10-18] (                                                            )
Task: {D20D6D34-5837-4389-985B-038B196B2905} - System32\Tasks\RegCure Pro_sch_679B3088-21EB-11E4-B3D5-00266C0CE5FA => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\windows\Tasks\RegCure Pro Startup.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\windows\Tasks\RegCure Pro_sch_679B3088-21EB-11E4-B3D5-00266C0CE5FA.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-11-18 20:18 - 2010-11-18 20:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2011-06-08 01:11 - 2011-06-08 01:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-22 13:17 - 2011-03-22 13:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-10 00:09 - 2011-06-10 00:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-10-10 23:56 - 2014-10-10 23:56 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-11 22:40 - 2014-10-11 22:40 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101101\algo.dll
2014-10-13 21:41 - 2014-10-13 21:41 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101301\algo.dll
2014-10-10 23:56 - 2014-10-10 23:56 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-26 19:30 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-26 19:30 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-26 19:30 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-26 19:30 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-26 19:30 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\28973120.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\28973120.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-100449044-2964483482-1597375923-500 - Administrator - Disabled)
Guest (S-1-5-21-100449044-2964483482-1597375923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-100449044-2964483482-1597375923-1002 - Limited - Enabled)
Innes (S-1-5-21-100449044-2964483482-1597375923-1001 - Administrator - Enabled) => C:\Users\Innes
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/13/2014 09:41:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 10:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 00:30:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 11:55:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary gsogxpwd.
 
System Error:
The system cannot find the file specified.
.
 
Error: (10/10/2014 11:38:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 10:17:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: uninstaller.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: uninstaller.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x000041e2
Faulting process id: 0xe68
Faulting application start time: 0xuninstaller.exe0
Faulting application path: uninstaller.exe1
Faulting module path: uninstaller.exe2
Report Id: uninstaller.exe3
 
Error: (10/10/2014 09:48:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 06:19:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 06:05:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2014 08:40:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (10/13/2014 09:41:05 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
 
Error: (10/11/2014 11:05:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (10/11/2014 10:39:55 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
 
Error: (10/11/2014 00:59:56 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (10/11/2014 00:28:27 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
 
Error: (10/11/2014 00:27:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (10/10/2014 11:37:09 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
 
Error: (10/10/2014 11:35:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (10/10/2014 11:27:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Norton Internet Security service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (10/10/2014 11:27:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Common Client Job Manager Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (10/13/2014 09:41:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 10:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/11/2014 00:30:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 11:55:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary gsogxpwd.
 
System Error:
The system cannot find the file specified.
 
Error: (10/10/2014 11:38:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 10:17:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: uninstaller.exe0.0.0.02a425e19uninstaller.exe0.0.0.02a425e19c0000005000041e2e6801cfe4f983f05811C:\Users\Innes\AppData\Local\Temp\1862714.Uninstall\uninstaller.exeC:\Users\Innes\AppData\Local\Temp\1862714.Uninstall\uninstaller.execc8417a8-50ec-11e4-9e83-00266c0ce5fa
 
Error: (10/10/2014 09:48:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 06:19:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2014 06:05:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2014 08:40:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Innes\Desktop\esetsmartinstaller_enu.exe
 
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 52%
Total physical RAM: 2662.87 MB
Available physical RAM: 1273.82 MB
Total Pagefile: 5323.93 MB
Available Pagefile: 3433.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (TI106302W0C) (Fixed) (Total:282.92 GB) (Free:244.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 20C94C86)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=282.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=17)
 
==================== End Of Log ============================


#5 Dakeyras

Dakeyras

    Anti-Malware Mammoth


  • Malware Response Team
  • 371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Tundra
  • Local time:08:10 PM

Posted 14 October 2014 - 09:56 AM

Hi. :)

pystryker has asked myself to continue assisting you with your Grandfather's machine whilst he is unavailable...
 

How can I check if the laptop supports virtualization? I tried looking at Toshiba's website but I could not find any information on that.

I would not be concerned about that and basically when aswMBR is ran it will inform you via a prompt stating: The computer supports "Virtualization Technology" and if so you would merely click on yes etc. However I do not require for your good self to download and run this particular software at this time.

Before we proceed any further I see the Norton Removal Tool is on the desktop of your Grandfather's machine, did you actually run this or not ? As still a vast amount of Norton related files, folders and registry related that appears to still be present. So merely answer my query about the aforementioned Norton Removal Tool and we will then go from there, thank you.

#6 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 14 October 2014 - 04:55 PM

Hi. :)

pystryker has asked myself to continue assisting you with your Grandfather's machine whilst he is unavailable...
 

How can I check if the laptop supports virtualization? I tried looking at Toshiba's website but I could not find any information on that.

I would not be concerned about that and basically when aswMBR is ran it will inform you via a prompt stating: The computer supports "Virtualization Technology" and if so you would merely click on yes etc. However I do not require for your good self to download and run this particular software at this time.

Before we proceed any further I see the Norton Removal Tool is on the desktop of your Grandfather's machine, did you actually run this or not ? As still a vast amount of Norton related files, folders and registry related that appears to still be present. So merely answer my query about the aforementioned Norton Removal Tool and we will then go from there, thank you.

 

Yes. I ran the tool to remove the Norton program that came with his machine. It was outdated and I honestly do not like Norton. I installed Avast in its place. Are there any folders that I may need to manually delete?


Edited by RushSonic, 14 October 2014 - 04:56 PM.


#7 Dakeyras

Dakeyras

    Anti-Malware Mammoth


  • Malware Response Team
  • 371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Tundra
  • Local time:08:10 PM

Posted 14 October 2014 - 05:23 PM

Hi. :)
 

Yes. I ran the tool to remove the Norton program that came with his machine. It was outdated and I honestly do not like Norton. I installed Avast in its place. Are there any folders that I may need to manually delete?

Acknowledged, for the time being carry out the below for myself so I can better ascertain the overall situation. We will then go from there...

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download the installer for Registry Backup from here or here and save to your desktop.
  • Right-click on tweaking.com_registry_backup_setup.exe and select Run as Administrator >> Follow the prompts for a default installation
  • Ensure the option Open "Tweaking.com - Registry Backup" When Install Completes is selected >> Next > >> Finish
  • Once the GUI(graphical user interface) has appeared/loaded:-
TCRB-1.jpg
  • Click on Backup Now >> once the process is complete, similar to the below will displayed in the GUI:-
TBRB-2.jpg
  • Close Tweaking.com - Registry Backup
Note: There will now be a folder at the root of the Hard-Drive named C:\RegBackup, do not delete this as it is the actual backup just created.

A tutorial for Registry Backup explaining the various features can be viewed here.

Scan with OTL:

Please download OTL and save it to your Desktop.

Alternate downloads are here and here.
  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan/Fixes box cut & paste this in:-
netsvcs
baseservices
%systemdrive%\*.exe
C:\program files (x86)\Google\Desktop
C:\program files\Google\Desktop
dir "%systemdrive%\*" /S /A:L /C
CreateRestorePoint
  • Now click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
  • Please post the contents of these two Notepad files in your next reply.


#8 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 17 October 2014 - 05:11 PM

Should I backup everything that appears on the computer? The registry has an additional entry under Computer called C:\windows\System32\Config\components.



#9 Dakeyras

Dakeyras

    Anti-Malware Mammoth


  • Malware Response Team
  • 371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Tundra
  • Local time:08:10 PM

Posted 17 October 2014 - 05:29 PM

Should I backup everything that appears on the computer? The registry has an additional entry under Computer called C:\windows\System32\Config\components.

Fine to do so as in merely follow the prompts for the 'Backup the Registry' instructions with the software I advised etc. :)

#10 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 17 October 2014 - 06:27 PM

Hello again. Here are the two logs.

 

OTL.txt

 

OTL logfile created on: 10/17/2014 7:10:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Innes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.60 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 52.31% Memory free
5.20 Gb Paging File | 3.44 Gb Available in Paging File | 66.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.92 Gb Total Space | 244.22 Gb Free Space | 86.32% Space Free | Partition Type: NTFS
 
Computer Name: TCHUME | User Name: Innes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/10/17 19:07:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Innes\Desktop\OTL.exe
PRC - [2014/10/10 23:57:31 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/10/10 23:56:42 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/09/23 00:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2011/07/19 11:59:30 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
PRC - [2011/07/19 11:48:25 | 000,123,320 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/10 23:56:44 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/10/10 23:56:43 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014/09/23 00:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppgooglenaclpluginchrome.dll
MOD - [2014/09/23 00:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
MOD - [2014/09/23 00:06:58 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
MOD - [2014/09/23 00:06:56 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
MOD - [2014/09/23 00:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/10/10 23:56:42 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/06/10 00:10:00 | 000,138,152 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2011/06/08 00:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/17 17:34:18 | 000,574,896 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/10/20 17:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/07/19 11:59:30 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/07/19 11:48:25 | 000,123,320 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe -- (Norton PC Checkup Application Launcher)
SRV - [2011/07/11 20:16:06 | 000,057,216 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/10/10 23:57:28 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/10/10 23:56:46 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/10/10 23:56:46 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/10/10 23:56:46 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/10/10 23:56:46 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/10/10 23:56:46 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/10/10 23:56:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/10/10 23:56:46 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/08 01:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/06/08 00:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 15:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 04:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/11 15:58:54 | 000,137,512 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/05 10:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/05 10:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/27 18:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 12:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Innes\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/10/10 23:56:48 | 000,000,000 | ---D | M]
 
[2014/10/10 22:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/08 20:06:12 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files (x86)\Mozilla Firefox\extensions\snwehtx@ggoslbyermzeiwe.org
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA9306\FF
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Skype Click to Call = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\Innes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe (Toshiba)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001..\Run: [GoogleChromeAutoLaunch_3E5DBCA7DE952ED603C5534E2C6D6B63] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..Trusted Domains: genieo.com ([yahoo] http in Trusted sites)
O15 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..Trusted Ranges: Range1 ([*] in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45EB10FD-90DA-46D0-BF21-22421A3D7307}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/10/17 19:07:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Innes\Desktop\OTL.exe
[2014/10/17 19:05:11 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/10/17 18:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/10/17 18:08:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/10/13 22:33:12 | 005,185,536 | ---- | C] (AVAST Software) -- C:\Users\Innes\Desktop\aswmbr.exe
[2014/10/13 22:25:20 | 000,000,000 | ---D | C] -- C:\FRST
[2014/10/13 22:24:32 | 002,110,464 | ---- | C] (Farbar) -- C:\Users\Innes\Desktop\FRST64.exe
[2014/10/11 22:45:31 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Innes\Desktop\dds.com
[2014/10/11 00:05:37 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/11 00:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/10/11 00:05:07 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/10/11 00:05:07 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/10/11 00:05:07 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/10/11 00:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/10/11 00:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/10/10 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\Innes\AppData\Roaming\AVAST Software
[2014/10/10 23:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/10/10 23:57:08 | 000,092,008 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswStm.sys
[2014/10/10 23:57:05 | 001,041,168 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/10/10 23:57:04 | 000,427,360 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014/10/10 23:57:01 | 000,079,184 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/10/10 23:56:59 | 000,093,568 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/10/10 23:56:53 | 000,307,344 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/10/10 23:56:45 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2014/10/10 23:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/10/10 23:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/10/10 23:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/10 23:09:50 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2014/10/10 23:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/10 23:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/10/10 23:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/10/10 22:53:46 | 000,000,000 | ---D | C] -- C:\Users\Innes\AppData\Roaming\InstallShield
[2014/10/10 22:06:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/10/10 22:06:11 | 000,000,000 | ---D | C] -- C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/10/10 18:14:05 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Innes\Desktop\TFC.exe
[2014/10/09 19:52:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/10/09 19:51:15 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Innes\Desktop\esetsmartinstaller_enu.exe
[2014/10/09 19:37:42 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014/10/09 19:35:47 | 001,705,755 | ---- | C] (Thisisu) -- C:\Users\Innes\Desktop\JRT.exe
[2014/10/09 18:40:41 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014/10/09 18:39:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/10/09 18:31:18 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/10/09 18:18:09 | 000,401,920 | ---- | C] (Farbar) -- C:\Users\Innes\Desktop\MiniToolBox.exe
[2014/10/09 18:15:44 | 000,000,000 | ---D | C] -- C:\Users\Innes\Desktop\rkill
[2014/10/09 18:14:31 | 001,944,824 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Innes\Desktop\rkill.com
[2014/09/25 19:39:58 | 000,000,000 | ---D | C] -- C:\Users\Innes\AppData\Local\14261
 
