GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Warning!! Your personal computer needs to install...

View previous topic View next topic Go down

Warning!! Your personal computer needs to install...

Post by HannesM on Fri Dec 11, 2009 4:40 am

Hello again,

I am getting "pop up windows" which looks like this: "Warning!! Your personal computer needs to install antivirus software!Antivir can perform fast and free virus and malicious software scan of your computer".
After that I press ctrl+alt+delete to shut internet explorer down. Then I do a virus search (with Avira) and find nothing, then a malware search (with malwarebyte's) and find nothing, and lastly a spyware search (with superantispyware) and find nothing. So I can't find anything. Then I say to myself that it probably was something wrong/strange going on with the website, however today I got the same "pop up window" as before, at a different webpage, and I still can't find anything wrong in my system.

So, do you see anything wrong in this logfile?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33:22, on 2009-12-11
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program\GIGABYTE\GEST\gest.exe
C:\Program\Avira\AntiVir Desktop\avgnt.exe
C:\Program\COMODO\COMODO Internet Security\cfp.exe
C:\Program\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Logitech\SetPoint\SetPoint.exe
C:\Program\Delade filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\Program\Maxtor\OneTouch\Utils\SyncServices.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program\GIGABYTE\GEST\GSvr.exe
C:\Program\Winamp\winampa.exe
C:\Program\Winamp\winamp.exe
C:\Program\Windows Live\Contacts\wlcomm.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Documents and Settings\Hannes Malmberg\Skrivbord\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: L?khj?p till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live inloggningshj?pen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GEST] C:\Program\GIGABYTE\GEST\RUN.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avgnt] "C:\Program\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dllink.htm
O8 - Extra context menu item: E&xportera till Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program\GIGABYTE\GEST\GSvr.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: MaxSyncService (NTService1) - - C:\Program\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7856 bytes

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Fri Dec 11, 2009 9:17 am

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Fri Dec 11, 2009 10:39 am

Bahh, I already have problems Open Grin

1. I downloaded combofix and forgot to rename it Indifferent or Blank

2. Now I had properly named it commy.exe. Then I tried to use this command: "%userprofile%\desktop\commy.exe" /stepdel". I kept trying and trying but it refused to work. However I realized that I only needed to change "desktop" to the swedish word "skrivbord" Goofy

3. Now I finally could start combofix (or commy) through the command you gave me, but then it said that, commy, was corrupt. So I deleted the commy I had, and redownloaded it from the same link, that file was also corrupt. So I decided to try to download it from another link, and that file was also corrupt.

What do I do now? No way!

After all this I also got a new folder in C: called 32788R22FWJFW. Which consists of "windows command scripts and Ms-dos-command files" [sorry for the not so well done translation] should I remove these? I guess they belong to combofix? Let me think

Thanks and have a nice day Dragonmaster Smile

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Fri Dec 11, 2009 4:53 pm

Delete ComboFix.

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Fri Dec 11, 2009 6:25 pm

Hello,

Ok, so I deleted combofix and this combofix "sub-folder": 32788R22FWJFW.

As I said in the first post, I have already scanned this computer with malwarebyte's and I did not find anything. But I did it again just for you Goofy Here is the log:

Malwarebytes' Anti-Malware 1.42
Databasversion: 3348
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2009-12-12 00:10:57
mbam-log-2009-12-12 (00-10-57).txt

Skanningstyp: Fullständig skanning (C:\|H:\|)
Antal skannade objekt: 187737
Förfluten tid: 37 minute(s), 54 second(s)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervärden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
(Inga illasinnade poster hittades)

-------------------------

Hmm so I have been thinking about this "pop up" thing. Do you think this computer really is infected? The strange thing is that I have searched it with avira, super-antispyware and malwarebyte's but I still can't find a thing. Could the website theoretically have been infected? But that is also strange since I received the "pop up" on more than one website. I have not had any one of these "pop ups" today though... Hmm, do you have any ideas?