========== Files - Modified Within 30 Days ==========
 
[2014/10/17 19:07:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Innes\Desktop\OTL.exe
[2014/10/17 19:06:43 | 000,000,207 | ---- | M] () -- C:\windows\tweaking.com-regbackup-TCHUME-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/10/17 18:24:57 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/17 18:08:57 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/10/17 18:06:26 | 004,215,184 | ---- | M] () -- C:\Users\Innes\Desktop\tweaking.com_registry_backup_setup.exe
[2014/10/17 18:06:17 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 18:06:17 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/17 17:59:22 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/17 17:59:21 | 000,000,460 | ---- | M] () -- C:\windows\tasks\RegCure Pro Startup.job
[2014/10/17 17:58:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/10/17 17:58:50 | 2094,161,920 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/13 22:33:16 | 005,185,536 | ---- | M] (AVAST Software) -- C:\Users\Innes\Desktop\aswmbr.exe
[2014/10/13 22:24:35 | 002,110,464 | ---- | M] (Farbar) -- C:\Users\Innes\Desktop\FRST64.exe
[2014/10/13 21:56:32 | 217,221,161 | ---- | M] () -- C:\Users\Innes\Documents\grandpa-memoir.zip
[2014/10/11 22:46:13 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Innes\Desktop\dds.com
[2014/10/11 00:05:49 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/11 00:05:15 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/10 23:57:52 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/10/10 23:57:28 | 000,427,360 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsp.sys
[2014/10/10 23:56:46 | 001,041,168 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/10/10 23:56:46 | 000,307,344 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/10/10 23:56:46 | 000,224,896 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/10/10 23:56:46 | 000,093,568 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014/10/10 23:56:46 | 000,092,008 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswStm.sys
[2014/10/10 23:56:46 | 000,079,184 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/10/10 23:56:46 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/10/10 23:56:46 | 000,029,208 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014/10/10 23:56:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014/10/10 23:18:09 | 000,896,048 | ---- | M] () -- C:\Users\Innes\Desktop\Norton_Removal_Tool.exe
[2014/10/10 23:09:04 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2014/10/10 22:06:12 | 000,001,275 | ---- | M] () -- C:\Users\Innes\Desktop\Revo Uninstaller.lnk
[2014/10/10 18:14:06 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Innes\Desktop\TFC.exe
[2014/10/09 21:58:10 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/10/09 21:58:10 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/10/09 21:58:10 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/10/09 19:51:17 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Innes\Desktop\esetsmartinstaller_enu.exe
[2014/10/09 18:55:39 | 001,705,755 | ---- | M] (Thisisu) -- C:\Users\Innes\Desktop\JRT.exe
[2014/10/09 18:38:08 | 001,375,089 | ---- | M] () -- C:\Users\Innes\Desktop\AdwCleaner.exe
[2014/10/09 18:27:46 | 004,181,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Innes\Desktop\TDSSKiller.exe
[2014/10/09 18:18:10 | 000,401,920 | ---- | M] (Farbar) -- C:\Users\Innes\Desktop\MiniToolBox.exe
[2014/10/09 18:14:33 | 001,944,824 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Innes\Desktop\rkill.com
 
========== Files Created - No Company Name ==========
 
[2014/10/17 19:06:43 | 000,000,207 | ---- | C] () -- C:\windows\tweaking.com-regbackup-TCHUME-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/10/17 18:08:57 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/10/17 18:06:25 | 004,215,184 | ---- | C] () -- C:\Users\Innes\Desktop\tweaking.com_registry_backup_setup.exe
[2014/10/13 21:53:49 | 217,221,161 | ---- | C] () -- C:\Users\Innes\Documents\grandpa-memoir.zip
[2014/10/11 00:05:15 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/10 23:57:52 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/10/10 23:57:06 | 000,224,896 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/10/10 23:57:03 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014/10/10 23:57:01 | 000,029,208 | ---- | C] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014/10/10 23:18:08 | 000,896,048 | ---- | C] () -- C:\Users\Innes\Desktop\Norton_Removal_Tool.exe
[2014/10/10 22:06:12 | 000,001,275 | ---- | C] () -- C:\Users\Innes\Desktop\Revo Uninstaller.lnk
[2014/10/09 18:38:05 | 001,375,089 | ---- | C] () -- C:\Users\Innes\Desktop\AdwCleaner.exe
[2013/08/20 11:06:37 | 000,000,258 | RHS- | C] () -- C:\Users\Innes\ntuser.pol
[2012/10/24 20:20:44 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 23:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2010/11/20 23:24:16 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2010/11/20 23:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2010/11/20 23:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %systemdrive%\*.exe >
 
< C:\program files (x86)\Google\Desktop >
 
< C:\program files\Google\Desktop >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is TI106302W0C
 Volume Serial Number is 74BD-BAA1
 Directory of C:\
07/14/2009  01:08 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\ProgramData\Oracle\Java\javapath
10/10/2014  11:09 PM    <SYMLINK>      java.exe [C:\Program Files\Java\jre1.8.0_20\bin\java.exe]
10/10/2014  11:09 PM    <SYMLINK>      javaw.exe [C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe]
10/10/2014  11:09 PM    <SYMLINK>      javaws.exe [C:\Program Files\Java\jre1.8.0_20\bin\javaws.exe]
               3 File(s)              0 bytes
 Directory of C:\Users
07/14/2009  01:08 AM    <SYMLINKD>     All Users [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\ProgramData]
07/14/2009  01:08 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/14/2009  01:08 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/14/2009  01:08 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users\Oracle\Java\javapath
10/10/2014  11:09 PM    <SYMLINK>      java.exe [C:\Program Files\Java\jre1.8.0_20\bin\java.exe]
10/10/2014  11:09 PM    <SYMLINK>      javaw.exe [C:\Program Files\Java\jre1.8.0_20\bin\javaw.exe]
10/10/2014  11:09 PM    <SYMLINK>      javaws.exe [C:\Program Files\Java\jre1.8.0_20\bin\javaws.exe]
               3 File(s)              0 bytes
 Directory of C:\Users\Default
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009  01:08 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009  01:08 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/14/2009  01:08 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/14/2009  01:08 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009  01:08 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009  01:08 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009  01:08 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009  01:08 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009  01:08 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/14/2009  01:08 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/14/2009  01:08 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009  01:08 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/14/2009  01:08 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/14/2009  01:08 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/14/2009  01:08 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Innes
06/03/2012  12:23 PM    <JUNCTION>     Application Data [C:\Users\Innes\AppData\Roaming]
06/03/2012  12:23 PM    <JUNCTION>     Cookies [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Cookies]
06/03/2012  12:23 PM    <JUNCTION>     Local Settings [C:\Users\Innes\AppData\Local]
06/03/2012  12:23 PM    <JUNCTION>     My Documents [C:\Users\Innes\Documents]
06/03/2012  12:23 PM    <JUNCTION>     NetHood [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/03/2012  12:23 PM    <JUNCTION>     PrintHood [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/03/2012  12:23 PM    <JUNCTION>     Recent [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Recent]
06/03/2012  12:23 PM    <JUNCTION>     SendTo [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\SendTo]
06/03/2012  12:23 PM    <JUNCTION>     Start Menu [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Start Menu]
06/03/2012  12:23 PM    <JUNCTION>     Templates [C:\Users\Innes\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Innes\AppData\Local
06/03/2012  12:23 PM    <JUNCTION>     Application Data [C:\Users\Innes\AppData\Local]
06/03/2012  12:23 PM    <JUNCTION>     History [C:\Users\Innes\AppData\Local\Microsoft\Windows\History]
06/03/2012  12:23 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Innes\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Innes\Documents
06/03/2012  12:23 PM    <JUNCTION>     My Music [C:\Users\Innes\Music]
06/03/2012  12:23 PM    <JUNCTION>     My Pictures [C:\Users\Innes\Pictures]
06/03/2012  12:23 PM    <JUNCTION>     My Videos [C:\Users\Innes\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/14/2009  01:08 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/14/2009  01:08 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/14/2009  01:08 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\AppPatch
08/12/2014  01:57 AM    <SYMLINKD>     spbin [C:\PROGRA~2\SearchProtect\SearchProtect\bin]
               0 File(s)              0 bytes
     Total Files Listed:
               6 File(s)              0 bytes
              51 Dir(s)  262,027,276,288 bytes free
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
 
< End of report >
OTL Extras logfile created on: 10/17/2014 7:10:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Innes\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.60 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 52.31% Memory free
5.20 Gb Paging File | 3.44 Gb Available in Paging File | 66.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.92 Gb Total Space | 244.22 Gb Free Space | 86.32% Space Free | Partition Type: NTFS
 
Computer Name: TCHUME | User Name: Innes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{043AE85F-13AF-41B0-B4E1-399D0C4DF13E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{054E9DBC-CCE0-4A63-8DB6-088B396D2763}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{091329E2-F845-4505-951B-A004A1163D35}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1596F5E9-624C-4D63-B1AE-CF8FDEFB7EA5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{18A0A82A-D605-4932-808B-5C89789AE6BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{195D772D-C62F-490B-A101-423873548058}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{1B319A40-5DAB-4ED0-BA10-CD1B5318B93F}" = rport=138 | protocol=17 | dir=out | app=system | 
"{28D1A795-AA86-4F05-B94C-B264A9AEBCD8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{43FD5422-C754-41E9-80F0-F7306695CD76}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{538DE6A0-8A88-4F75-915C-CDBB9B5A15B2}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5F02F58A-DFF8-4E2E-9A35-958012184D31}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{70EDBA71-AE3A-4E59-92C6-E13DB42997E8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{7859B586-8763-439B-8042-71D52851C6BA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8F411E5E-318D-46D9-8732-14E5D0163CA4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A6B33912-8CA5-4FDC-839B-E98426A95577}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B0D70E8D-D204-42CA-820C-AFCB7F38D70C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D09F841C-3ED7-4C01-9C4F-C0D9B114F558}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{D5499981-EF00-48FA-A160-E95199AD640E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E0A598EA-2717-4B82-A874-CA3B6E0EE840}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E2832D99-282C-4A44-8F84-A3B66A0947E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EC70E9CF-3714-49CD-806B-4F6437F98BD7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{F2718B56-7B65-40A9-9D68-AA7BACB4615B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{F6508296-708C-4E00-91AE-BBE0A25FFD84}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F945249E-7FB0-49B2-BFD6-4777CFBF2D10}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05F760BE-9C65-4A10-9B71-6960C99FAA50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{09309AA7-B78F-4D7C-8D73-A33CFA9727A9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0D7A81BF-8BDB-4235-8932-67CCDA86DBA1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{143FB4AF-8F17-49BF-9E1A-3BEC8DD8F9E5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{18E36171-96E6-486F-BF4E-777316285C52}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{197246D5-922B-4B6B-A223-FE9AC7F83138}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{1E295C31-1F32-46F6-813C-C58F1F696FB0}" = protocol=6 | dir=in | app=c:\users\innes\appdata\local\temp\7zs56d7.tmp\symnrt.exe | 
"{368667A0-3C36-4B32-86E5-3996A84C46DD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3C29B974-149F-4BFD-A8B8-5A5224F366DB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3C8ED9E3-A07F-4BF8-8452-E16E2B3ACD0F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{42C0177C-E942-4F41-84B2-962290CAEAFA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4A94BAEC-A185-4E11-B0CB-866368412A67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5018F83F-662C-4BE1-84EA-E4F9C400A14F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{567679B2-B9CB-40EC-AD3E-457EEECF8575}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{5E102098-52EE-4C46-93C1-776015E817F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{66A2AD2A-A100-4D2F-99E3-E0275D836330}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6BA0BA9B-7D81-4B18-B072-6F1794099F35}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{86823766-CD46-4E54-8164-2EE31FBB78ED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{9E7F5E71-03DB-46D3-8824-E169AEE18B98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A357D220-BA15-4C13-8DFF-BE603FF666C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A75294BF-6D28-4190-9F30-9486B0656966}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{A90F0FBD-9665-4421-961B-1C879EA56338}" = protocol=6 | dir=out | app=system | 
"{BC7777B3-3090-4CDB-A27A-66E6F6BACB4E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{D77083D7-7365-4B29-98AF-E3CED4555D8C}" = protocol=17 | dir=in | app=c:\users\innes\appdata\local\temp\7zs56d7.tmp\symnrt.exe | 
"{F85F3475-6313-4624-8BEF-D39900243B65}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"TCP Query User{88A40018-B65D-4EAB-BF49-1F10CA455D69}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{B3C6858F-BB52-48FE-A8D0-3F8A2D4B9B34}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{2A025FF8-1731-4F35-A0AB-11671E2B41BE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{3EF2BA3A-1375-4A71-8A23-140FC95E35FD}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{26A24AE4-039D-4CA4-87B4-2F86418020F0}" = Java 8 Update 20 (64-bit)
"{4ACA5AE7-E68C-5A48-F8E6-D67946267506}" = ATI Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{6316805C-2485-2FF5-974C-750E3BE1DF65}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A34D9B7F-8453-DA02-DC98-EEEE085411C6}" = ccc-utility64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-X64 8.0.8.0_R01
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0146E330-EEE7-B924-B347-B399460893ED}" = CCC Help Czech
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{09927C92-A652-057A-3A7B-153F23175C58}" = CCC Help Dutch
"{0AF17224-CF88-40B8-BB1A-D179369847B4}" = TOSHIBA Supervisor Password
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{109CBCC5-7151-1CC6-DAD6-6F7DD3162A8A}" = Catalyst Control Center InstallProxy
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19E40731-8E1A-07FB-DA7D-8A54603F6408}" = CCC Help English
"{1B97813D-74A7-25EB-4837-792413507E82}" = CCC Help Danish
"{1CF94211-A7BB-8151-44B8-6618C5A162F8}" = CCC Help Portuguese
"{1D7FEEAC-6CEE-5B5F-A8B0-9BE7A6BCB7FB}" = CCC Help Chinese Traditional
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{247E03D2-485B-7A70-BF5C-AB9BDF6AFB44}" = CCC Help Polish
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEFB3C4-4706-C2B5-DF69-CF914D87BCE4}" = CCC Help Swedish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{337FDED7-D27B-E476-E888-3674E1C01C69}" = CCC Help Spanish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4485C9D0-A742-F1BB-C0B0-58FC61960D99}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = TOSHIBARegistration
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{666E35A7-A224-E3E9-48C2-C641837535D9}" = Catalyst Control Center Localization All
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8064A378-46F4-4A4E-8AF5-153D0D4018DD}" = Catalyst Control Center - Branding
"{83601916-2E71-F1C7-EE5F-A1C985BC9217}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A34A135-D405-DD03-9B2E-0EB99238A312}" = CCC Help Finnish
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9550EA6C-4CBE-C1F3-1E1C-5E87F2C645ED}" = CCC Help French
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}" = TOSHIBA Hardware Setup
"{97F67013-3076-4261-DC10-808409655042}" = AMD VISION Engine Control Center
"{986BB897-C295-2FED-8DCA-4ADE3AFCEF84}" = CCC Help Russian
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}" = Toshiba Book Place
"{A4FF8F4E-D665-712B-07EE-F03ED360E9BE}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ADB50F70-98FF-067F-DF39-47DD83E32D58}" = CCC Help Chinese Standard
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B83FCE14-53D5-CBF8-87E9-59B8968ADB4C}" = CCC Help Norwegian
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Toshiba Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C78E3449-4F24-839B-5F7A-6911C67A5BE9}" = Catalyst Control Center Graphics Previews Common
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6E90970-BA9C-51AA-EFA2-9F80A7AE0956}" = CCC Help Thai
"{D826A52E-0AC9-5A55-61B8-0E088477A1B0}" = CCC Help Greek
"{DA84ECBF-4B79-47F2-B34C-95C38484C058}" = Skype Launcher
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69540AC-FFC3-5519-F925-5ACC8D20DED5}" = CCC Help Hungarian
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{E9D96BD5-7D33-7ED3-0A8E-229FA2524487}" = CCC Help Turkish
"{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}" = Toshiba App Place
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F931F27F-A967-982A-9226-494787D5FBBB}" = CCC Help Japanese
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avast" = avast! Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}" = TOSHIBA Bulletin Board
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"NortonPCCheckup" = Toshiba Laptop Checkup
"Revo Uninstaller" = Revo Uninstaller 1.95
"Tweaking.com - Registry Backup" = Tweaking.com - Registry Backup
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-100449044-2964483482-1597375923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10/10/2014 6:05:21 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/10/2014 6:19:42 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/10/2014 9:48:31 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/10/2014 10:17:51 PM | Computer Name = Tchume | Source = Application Error | ID = 1000
Description = Faulting application name: uninstaller.exe, version: 0.0.0.0, time
 stamp: 0x2a425e19  Faulting module name: uninstaller.exe, version: 0.0.0.0, time 
stamp: 0x2a425e19  Exception code: 0xc0000005  Fault offset: 0x000041e2  Faulting process
 id: 0xe68  Faulting application start time: 0x01cfe4f983f05811  Faulting application
 path: C:\Users\Innes\AppData\Local\Temp\1862714.Uninstall\uninstaller.exe  Faulting
 module path: C:\Users\Innes\AppData\Local\Temp\1862714.Uninstall\uninstaller.exe
Report
 Id: cc8417a8-50ec-11e4-9e83-00266c0ce5fa
 
Error - 10/10/2014 11:38:37 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/10/2014 11:55:49 PM | Computer Name = Tchume | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary gsogxpwd.  System Error: The system cannot find the file specified.  .
 
Error - 10/11/2014 12:30:00 AM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/11/2014 10:40:54 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/13/2014 9:41:57 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
Error - 10/17/2014 6:00:18 PM | Computer Name = Tchume | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 10/10/2014 11:35:59 PM | Computer Name = Tchume | Source = DCOM | ID = 10010
Description = 
 
Error - 10/10/2014 11:37:09 PM | Computer Name = Tchume | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
Error - 10/11/2014 12:27:26 AM | Computer Name = Tchume | Source = DCOM | ID = 10010
Description = 
 
Error - 10/11/2014 12:28:27 AM | Computer Name = Tchume | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
Error - 10/11/2014 12:59:56 AM | Computer Name = Tchume | Source = DCOM | ID = 10010
Description = 
 
Error - 10/11/2014 10:39:55 PM | Computer Name = Tchume | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
Error - 10/11/2014 11:05:01 PM | Computer Name = Tchume | Source = DCOM | ID = 10010
Description = 
 
Error - 10/13/2014 9:41:05 PM | Computer Name = Tchume | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
Error - 10/14/2014 12:14:44 AM | Computer Name = Tchume | Source = DCOM | ID = 10010
Description = 
 
Error - 10/17/2014 5:58:58 PM | Computer Name = Tchume | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
 
< End of report >


#11 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 17 October 2014 - 06:34 PM

Sorry I wanted the Extras.txt to be in a second post but when I posted it it just got added to the post for the OTL log. Is that okay?



#12 Dakeyras

Dakeyras

    Anti-Malware Mammoth


  • Malware Response Team
  • 371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Tundra
  • Local time:08:10 PM

Posted 18 October 2014 - 11:42 AM

Hi. :)
 

Sorry I wanted the Extras.txt to be in a second post but when I posted it it just got added to the post for the OTL log. Is that okay?

Not a problem, lets proceed as follows shall we...

Remove AVG Remnants:

Download and save the AVG Remover 2012 from here(download the 64-Bit Version) to the desktop.

Right-click on avg_remover_stf_x64_2012_2125.exe and select Run as Administrator >> follows the prompts and reboot the machines if advised to.

Note: A notepad file will appear on the desktop upon completion called avgremover, I have no need to review this unless any problems encountered with the running of the removal tool.

Java Advice:

There has been a recent severe exploitation of this software. Even though this exploit has been reportedly fixed there is still a vulnerability with the software, the below is currently all that it is installed Java related:-

Java 8 Update 20 (64-bit)

So you need to uninstall the aforementioned(if still present via Uninstall a program or [B}Programs and Features located in the Control Panel)...Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

Please let myself know what you wish to do about this in your next reply please and if you opt to re-install I will provide both the appropriate instructions and safety advice etc.

Windows Sidebar Advice:

It is no longer prudent to have this feature enabled as outlined in the below Microsoft article:-

Vulnerabilities in Gadgets could allow remote code execution

I advice you download and run the Disable Windows Sidebar and Gadgets Fixtit utility to rectify this.

Note: Ensure you reboot the machine when prompted before proceeding any further. As otherwise it may cause unpredictable results if not rebooted and you proceed straight-away to the custom OTL script below.

Custom OTL Script:
  • Right-click OTL.exe and select Run as Administrator to start the program.
  • Copy the lines from the code-box[/b to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:Commands
[CreateRestorePoint]

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.20.2: C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
2013/08/08 20:06:12 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files (x86)\Mozilla Firefox\extensions\snwehtx@ggoslbyermzeiwe.org
File not found (No name found) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA9306\FF
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..Trusted Domains: genieo.com ([yahoo] http in Trusted sites)
O15 - HKU\S-1-5-21-100449044-2964483482-1597375923-1001\..Trusted Ranges: Range1 ([*] in Trusted sites)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/10/17 17:59:21 | 000,000,460 | ---- | M] () -- C:\windows\tasks\RegCure Pro Startup.job
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

:Files
C:\Program Files\Java
C:\Program Files (x86)\Java
C:\PROGRA~2\SearchProtect
C:\Program Files (x86)\WebexpEnhanced
ipconfig /flushdns /c
netsh advfirewall reset /c 
netsh advfirewall set allprofiles state on /c 

:Commands
[ResetHosts]
[EmptyTemp]
  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
Note: The log file can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Next:

When completed the above, please post back the following in the order asked for:
  • How is your grandfather's computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Decision about a new Java installation.


#13 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 18 October 2014 - 07:35 PM

Ran the AVG Removal tool and got the following:

2014-10-19 00:27:24,908 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2014-10-19 00:27:24,912 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2014-10-19 00:27:24,912 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2014-10-19 00:27:24,912 DEBUG Reading AVG IDS\IDS\InstallDir value failed (error: e001003d)
2014-10-19 00:27:24,912 INFO Command line: "C:\Users\Innes\Desktop\avg_remover_stf_x64_2012_2125.exe" 
2014-10-19 00:27:24,914 WARN AvgDir param empty.
2014-10-19 00:27:24,915 WARN AvgDataDir param empty.
2014-10-19 00:27:56,085 INFO AvgRemover runs in attempt number 1
2014-10-19 00:27:56,085 INFO Attempting to unregister AVG from the Windows Security Center.
2014-10-19 00:27:56,085 INFO Attempting to uninstall AVG Identity Protection.
2014-10-19 00:27:56,100 INFO Attempting to uninstall toolbar
2014-10-19 00:27:56,100 INFO *****     Msi data     *****
2014-10-19 00:27:56,100 DEBUG No product code found for our upgrade codes, nothing to do here
2014-10-19 00:27:56,100 INFO *****     Exchange&Outlook plugins data     *****
2014-10-19 00:27:56,100 INFO Removing AvgOutlook addin
2014-10-19 00:27:56,100 INFO  AvgOutlook Removing HKCR addin keys x86
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'avgoutlook.Addin': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2014-10-19 00:27:56,100 INFO  AvgOutlook Removing HKCR addin keys x64
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'avgoutlook.Addin': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2014-10-19 00:27:56,100 DEBUG   Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2014-10-19 00:27:56,116 INFO Removing Sharepoint plugin if exists
2014-10-19 00:27:56,116 DEBUG  Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2014-10-19 00:27:56,116 DEBUG  Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2014-10-19 00:27:56,116 DEBUG Stopping service 'MSExchangeIS' to remove VSAPI plugin...
2014-10-19 00:27:56,116 DEBUG Service MSExchangeIS Stop failed (error: c0070424)
2014-10-19 00:27:56,116 DEBUG Exchange&Outlook plugins removal failed with error 0xc0070424
2014-10-19 00:27:56,116 INFO *****     Services     *****
2014-10-19 00:27:56,116 INFO Processing service avg8emc, it can take several minutes...
2014-10-19 00:27:56,116 INFO Processing service avgfws8, it can take several minutes...
2014-10-19 00:27:56,116 INFO Processing service avg9wd, it can take several minutes...
2014-10-19 00:27:56,116 INFO Service avgfws8 is not installed
2014-10-19 00:27:56,132 DEBUG Service avgfws8 RegCleanup
2014-10-19 00:27:56,132 DEBUG Registry keys for service avgfws8 are not present
2014-10-19 00:27:56,132 INFO Processing service avg8wd, it can take several minutes...
2014-10-19 00:27:56,132 INFO Processing service AvgMfx64, it can take several minutes...
2014-10-19 00:27:56,116 INFO Processing service AvgWFPx, it can take several minutes...
2014-10-19 00:27:56,147 INFO Service AvgWFPx is not installed
2014-10-19 00:27:56,147 DEBUG Service AvgWFPx RegCleanup
2014-10-19 00:27:56,147 DEBUG Registry keys for service AvgWFPx are not present
2014-10-19 00:27:56,147 INFO Processing service AvgWFPa, it can take several minutes...
2014-10-19 00:27:56,116 INFO Service avg9wd is not installed
2014-10-19 00:27:56,147 DEBUG Service avg9wd RegCleanup
2014-10-19 00:27:56,147 DEBUG Registry keys for service avg9wd are not present
2014-10-19 00:27:56,132 INFO Service AvgMfx64 is not installed
2014-10-19 00:27:56,147 DEBUG Service AvgMfx64 RegCleanup
2014-10-19 00:27:56,147 DEBUG Registry keys for service AvgMfx64 are not present
2014-10-19 00:27:56,116 INFO Service avg8emc is not installed
2014-10-19 00:27:56,147 DEBUG Service avg8emc RegCleanup
2014-10-19 00:27:56,147 DEBUG Registry keys for service avg8emc are not present
2014-10-19 00:27:56,147 INFO Service avg8wd is not installed
2014-10-19 00:27:56,163 DEBUG Service avg8wd RegCleanup
2014-10-19 00:27:56,163 DEBUG Registry keys for service avg8wd are not present
2014-10-19 00:27:56,163 INFO Processing service AvgRkx86, it can take several minutes...
2014-10-19 00:27:56,147 INFO Processing service AvgMfx86, it can take several minutes...
2014-10-19 00:27:56,147 INFO Processing service AvgLdx86, it can take several minutes...
2014-10-19 00:27:56,163 INFO Processing service avgfws, it can take several minutes...
2014-10-19 00:27:56,178 INFO Processing service AVGIDSAgent, it can take several minutes...
2014-10-19 00:27:56,178 INFO Service AVGIDSAgent is not running
2014-10-19 00:27:56,178 DEBUG Service AVGIDSAgent Delete
2014-10-19 00:27:56,147 INFO Processing service AvgTdiA, it can take several minutes...
2014-10-19 00:27:56,194 INFO Processing service AVGIDSDriverxpx, it can take several minutes...
2014-10-19 00:27:56,147 INFO Service AvgWFPa is not installed
2014-10-19 00:27:56,194 DEBUG Service AvgWFPa RegCleanup
2014-10-19 00:27:56,194 DEBUG Registry keys for service AvgWFPa are not present
2014-10-19 00:27:56,194 INFO Processing service AVGIDSFiltervtx, it can take several minutes...
2014-10-19 00:27:56,163 INFO Processing service AvgRkx64, it can take several minutes...
2014-10-19 00:27:56,163 INFO Processing service avg9emc, it can take several minutes...
2014-10-19 00:27:56,163 INFO Service AvgRkx86 is not installed
2014-10-19 00:27:56,210 DEBUG Service AvgRkx86 RegCleanup
2014-10-19 00:27:56,210 DEBUG Registry keys for service AvgRkx86 are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSFilterw7x, it can take several minutes...
2014-10-19 00:27:56,163 INFO Processing service avgfws9, it can take several minutes...
2014-10-19 00:27:56,147 INFO Processing service AvgLdx64, it can take several minutes...
2014-10-19 00:27:56,225 INFO Service AvgLdx64 is not installed
2014-10-19 00:27:56,225 DEBUG Service AvgLdx64 RegCleanup
2014-10-19 00:27:56,225 DEBUG Registry keys for service AvgLdx64 are not present
2014-10-19 00:27:56,147 INFO Processing service AvgTdiX, it can take several minutes...
2014-10-19 00:27:56,178 INFO Processing service AVGIDSWatcher, it can take several minutes...
2014-10-19 00:27:56,178 INFO Processing service AVGIDSFilterxpx, it can take several minutes...
2014-10-19 00:27:56,225 INFO Processing service AVGIDSErHrvtx, it can take several minutes...
2014-10-19 00:27:56,225 INFO Processing service AVGIDSErHrw7x, it can take several minutes...
2014-10-19 00:27:56,241 INFO Processing service avgwd, it can take several minutes...
2014-10-19 00:27:56,194 INFO Service AvgTdiA is not installed
2014-10-19 00:27:56,241 DEBUG Service AvgTdiA RegCleanup
2014-10-19 00:27:56,241 DEBUG Registry keys for service AvgTdiA are not present
2014-10-19 00:27:56,163 INFO Processing service AvgWfpX, it can take several minutes...
2014-10-19 00:27:56,163 INFO Processing service AvgWfpA, it can take several minutes...
2014-10-19 00:27:56,194 INFO Service AVGIDSDriverxpx is not installed
2014-10-19 00:27:56,256 DEBUG Service AVGIDSDriverxpx RegCleanup
2014-10-19 00:27:56,256 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSShimvtx, it can take several minutes...
2014-10-19 00:27:56,210 INFO Service AVGIDSFiltervtx is not installed
2014-10-19 00:27:56,256 DEBUG Service AVGIDSFiltervtx RegCleanup
2014-10-19 00:27:56,256 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSDrivervtx, it can take several minutes...
2014-10-19 00:27:56,210 INFO Service AvgRkx64 is not installed
2014-10-19 00:27:56,256 DEBUG Service AvgRkx64 RegCleanup
2014-10-19 00:27:56,210 INFO Service avg9emc is not installed
2014-10-19 00:27:56,256 DEBUG Service avg9emc RegCleanup
2014-10-19 00:27:56,256 DEBUG Registry keys for service avg9emc are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSDrivervta, it can take several minutes...
2014-10-19 00:27:56,163 INFO Service AvgMfx86 is not installed
2014-10-19 00:27:56,272 DEBUG Service AvgMfx86 RegCleanup
2014-10-19 00:27:56,272 DEBUG Registry keys for service AvgMfx86 are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSFilterw7a, it can take several minutes...
2014-10-19 00:27:56,210 INFO Processing service AVGIDSErHrxpx, it can take several minutes...
2014-10-19 00:27:56,210 INFO Processing service AVGIDSErHrvta, it can take several minutes...
2014-10-19 00:27:56,210 INFO Service AVGIDSFilterw7x is not installed
2014-10-19 00:27:56,288 DEBUG Service AVGIDSFilterw7x RegCleanup
2014-10-19 00:27:56,288 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2014-10-19 00:27:56,210 INFO Service avgfws9 is not installed
2014-10-19 00:27:56,288 DEBUG Service avgfws9 RegCleanup
2014-10-19 00:27:56,288 DEBUG Registry keys for service avgfws9 are not present
2014-10-19 00:27:56,210 INFO Processing service AVGIDSErHrw7a, it can take several minutes...
2014-10-19 00:27:56,163 INFO Service AvgLdx86 is not installed
2014-10-19 00:27:56,288 DEBUG Service AvgLdx86 RegCleanup
2014-10-19 00:27:56,288 DEBUG Registry keys for service AvgLdx86 are not present
2014-10-19 00:27:56,225 INFO Processing service AVGIDSFiltervta, it can take several minutes...
2014-10-19 00:27:56,225 INFO Processing service AVGIDSShimw7x, it can take several minutes...
2014-10-19 00:27:56,225 INFO Processing service AVGIDSDriverw7x, it can take several minutes...
2014-10-19 00:27:56,225 INFO Service AvgTdiX is not installed
2014-10-19 00:27:56,303 DEBUG Service AvgTdiX RegCleanup
2014-10-19 00:27:56,225 INFO Processing service AVGIDSDriverw7a, it can take several minutes...
2014-10-19 00:27:56,303 INFO Service AVGIDSDriverw7a is not installed
2014-10-19 00:27:56,319 DEBUG Service AVGIDSDriverw7a RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2014-10-19 00:27:56,178 INFO Processing service AVGIDSShimxpx, it can take several minutes...
2014-10-19 00:27:56,225 INFO Service AVGIDSFilterxpx is not installed
2014-10-19 00:27:56,319 DEBUG Service AVGIDSFilterxpx RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2014-10-19 00:27:56,178 DEBUG Service AVGIDSAgent RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service AVGIDSAgent are not present
2014-10-19 00:27:56,225 INFO Service AVGIDSErHrvtx is not installed
2014-10-19 00:27:56,319 DEBUG Service AVGIDSErHrvtx RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2014-10-19 00:27:56,241 INFO Service AVGIDSErHrw7x is not installed
2014-10-19 00:27:56,319 DEBUG Service AVGIDSErHrw7x RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2014-10-19 00:27:56,178 INFO Service avgfws is not installed
2014-10-19 00:27:56,319 DEBUG Service avgfws RegCleanup
2014-10-19 00:27:56,319 DEBUG Registry keys for service avgfws are not present
2014-10-19 00:27:56,241 INFO Service avgwd is not installed
2014-10-19 00:27:56,334 DEBUG Service avgwd RegCleanup
2014-10-19 00:27:56,334 DEBUG Registry keys for service avgwd are not present
2014-10-19 00:27:56,241 INFO Service AvgWfpX is not installed
2014-10-19 00:27:56,334 DEBUG Service AvgWfpX RegCleanup
2014-10-19 00:27:56,241 INFO Service AvgWfpA is not installed
2014-10-19 00:27:56,334 DEBUG Service AvgWfpA RegCleanup
2014-10-19 00:27:56,334 DEBUG Registry keys for service AvgWfpA are not present
2014-10-19 00:27:56,256 INFO Service AVGIDSShimvtx is not installed
2014-10-19 00:27:56,334 DEBUG Service AVGIDSShimvtx RegCleanup
2014-10-19 00:27:56,334 DEBUG Registry keys for service AVGIDSShimvtx are not present
2014-10-19 00:27:56,256 INFO Service AVGIDSDrivervtx is not installed
2014-10-19 00:27:56,334 DEBUG Service AVGIDSDrivervtx RegCleanup
2014-10-19 00:27:56,334 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2014-10-19 00:27:56,256 DEBUG Registry keys for service AvgRkx64 are not present
2014-10-19 00:27:56,272 INFO Service AVGIDSDrivervta is not installed
2014-10-19 00:27:56,334 DEBUG Service AVGIDSDrivervta RegCleanup
2014-10-19 00:27:56,334 DEBUG Registry keys for service AVGIDSDrivervta are not present
2014-10-19 00:27:56,272 INFO Service AVGIDSFilterw7a is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSFilterw7a RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2014-10-19 00:27:56,272 INFO Service AVGIDSErHrxpx is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSErHrxpx RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2014-10-19 00:27:56,288 INFO Service AVGIDSErHrvta is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSErHrvta RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSErHrvta are not present
2014-10-19 00:27:56,288 INFO Service AVGIDSErHrw7a is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSErHrw7a RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2014-10-19 00:27:56,303 INFO Service AVGIDSFiltervta is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSFiltervta RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSFiltervta are not present
2014-10-19 00:27:56,303 INFO Service AVGIDSShimw7x is not installed
2014-10-19 00:27:56,350 DEBUG Service AVGIDSShimw7x RegCleanup
2014-10-19 00:27:56,350 DEBUG Registry keys for service AVGIDSShimw7x are not present
2014-10-19 00:27:56,303 INFO Service AVGIDSDriverw7x is not installed
2014-10-19 00:27:56,366 DEBUG Service AVGIDSDriverw7x RegCleanup
2014-10-19 00:27:56,366 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2014-10-19 00:27:56,303 DEBUG Registry keys for service AvgTdiX are not present
2014-10-19 00:27:56,225 INFO Service AVGIDSWatcher is not installed
2014-10-19 00:27:56,366 DEBUG Service AVGIDSWatcher RegCleanup
2014-10-19 00:27:56,366 DEBUG Registry keys for service AVGIDSWatcher are not present
2014-10-19 00:27:56,319 INFO Service AVGIDSShimxpx is not installed
2014-10-19 00:27:56,366 DEBUG Service AVGIDSShimxpx RegCleanup
2014-10-19 00:27:56,366 DEBUG Registry keys for service AVGIDSShimxpx are not present
2014-10-19 00:27:56,334 DEBUG Registry keys for service AvgWfpX are not present
2014-10-19 00:27:56,366 INFO *****     Avg Fw NDIS driver(separate process)     *****
2014-10-19 00:27:56,397 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2014-10-19 00:27:56,412 DEBUG Deleting stuck RunOnce value from registry.
2014-10-19 00:27:56,412 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2014-10-19 00:27:56,412 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2014-10-19 00:27:56,412 DEBUG Reading AVG IDS\IDS\InstallDir value failed (error: e001003d)
2014-10-19 00:27:56,412 INFO Command line: "C:\Users\Innes\Desktop\avg_remover_stf_x64_2012_2125.exe"  /ndisonly /skipask
2014-10-19 00:27:56,412 WARN AvgDir param empty.
2014-10-19 00:27:56,412 WARN AvgDataDir param empty.
2014-10-19 00:27:56,412 INFO AvgRemover runs in attempt number 1
2014-10-19 00:27:56,412 INFO *****     Avg Fw NDIS driver     *****
2014-10-19 00:27:56,412 INFO ...this operation can take several minutes...
2014-10-19 00:27:56,412 INFO FW removing policy
2014-10-19 00:27:57,114 INFO FW NDIS driver not present
2014-10-19 00:27:57,114 DEBUG Remove NDIS driver pass, next uninstalation step is 10, old was 1
2014-10-19 00:27:57,114 INFO *****     end of Fw NDIS separated process     *****
2014-10-19 00:27:57,114 INFO *****     Drivers     *****
2014-10-19 00:27:57,130 INFO *****     Running AVG process     *****
2014-10-19 00:27:57,426 INFO *****     Registry keys and values     *****
2014-10-19 00:27:57,426 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2014-10-19 00:27:57,426 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2014-10-19 00:27:57,426 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2014-10-19 00:27:57,426 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2014-10-19 00:27:57,426 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2014-10-19 00:27:57,426 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2014-10-19 00:27:57,426 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2014-10-19 00:27:57,442 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1E73965B-8B48-48be-9C8D-68B920ABC1C4} Remove
2014-10-19 00:27:57,442 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1E73965B-8B48-48be-9C8D-68B920ABC1C4} is not present
2014-10-19 00:27:57,442 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2014-10-19 00:27:57,442 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2014-10-19 00:27:57,442 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt ForceRemove
2014-10-19 00:27:57,442 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt not found
2014-10-19 00:27:57,442 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt ForceRemove
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt not found
2014-10-19 00:27:57,458 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2014-10-19 00:27:57,458 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2014-10-19 00:27:57,458 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2014-10-19 00:27:57,458 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2014-10-19 00:27:57,458 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2014-10-19 00:27:57,458 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2014-10-19 00:27:57,458 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2014-10-19 00:27:57,458 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:57,458 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:57,458 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:57,458 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2014-10-19 00:27:57,473 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2014-10-19 00:27:57,473 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2014-10-19 00:27:57,473 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:57,473 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:57,473 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:57,473 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2014-10-19 00:27:57,473 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2014-10-19 00:27:57,473 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2014-10-19 00:27:57,473 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2014-10-19 00:27:57,473 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2014-10-19 00:27:57,489 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2014-10-19 00:27:57,489 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2014-10-19 00:27:57,489 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2014-10-19 00:27:57,489 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2014-10-19 00:27:57,489 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2014-10-19 00:27:57,489 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2014-10-19 00:27:57,489 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2014-10-19 00:27:57,489 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2014-10-19 00:27:57,489 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2014-10-19 00:27:57,489 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2014-10-19 00:27:57,504 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2014-10-19 00:27:57,504 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2014-10-19 00:27:57,504 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2014-10-19 00:27:57,504 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2014-10-19 00:27:57,504 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2014-10-19 00:27:57,504 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2014-10-19 00:27:57,504 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2014-10-19 00:27:57,520 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2014-10-19 00:27:57,520 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2014-10-19 00:27:57,520 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2014-10-19 00:27:57,520 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2014-10-19 00:27:57,520 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2014-10-19 00:27:57,520 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2014-10-19 00:27:57,520 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2014-10-19 00:27:57,520 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2014-10-19 00:27:57,520 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2014-10-19 00:27:57,520 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2014-10-19 00:27:57,520 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2014-10-19 00:27:57,520 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2014-10-19 00:27:57,536 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall ForceRemove
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall not found
2014-10-19 00:27:57,536 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2014-10-19 00:27:57,536 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2014-10-19 00:27:57,536 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2014-10-19 00:27:57,536 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2014-10-19 00:27:57,536 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\.avgdi
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\.avgdi not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\.avgdx
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2014-10-19 00:27:57,551 DEBUG Key SOFTWARE\Classes\.avgdx not found
2014-10-19 00:27:57,551 INFO Processing registry SOFTWARE\Classes\.avgdx
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\.avgdx
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\.avgdx
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\.avgdx not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,567 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,567 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,582 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,582 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,582 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,582 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2014-10-19 00:27:57,582 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2014-10-19 00:27:57,582 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2014-10-19 00:27:57,598 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2014-10-19 00:27:57,598 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2014-10-19 00:27:57,614 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2014-10-19 00:27:57,614 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2014-10-19 00:27:57,614 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2014-10-19 00:27:57,614 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2014-10-19 00:27:57,614 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2014-10-19 00:27:57,614 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2014-10-19 00:27:57,629 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2014-10-19 00:27:57,629 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2014-10-19 00:27:57,629 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2014-10-19 00:27:57,629 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2014-10-19 00:27:57,629 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2014-10-19 00:27:57,629 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2014-10-19 00:27:57,629 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2014-10-19 00:27:57,629 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2014-10-19 00:27:57,629 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2014-10-19 00:27:57,629 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2014-10-19 00:27:57,629 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2014-10-19 00:27:57,629 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2014-10-19 00:27:57,629 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2014-10-19 00:27:57,629 INFO Processing registry SYSTEM\ControlSet001\Control\GroupOrderList
2014-10-19 00:27:57,629 DEBUG Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG Remove
2014-10-19 00:27:57,629 INFO Processing registry SYSTEM\ControlSet001\services\Avg
2014-10-19 00:27:57,629 DEBUG Key SYSTEM\ControlSet001\services\Avg ForceRemove
2014-10-19 00:27:57,629 DEBUG Key SYSTEM\ControlSet001\services\Avg not found
2014-10-19 00:27:57,629 INFO Processing registry SYSTEM\ControlSet001\services\Avgfwfd
2014-10-19 00:27:57,629 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd ForceRemove
2014-10-19 00:27:57,629 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd not found
2014-10-19 00:27:57,629 INFO Processing registry SYSTEM\ControlSet001\services\AVG Security Toolbar Service
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\Avgfws
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\Avgfws ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\Avgfws not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSAgent
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSDriver
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSEH
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSFilter
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgldx64
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgldx86
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx64
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx86
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx64
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx86
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 ForceRemove
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 not found
2014-10-19 00:27:57,645 INFO Processing registry SYSTEM\ControlSet001\services\avgtdia
2014-10-19 00:27:57,645 DEBUG Key SYSTEM\ControlSet001\services\avgtdia ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgtdia not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgtdix
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgtdix ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgtdix not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgwd
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwd ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwd not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgfwdx
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgfwda
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgfwda ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgfwda not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpa
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpx
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2014-10-19 00:27:57,660 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2014-10-19 00:27:57,660 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2014-10-19 00:27:57,676 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2014-10-19 00:27:57,676 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\avgfwdx
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgfwdx not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\avgfwda
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgfwda ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgfwda not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\avgwfpa
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwfpa ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwfpa not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\avgwfpx
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwfpx ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\avgwfpx not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2014-10-19 00:27:57,692 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2014-10-19 00:27:57,692 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2014-10-19 00:27:57,707 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2014-10-19 00:27:57,707 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2014-10-19 00:27:57,707 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2014-10-19 00:27:57,707 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2014-10-19 00:27:57,707 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx64
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgrkx64 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgrkx86
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgrkx86 not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgtdia
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgtdia ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgtdia not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgtdix
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgtdix ForceRemove
2014-10-19 00:27:57,723 DEBUG Key SYSTEM\ControlSet002\services\avgtdix not found
2014-10-19 00:27:57,723 INFO Processing registry SYSTEM\ControlSet002\services\avgwd
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\ControlSet002\services\avgwd ForceRemove
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\ControlSet002\services\avgwd not found
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS ForceRemove
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGFWS not found
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSAGENT not found
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2014-10-19 00:27:57,738 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVER failed (error e0010058)
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSEH not found
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER
2014-10-19 00:27:57,738 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2014-10-19 00:27:57,738 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSFILTER failed (error e0010058)
2014-10-19 00:27:57,738 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIM not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX86 not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX86 not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX86 not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGLDX64 not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGMFX64 not found
2014-10-19 00:27:57,754 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64
2014-10-19 00:27:57,754 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2014-10-19 00:27:57,770 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGRKX64 failed (error e0010058)
2014-10-19 00:27:57,770 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX
2014-10-19 00:27:57,770 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX ForceRemove
2014-10-19 00:27:57,770 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIX not found
2014-10-19 00:27:57,770 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA
2014-10-19 00:27:57,770 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA ForceRemove
2014-10-19 00:27:57,770 WARN Deleting key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDIA failed (error e0010058)
2014-10-19 00:27:57,770 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD
2014-10-19 00:27:57,770 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD ForceRemove
2014-10-19 00:27:57,770 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWD not found
2014-10-19 00:27:57,770 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG9WD not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPX not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGWFPA not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGFWS not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2014-10-19 00:27:57,785 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSAGENT not found
2014-10-19 00:27:57,785 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER
2014-10-19 00:27:57,801 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2014-10-19 00:27:57,801 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVER failed (error e0010058)
2014-10-19 00:27:57,801 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH
2014-10-19 00:27:57,801 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2014-10-19 00:27:57,801 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSEH not found
2014-10-19 00:27:57,801 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER
2014-10-19 00:27:57,801 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2014-10-19 00:27:57,801 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSFILTER failed (error e0010058)
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIM not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX86 not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX86 not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX86 not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGLDX64 not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGMFX64 not found
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64
2014-10-19 00:27:57,816 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2014-10-19 00:27:57,816 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGRKX64 failed (error e0010058)
2014-10-19 00:27:57,816 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX ForceRemove
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIX not found
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA ForceRemove
2014-10-19 00:27:57,832 WARN Deleting key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGTDIA failed (error e0010058)
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD ForceRemove
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWD not found
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD ForceRemove
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVG9WD not found
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2014-10-19 00:27:57,832 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2014-10-19 00:27:57,832 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPX not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet001\Enum\Root\LEGACY_AVGWFPA not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGFWS not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSAGENT not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER ForceRemove
2014-10-19 00:27:57,848 WARN Deleting key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVER failed (error e0010058)
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH ForceRemove
2014-10-19 00:27:57,848 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSEH not found
2014-10-19 00:27:57,848 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER ForceRemove
2014-10-19 00:27:57,863 WARN Deleting key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSFILTER failed (error e0010058)
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM ForceRemove
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIM not found
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 ForceRemove
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX86 not found
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 ForceRemove
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX86 not found
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 ForceRemove
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX86 not found
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 ForceRemove
2014-10-19 00:27:57,863 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGLDX64 not found
2014-10-19 00:27:57,863 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64
2014-10-19 00:27:57,879 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 ForceRemove
2014-10-19 00:27:57,879 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGMFX64 not found
2014-10-19 00:27:57,879 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64
2014-10-19 00:27:57,879 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 ForceRemove
2014-10-19 00:27:57,879 WARN Deleting key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGRKX64 failed (error e0010058)
2014-10-19 00:27:57,879 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIX not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA ForceRemove
2014-10-19 00:27:57,894 WARN Deleting key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDIA failed (error e0010058)
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWD not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG9WD not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSDRIVERXPX not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSERHRXPX not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGIDSSHIMXPX not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX ForceRemove
2014-10-19 00:27:57,894 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPX not found
2014-10-19 00:27:57,894 INFO Processing registry SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA
2014-10-19 00:27:57,910 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGWFPA not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\Clients
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\Clients not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG8
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG8 not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG9
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG9 not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG10
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG10 not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG10
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG10 not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG2012
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG2012
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG2012 not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG IDS
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG\AVG IDS
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2014-10-19 00:27:57,910 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2014-10-19 00:27:57,910 INFO Processing registry SOFTWARE\AVG
2014-10-19 00:27:57,926 DEBUG Value SOFTWARE\AVG:DumpType Remove
2014-10-19 00:27:57,926 INFO Value SOFTWARE\AVG:DumpType is not present
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Remove
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Remove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG Security Toolbar
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG Security Toolbar
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG Secure Search
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Secure Search ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Secure Search not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG Secure Search
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Secure Search ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG Secure Search not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG\AVG8
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG\AVG8 not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG\AVG9
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2014-10-19 00:27:57,926 DEBUG Key SOFTWARE\AVG\AVG9 not found
2014-10-19 00:27:57,926 INFO Processing registry SOFTWARE\AVG\AVG10
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG10 not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG\AVG10
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG10 ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG10 not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG\AVG2012
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG2012 not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG\AVG2012
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG2012 ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG\AVG2012 not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Remove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Remove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG Security Toolbar
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\AVG Security Toolbar
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2014-10-19 00:27:57,941 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2014-10-19 00:27:57,941 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:57,941 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:57,941 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867}
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867} ForceRemove
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B206F26B-E6D1-43A0-8CF7-D3943147F867} not found
2014-10-19 00:27:57,957 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2014-10-19 00:27:57,957 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2014-10-19 00:27:57,957 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2014-10-19 00:27:57,957 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:57,957 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2014-10-19 00:27:57,957 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2014-10-19 00:27:57,957 INFO Processing registry SOFTWARE\AppDataLow\Avg
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\AppDataLow\Avg ForceRemove
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\AppDataLow\Avg not found
2014-10-19 00:27:57,972 INFO Processing registry SOFTWARE\AppDataLow\Software\AVG Security Toolbar
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar ForceRemove
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\AppDataLow\Software\AVG Security Toolbar not found
2014-10-19 00:27:57,972 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2014-10-19 00:27:57,972 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:57,972 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2014-10-19 00:27:57,972 INFO Processing registry .avgdxa
2014-10-19 00:27:57,972 DEBUG Key .avgdxa ForceRemove
2014-10-19 00:27:57,972 DEBUG Key .avgdxa not found
2014-10-19 00:27:57,972 INFO Processing registry aAvgAPI.AvgBro
2014-10-19 00:27:57,972 DEBUG Key aAvgAPI.AvgBro ForceRemove
2014-10-19 00:27:57,972 DEBUG Key aAvgAPI.AvgBro not found
2014-10-19 00:27:57,972 INFO Processing registry AVG.Office
2014-10-19 00:27:57,972 DEBUG Key AVG.Office ForceRemove
2014-10-19 00:27:57,972 DEBUG Key AVG.Office not found
2014-10-19 00:27:57,972 INFO Processing registry AVG.Office.8
2014-10-19 00:27:57,972 DEBUG Key AVG.Office.8 ForceRemove
2014-10-19 00:27:57,972 DEBUG Key AVG.Office.8 not found
2014-10-19 00:27:57,972 INFO Processing registry AvgDiagFile
2014-10-19 00:27:57,972 DEBUG Key AvgDiagFile ForceRemove
2014-10-19 00:27:57,972 DEBUG Key AvgDiagFile not found
2014-10-19 00:27:57,972 INFO Processing registry AvgDiagExFile
2014-10-19 00:27:57,972 DEBUG Key AvgDiagExFile ForceRemove
2014-10-19 00:27:57,972 DEBUG Key AvgDiagExFile not found
2014-10-19 00:27:57,972 INFO Processing registry avgtoolbar.AVGTOOLBAR
2014-10-19 00:27:57,972 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2014-10-19 00:27:57,972 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2014-10-19 00:27:57,972 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2014-10-19 00:27:57,988 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2014-10-19 00:27:57,988 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2014-10-19 00:27:57,988 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2014-10-19 00:27:57,988 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2014-10-19 00:27:57,988 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2014-10-19 00:27:57,988 INFO Processing registry LinkScannerIE.NavFilter
2014-10-19 00:27:57,988 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2014-10-19 00:27:57,988 DEBUG Key LinkScannerIE.NavFilter not found
2014-10-19 00:27:57,988 INFO Processing registry LinkScannerIE.NavFilter.1
2014-10-19 00:27:57,988 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2014-10-19 00:27:57,988 DEBUG Key LinkScannerIE.NavFilter.1 not found
2014-10-19 00:27:57,988 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2014-10-19 00:27:57,988 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2014-10-19 00:27:57,988 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2014-10-19 00:27:57,988 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2014-10-19 00:27:57,988 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2014-10-19 00:27:57,988 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2014-10-19 00:27:57,988 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:57,988 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:57,988 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2014-10-19 00:27:57,988 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2014-10-19 00:27:58,004 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:58,004 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:58,004 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2014-10-19 00:27:58,004 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2014-10-19 00:27:58,004 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2014-10-19 00:27:58,004 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2014-10-19 00:27:58,019 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2014-10-19 00:27:58,019 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2014-10-19 00:27:58,019 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2014-10-19 00:27:58,019 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2014-10-19 00:27:58,019 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2014-10-19 00:27:58,019 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2014-10-19 00:27:58,019 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2014-10-19 00:27:58,019 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2014-10-19 00:27:58,019 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2014-10-19 00:27:58,019 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2014-10-19 00:27:58,035 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2014-10-19 00:27:58,035 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2014-10-19 00:27:58,035 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2014-10-19 00:27:58,035 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2014-10-19 00:27:58,035 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2014-10-19 00:27:58,035 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2014-10-19 00:27:58,035 INFO Processing registry CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83}
2014-10-19 00:27:58,035 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} not found
2014-10-19 00:27:58,035 INFO Processing registry CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2014-10-19 00:27:58,035 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2014-10-19 00:27:58,035 INFO Processing registry CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C}
2014-10-19 00:27:58,035 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} not found
2014-10-19 00:27:58,035 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2014-10-19 00:27:58,035 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2014-10-19 00:27:58,035 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2014-10-19 00:27:58,035 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2014-10-19 00:27:58,035 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2014-10-19 00:27:58,050 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2014-10-19 00:27:58,050 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2014-10-19 00:27:58,050 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2014-10-19 00:27:58,050 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2014-10-19 00:27:58,050 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2014-10-19 00:27:58,050 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2014-10-19 00:27:58,050 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2014-10-19 00:27:58,050 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2014-10-19 00:27:58,050 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2014-10-19 00:27:58,050 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2014-10-19 00:27:58,050 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2014-10-19 00:27:58,050 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2014-10-19 00:27:58,050 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2014-10-19 00:27:58,050 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2014-10-19 00:27:58,050 DEBUG Removing Session Manager values
2014-10-19 00:27:58,050 DEBUG Registry remover failed for some registry item(s)
2014-10-19 00:27:58,050 INFO *****     Files and folders     *****
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 0
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 1
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 2
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 3
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 4
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 5
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 6
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 7
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 8
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 9
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 10
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 11
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 12
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 13
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 14
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 15
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 16
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 17
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 18
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 19
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 20
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 21
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 22
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 23
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 24
2014-10-19 00:27:58,050 DEBUG Missing ParentDir path for fileItem number 25
2014-10-19 00:27:58,050 DEBUG Processing item 'C:\Users\Innes\AppData\Roaming\AVGTOOLBAR'
2014-10-19 00:27:58,050 INFO Directory 'C:\Users\Innes\AppData\Roaming\AVGTOOLBAR' not found
2014-10-19 00:27:58,050 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0'
2014-10-19 00:27:58,066 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0'
2014-10-19 00:27:58,066 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.5'
2014-10-19 00:27:58,066 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.5' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.5'
2014-10-19 00:27:58,066 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.5' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\Users\Public\Desktop\avg 8.0.lnk'
2014-10-19 00:27:58,066 INFO File 'C:\Users\Public\Desktop\avg 8.0.lnk' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\Users\Public\Desktop\avg free 8.0.lnk'
2014-10-19 00:27:58,066 INFO File 'C:\Users\Public\Desktop\avg free 8.0.lnk' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\Users\Public\Desktop\avg 8.5.lnk'
2014-10-19 00:27:58,066 INFO File 'C:\Users\Public\Desktop\avg 8.5.lnk' not found
2014-10-19 00:27:58,066 DEBUG Processing item 'C:\Users\Public\Desktop\avg free 8.5.lnk'
2014-10-19 00:27:58,066 INFO File 'C:\Users\Public\Desktop\avg free 8.5.lnk' not found
2014-10-19 00:27:58,066 DEBUG Missing ParentDir path for fileItem number 36
2014-10-19 00:27:58,066 DEBUG Missing ParentDir path for fileItem number 37
2014-10-19 00:27:58,066 DEBUG Missing ParentDir path for fileItem number 38
2014-10-19 00:27:58,066 DEBUG Missing ParentDir path for fileItem number 39
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 40
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 41
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 42
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 43
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 44
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 45
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 46
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 47
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 48
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 49
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 50
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 51
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 52
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 53
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 54
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 55
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 56
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 57
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\ProgramData\AVG Security Toolbar\Languages'
2014-10-19 00:27:58,082 INFO Directory 'C:\ProgramData\AVG Security Toolbar\Languages' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\ProgramData\AVG Security Toolbar\Update'
2014-10-19 00:27:58,082 INFO Directory 'C:\ProgramData\AVG Security Toolbar\Update' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\ProgramData\AVG Security Toolbar'
2014-10-19 00:27:58,082 INFO Directory 'C:\ProgramData\AVG Security Toolbar' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 9.0'
2014-10-19 00:27:58,082 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 9.0' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 9.0'
2014-10-19 00:27:58,082 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 9.0' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\Users\Public\Desktop\avg 9.0.lnk'
2014-10-19 00:27:58,082 INFO File 'C:\Users\Public\Desktop\avg 9.0.lnk' not found
2014-10-19 00:27:58,082 DEBUG Processing item 'C:\Users\Public\Desktop\avg free 9.0.lnk'
2014-10-19 00:27:58,082 INFO File 'C:\Users\Public\Desktop\avg free 9.0.lnk' not found
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 66
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 67
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 68
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 69
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 70
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 71
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 72
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 73
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 74
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 75
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 76
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 77
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 78
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 79
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 80
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 81
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 82
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 83
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 84
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 85
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 86
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 87
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 88
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 89
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 90
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 91
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 92
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 93
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 94
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 95
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 96
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 97
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 98
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 99
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 100
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 101
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 102
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 103
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 104
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 105
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 106
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 107
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 108
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 109
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 110
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 111
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 112
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 113
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 114
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 115
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 116
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 117
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 118
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 119
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 120
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 121
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 122
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 123
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 124
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 125
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 126
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 127
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 128
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 129
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 130
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 131
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 132
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 133
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 134
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 135
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 136
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 137
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 138
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 139
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 140
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 141
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 142
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 143
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 144
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 145
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 146
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 147
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 148
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 149
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 150
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 151
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 152
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 153
2014-10-19 00:27:58,082 DEBUG Missing ParentDir path for fileItem number 154
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 155
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 156
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 157
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 158
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 159
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 160
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 161
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 162
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 163
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 164
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 165
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 166
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 167
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 168
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 169
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 170
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 171
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 172
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 173
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 174
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 175
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 176
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 177
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 178
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 179
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 180
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 181
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 182
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 183
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 184
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 185
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 186
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 187
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 188
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 189
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 190
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 191
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 192
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 193
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 194
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 195
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 196
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 197
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 198
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 199
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 200
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 201
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 202
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 203
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 204
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 205
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 206
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 207
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 208
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 209
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 210
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 211
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 212
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 213
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 214
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 215
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 216
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 217
2014-10-19 00:27:58,097 DEBUG Missing ParentDir path for fileItem number 218
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\AVG'
2014-10-19 00:27:58,097 INFO Directory 'C:\windows\System32\Drivers\AVG' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsdriverx.sys'
2014-10-19 00:27:58,097 INFO File 'C:\windows\System32\Drivers\avgidsdriverx.sys' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsdrivera.sys'
2014-10-19 00:27:58,097 INFO File 'C:\windows\System32\Drivers\avgidsdrivera.sys' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsehx.sys'
2014-10-19 00:27:58,097 INFO File 'C:\windows\System32\Drivers\avgidsehx.sys' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidseha.sys'
2014-10-19 00:27:58,097 INFO File 'C:\windows\System32\Drivers\avgidseha.sys' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsfilterx.sys'
2014-10-19 00:27:58,097 INFO File 'C:\windows\System32\Drivers\avgidsfilterx.sys' not found
2014-10-19 00:27:58,097 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsfiltera.sys'
2014-10-19 00:27:58,113 INFO File 'C:\windows\System32\Drivers\avgidsfiltera.sys' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsshimx.sys'
2014-10-19 00:27:58,113 INFO File 'C:\windows\System32\Drivers\avgidsshimx.sys' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsshimw8x.sys'
2014-10-19 00:27:58,113 INFO File 'C:\windows\System32\Drivers\avgidsshimw8x.sys' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsuniversalddx.sys'
2014-10-19 00:27:58,113 INFO File 'C:\windows\System32\Drivers\avgidsuniversalddx.sys' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\windows\System32\Drivers\avgidsuniversaldda.sys'
2014-10-19 00:27:58,113 INFO File 'C:\windows\System32\Drivers\avgidsuniversaldda.sys' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\windows\System32'
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2014-10-19 00:27:58,113 INFO Directory 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2014-10-19 00:27:58,113 INFO Directory 'C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2014-10-19 00:27:58,113 DEBUG Processing item 'C:\ProgramData\AVG10\SetupCoreBackup'
2014-10-19 00:27:58,128 INFO Directory 'C:\ProgramData\AVG10\SetupCoreBackup' not found
2014-10-19 00:27:58,128 DEBUG Processing item 'C:\ProgramData\AVG10\SetupBackup'
2014-10-19 00:27:58,128 INFO Directory 'C:\ProgramData\AVG10\SetupBackup' not found
2014-10-19 00:27:58,160 DEBUG Processing item 'C:\ProgramData\AVG10\Chjw'
2014-10-19 00:27:58,160 INFO Directory 'C:\ProgramData\AVG10\Chjw' not found
2014-10-19 00:27:58,160 DEBUG Processing item 'C:\ProgramData\AVG10\Antispam'
2014-10-19 00:27:58,160 INFO Directory 'C:\ProgramData\AVG10\Antispam' not found
2014-10-19 00:27:58,160 DEBUG Processing item 'C:\ProgramData\AVG10'
2014-10-19 00:27:58,160 INFO Directory 'C:\ProgramData\AVG10' not found
2014-10-19 00:27:58,160 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011'
2014-10-19 00:27:58,160 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011' not found
2014-10-19 00:27:58,175 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 2011'
2014-10-19 00:27:58,175 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 2011' not found
2014-10-19 00:27:58,175 DEBUG Processing item 'C:\Users\Public\Desktop\AVG 2011.lnk'
2014-10-19 00:27:58,175 INFO File 'C:\Users\Public\Desktop\AVG 2011.lnk' not found
2014-10-19 00:27:58,175 DEBUG Processing item 'C:\Users\Public\Desktop\AVG FREE 2011.lnk'
2014-10-19 00:27:58,175 INFO File 'C:\Users\Public\Desktop\AVG FREE 2011.lnk' not found
2014-10-19 00:27:58,175 DEBUG Processing item 'C:\windows\SysWOW64\Drivers\AVG'
2014-10-19 00:27:58,175 DEBUG Looking for file file 'C:\windows\SysWOW64\Drivers\AVG\iavichjw.avm' in whitelist
2014-10-19 00:27:58,175 INFO File 'C:\windows\SysWOW64\Drivers\AVG\iavichjw.avm' deleted
2014-10-19 00:27:58,175 DEBUG Looking for file file 'C:\windows\SysWOW64\Drivers\AVG\incavi.avm' in whitelist
2014-10-19 00:27:58,175 INFO File 'C:\windows\SysWOW64\Drivers\AVG\incavi.avm' deleted
2014-10-19 00:27:58,175 INFO Directory 'C:\windows\SysWOW64\Drivers\AVG' deleted
2014-10-19 00:27:58,175 DEBUG Missing ParentDir path for fileItem number 249
2014-10-19 00:27:58,175 DEBUG Processing item 'C:\ProgramData\MFAData\logs'
2014-10-19 00:27:58,175 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\mfa-20120725-213217.log' in whitelist
2014-10-19 00:27:58,191 INFO File 'C:\ProgramData\MFAData\logs\mfa-20120725-213217.log' deleted
2014-10-19 00:27:58,191 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\mfa-20120725-213234.log' in whitelist
2014-10-19 00:27:58,206 INFO File 'C:\ProgramData\MFAData\logs\mfa-20120725-213234.log' deleted
2014-10-19 00:27:58,222 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\mfa-20120725-214522.log' in whitelist
2014-10-19 00:27:58,222 INFO File 'C:\ProgramData\MFAData\logs\mfa-20120725-214522.log' deleted
2014-10-19 00:27:58,222 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\mfa-20120725-214542.log' in whitelist
2014-10-19 00:27:58,222 INFO File 'C:\ProgramData\MFAData\logs\mfa-20120725-214542.log' deleted
2014-10-19 00:27:58,222 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\mfa-20120725-215048.log' in whitelist
2014-10-19 00:27:58,222 INFO File 'C:\ProgramData\MFAData\logs\mfa-20120725-215048.log' deleted
2014-10-19 00:27:58,222 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\msi-20120725-213234.log' in whitelist
2014-10-19 00:27:58,222 INFO File 'C:\ProgramData\MFAData\logs\msi-20120725-213234.log' deleted
2014-10-19 00:27:58,238 DEBUG Looking for file file 'C:\ProgramData\MFAData\logs\msi-20120725-214542.log' in whitelist
2014-10-19 00:27:58,238 INFO File 'C:\ProgramData\MFAData\logs\msi-20120725-214542.log' deleted
2014-10-19 00:27:58,269 INFO Directory 'C:\ProgramData\MFAData\logs' deleted
2014-10-19 00:27:58,269 DEBUG Processing item 'C:\ProgramData\MFAData\pack'
2014-10-19 00:27:58,269 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\AlertMga.cab' in whitelist
2014-10-19 00:27:58,269 INFO File 'C:\ProgramData\MFAData\pack\AlertMga.cab' deleted
2014-10-19 00:27:58,269 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\AntiRka.cab' in whitelist
2014-10-19 00:27:58,269 INFO File 'C:\ProgramData\MFAData\pack\AntiRka.cab' deleted
2014-10-19 00:27:58,269 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Antivira.cab' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\Antivira.cab' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avg12infoavi.ctf' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avg12infoavi.ctf' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avg12infooi.ctf' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avg12infooi.ctf' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avg12infowin.ctf' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avg12infowin.ctf' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgatend.stp' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avgatend.stp' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgatupd.stp' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avgatupd.stp' deleted
2014-10-19 00:27:58,284 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgmfapx.exe' in whitelist
2014-10-19 00:27:58,284 INFO File 'C:\ProgramData\MFAData\pack\avgmfapx.exe' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgmfarx.dll' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\avgmfarx.dll' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgntdumpx.exe' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\avgntdumpx.exe' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgrunasx.exe' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\avgrunasx.exe' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgupd.sig' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\avgupd.sig' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\avgupdx.dll' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\avgupdx.dll' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Avgx64.msi' in whitelist
2014-10-19 00:27:58,300 INFO File 'C:\ProgramData\MFAData\pack\Avgx64.msi' deleted
2014-10-19 00:27:58,300 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\AVIsa.cab' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\AVIsa.cab' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\basea.cab' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\basea.cab' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\compat.ini' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\compat.ini' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\COREa.cab' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\COREa.cab' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\COREx64.msi' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\COREx64.msi' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\default_dtc.mdf' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\default_dtc.mdf' deleted
2014-10-19 00:27:58,316 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\default_mis.mdf' in whitelist
2014-10-19 00:27:58,316 INFO File 'C:\ProgramData\MFAData\pack\default_mis.mdf' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Emailsa.cab' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\Emailsa.cab' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\GUIa.cab' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\GUIa.cab' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\htmlayout.dll' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\htmlayout.dll' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\idata.cab' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\idata.cab' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\IDPa.cab' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\IDPa.cab' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_cz.htm' in whitelist
2014-10-19 00:27:58,331 INFO File 'C:\ProgramData\MFAData\pack\license_cz.htm' deleted
2014-10-19 00:27:58,331 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_da.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_da.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_es.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_es.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_fr.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_fr.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_ge.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_ge.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_hu.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_hu.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_id.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_id.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_in.htm' in whitelist
2014-10-19 00:27:58,347 INFO File 'C:\ProgramData\MFAData\pack\license_in.htm' deleted
2014-10-19 00:27:58,347 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_it.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_it.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_jp.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_jp.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_ko.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_ko.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_ms.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_ms.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_nl.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_nl.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_pb.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_pb.htm' deleted
2014-10-19 00:27:58,362 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_pl.htm' in whitelist
2014-10-19 00:27:58,362 INFO File 'C:\ProgramData\MFAData\pack\license_pl.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_pt.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_pt.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_ru.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_ru.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_sc.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_sc.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_sk.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_sk.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_sp.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_sp.htm' deleted
2014-10-19 00:27:58,378 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_tr.htm' in whitelist
2014-10-19 00:27:58,378 INFO File 'C:\ProgramData\MFAData\pack\license_tr.htm' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_us.htm' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\license_us.htm' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_zh.htm' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\license_zh.htm' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\license_zt.htm' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\license_zt.htm' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\lng_usa.cab' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\lng_usa.cab' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaconf.txt' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\mfaconf.txt' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfacz.lns' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\mfacz.lns' deleted
2014-10-19 00:27:58,394 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfada.lns' in whitelist
2014-10-19 00:27:58,394 INFO File 'C:\ProgramData\MFAData\pack\mfada.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaes.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfaes.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfafr.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfafr.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfage.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfage.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfahu.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfahu.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaid.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfaid.lns' deleted
2014-10-19 00:27:58,409 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfain.lns' in whitelist
2014-10-19 00:27:58,409 INFO File 'C:\ProgramData\MFAData\pack\mfain.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfait.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfait.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfajp.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfajp.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfako.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfako.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfams.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfams.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfanl.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfanl.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfapb.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfapb.lns' deleted
2014-10-19 00:27:58,425 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfapl.lns' in whitelist
2014-10-19 00:27:58,425 INFO File 'C:\ProgramData\MFAData\pack\mfapl.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfapt.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfapt.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaru.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfaru.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfasc.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfasc.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfask.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfask.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfasp.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfasp.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfatr.lns' in whitelist
2014-10-19 00:27:58,440 INFO File 'C:\ProgramData\MFAData\pack\mfatr.lns' deleted
2014-10-19 00:27:58,440 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaus.lns' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\mfaus.lns' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfavera.txt' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\mfavera.txt' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfaverx.txt' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\mfaverx.txt' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfazh.lns' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\mfazh.lns' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\mfazt.lns' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\mfazt.lns' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\OnlnSca.cab' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\OnlnSca.cab' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\ResShlda.cab' in whitelist
2014-10-19 00:27:58,456 INFO File 'C:\ProgramData\MFAData\pack\ResShlda.cab' deleted
2014-10-19 00:27:58,456 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\SrchSrfa.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\SrchSrfa.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\SSHttpBa.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\SSHttpBa.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\TDIDrva.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\TDIDrva.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Toolbara.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\Toolbara.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\TuneUpa.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\TuneUpa.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Update2a.cab' in whitelist
2014-10-19 00:27:58,472 INFO File 'C:\ProgramData\MFAData\pack\Update2a.cab' deleted
2014-10-19 00:27:58,472 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\Updatea.cab' in whitelist
2014-10-19 00:27:58,487 INFO File 'C:\ProgramData\MFAData\pack\Updatea.cab' deleted
2014-10-19 00:27:58,487 DEBUG Looking for file file 'C:\ProgramData\MFAData\pack\xpla.cab' in whitelist
2014-10-19 00:27:58,487 INFO File 'C:\ProgramData\MFAData\pack\xpla.cab' deleted
2014-10-19 00:27:58,487 DEBUG Directory C:\ProgramData\MFAData\pack not deleted (error c0070091)
2014-10-19 00:27:58,487 DEBUG Processing item 'C:\ProgramData\MFAData\mkt'
2014-10-19 00:27:58,487 INFO Trying HardForce delete 'C:\ProgramData\MFAData\mkt'
2014-10-19 00:27:58,565 INFO Directory 'C:\ProgramData\MFAData\mkt' deleted
2014-10-19 00:27:58,565 DEBUG Processing item 'C:\ProgramData\MFAData'
2014-10-19 00:27:58,565 DEBUG Looking for file file 'C:\ProgramData\MFAData\mfaurlconf.ini' in whitelist
2014-10-19 00:27:58,565 INFO File 'C:\ProgramData\MFAData\mfaurlconf.ini' deleted
2014-10-19 00:27:58,565 DEBUG Looking for file file 'C:\ProgramData\MFAData\msistorg.dat' in whitelist
2014-10-19 00:27:58,565 INFO File 'C:\ProgramData\MFAData\msistorg.dat' deleted
2014-10-19 00:27:58,565 DEBUG Looking for file file 'C:\ProgramData\MFAData\msistorg.dat.bkp' in whitelist
2014-10-19 00:27:58,565 INFO File 'C:\ProgramData\MFAData\msistorg.dat.bkp' deleted
2014-10-19 00:27:58,581 DEBUG Looking for file file 'C:\ProgramData\MFAData\public_installation_log.xml' in whitelist
2014-10-19 00:27:58,581 INFO File 'C:\ProgramData\MFAData\public_installation_log.xml' deleted
2014-10-19 00:27:58,581 DEBUG Looking for file file 'C:\ProgramData\MFAData\public_installation_log_resume.xml' in whitelist
2014-10-19 00:27:58,581 INFO File 'C:\ProgramData\MFAData\public_installation_log_resume.xml' deleted
2014-10-19 00:27:58,581 DEBUG Looking for file file 'C:\ProgramData\MFAData\state.dat' in whitelist
2014-10-19 00:27:58,581 INFO File 'C:\ProgramData\MFAData\state.dat' deleted
2014-10-19 00:27:58,581 DEBUG Directory C:\ProgramData\MFAData not deleted (error c0070091)
2014-10-19 00:27:58,581 DEBUG Processing item 'C:\ProgramData\AVG2012\SetupCoreBackup'
2014-10-19 00:27:58,581 INFO Directory 'C:\ProgramData\AVG2012\SetupCoreBackup' not found
2014-10-19 00:27:58,581 DEBUG Processing item 'C:\ProgramData\AVG2012\SetupBackup'
2014-10-19 00:27:58,581 INFO Directory 'C:\ProgramData\AVG2012\SetupBackup' not found
2014-10-19 00:27:58,581 DEBUG Processing item 'C:\ProgramData\AVG2012\Chjw'
2014-10-19 00:27:58,581 INFO Directory 'C:\ProgramData\AVG2012\Chjw' not found
2014-10-19 00:27:58,581 DEBUG Processing item 'C:\ProgramData\AVG2012\Antispam'
2014-10-19 00:27:58,596 INFO Directory 'C:\ProgramData\AVG2012\Antispam' not found
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\ProgramData\AVG2012'
2014-10-19 00:27:58,596 DEBUG Directory C:\ProgramData\AVG2012 not deleted (error c0070091)
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012'
2014-10-19 00:27:58,596 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012' not found
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 2012'
2014-10-19 00:27:58,596 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG FREE 2012' not found
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\Users\Public\Desktop\AVG 2012.lnk'
2014-10-19 00:27:58,596 INFO File 'C:\Users\Public\Desktop\AVG 2012.lnk' not found
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\Users\Public\Desktop\AVG FREE 2012.lnk'
2014-10-19 00:27:58,596 INFO File 'C:\Users\Public\Desktop\AVG FREE 2012.lnk' not found
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\windows\System32\Drivers'
2014-10-19 00:27:58,596 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG LinkScanner® 9.0'
2014-10-19 00:27:58,612 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG LinkScanner® 9.0' not found
2014-10-19 00:27:58,612 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Standalone LinkScanner'
2014-10-19 00:27:58,612 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Standalone LinkScanner' not found
2014-10-19 00:27:58,612 DEBUG Processing item 'C:\Users\Public\Desktop\AVG LinkScanner® 9.0.lnk'
2014-10-19 00:27:58,612 INFO File 'C:\Users\Public\Desktop\AVG LinkScanner® 9.0.lnk' not found
2014-10-19 00:27:58,612 DEBUG Processing item 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG'
2014-10-19 00:27:58,612 INFO Directory 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG' not found
2014-10-19 00:27:58,612 DEBUG Processing item 'C:\Program Files\AVG Secure Search'
2014-10-19 00:27:58,612 INFO Directory 'C:\Program Files\AVG Secure Search' not found
2014-10-19 00:27:58,612 DEBUG Processing item 'C:\Program Files (x86)\AVG Secure Search'
2014-10-19 00:27:58,612 INFO Directory 'C:\Program Files (x86)\AVG Secure Search' not found


#14 RushSonic

RushSonic
  • Topic Starter

  • Members
  • 67 posts
  • OFFLINE
  •  
  • Local time:03:10 PM

Posted 18 October 2014 - 07:55 PM

For the OTL scan, should I use the same settings as last time? 



#15 Dakeyras

Dakeyras

    Anti-Malware Mammoth


  • Malware Response Team
  • 371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Tundra
  • Local time:08:10 PM

Posted 19 October 2014 - 04:23 AM

Hi. :)
 

Ran the AVG Removal tool and got the following:

I actually did state no need to post this unless a problem encountered. Was there one? As all appears to have been successful/the remnants removed according to the log.

For the OTL scan, should I use the same settings as last time?

No it is not a scan but rather a custom script to be processed. Please re-read my instructions again and if you are unsure and or do not understand, not problem I assure you and we can implement the custom script via a different methodology.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users