I did however find one object "quarantined" by malwarebyte's, but it has been there since 2009-09-14 and it sounds strange that an "quarantined" object could do these "pop ups", or could it?
It is a Rogue.WinAntiVirus - Registry Key - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f38}

Hmm the name of the object that is "quarantined" seems however to match the warning...

Thanks for the help Smile

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Sat Dec 12, 2009 3:21 am

Avira knows how to remove rogues as well, and may have already. I will take another route, and see if I can find anything manually.

Please download the latest version of Kaspersky GetSystemInfo (GSI) from [You must be registered and logged in to see this link.] and save it to your Desktop.
Please close all other applications running on your system.

Please double click GetSystemInfo.exe to open it.

Click the Settings button.



Set it to Maximum



IMPORTANT! Then please click Customize - choose Driver / Ports tab and uncheck Scan Ports.


Click Create Report to run it.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop. Please upload the folder to [You must be registered and logged in to see this link.] and click the Submit button.

Please copy and paste the url of the GSI Parser report (not the log) in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sat Dec 12, 2009 8:22 am

Hello,

Here you go:

This is one awesome program. I think I will keep this one...

Thank you


Last edited by HannesM on Thu Dec 17, 2009 7:10 am; edited 1 time in total

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sat Dec 12, 2009 10:13 am

Bahh, today I received a new "pop up". It looked different this time however. So I scanned the computer with malwarebyte's, here is the log:

Malwarebytes' Anti-Malware 1.42
Databasversion: 3349
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2009-12-12 16:09:24
mbam-log-2009-12-12 (16-09-24).txt

Skanningstyp: Fullständig skanning (C:\|H:\|)
Antal skannade objekt: 187839
Förfluten tid: 37 minute(s), 45 second(s)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervärden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
(Inga illasinnade poster hittades)


-----------------


A new hijackthislog created just after the "pop up":

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:54, on 2009-12-12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Avira\AntiVir Desktop\avgnt.exe
C:\Program\GIGABYTE\GEST\gest.exe
C:\Program\COMODO\COMODO Internet Security\cfp.exe
C:\Program\Windows Live\Messenger\MsnMsgr.Exe
C:\Program\Logitech\SetPoint\SetPoint.exe
C:\Program\Delade filer\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\Program\Maxtor\OneTouch\Utils\SyncServices.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program\GIGABYTE\GEST\GSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Windows Live\Contacts\wlcomm.exe
C:\Program\Winamp\winampa.exe
C:\Documents and Settings\Hannes Malmberg\Skrivbord\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: L?khj?p till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live inloggningshj?pen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [GEST] C:\Program\GIGABYTE\GEST\RUN.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avgnt] "C:\Program\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Download all with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - [You must be registered and logged in to see this link.] Download Manager\dllink.htm
O8 - Extra context menu item: E&xportera till Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - [You must be registered and logged in to see this link.]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [You must be registered and logged in to see this link.]
O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program\GIGABYTE\GEST\GSvr.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program\Delade filer\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: MaxSyncService (NTService1) - - C:\Program\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7658 bytes


-----------------------

If you don't find anything strange in the new hijackthislog or at the getsysteminfo url, do you think that it is the websites that are infected? Or some kind of website ad?

Thank you for the help

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Sat Dec 12, 2009 5:55 pm

Please open Malwarebytes' Anti-Malware, and click More Tools tab. Under FileASSASSIN, click Run Tool.

For each file listed below (this process only handles one file at a time), find its location, and you will see the name of the file in the Filename box, then click Open.

Files to delete using FileASSASSIN:
=> C:\WINDOWS\SYSTEM32\amstream.dll
=> C:\WINDOWS\SYSTEM32\encdec.dll
=> C:\WINDOWS\SYSTEM32\sbe.dll
=> C:\WINDOWS\SYSTEM32\SIntf32.dll
=> C:\WINDOWS\SYSTEM32\SIntfNT.dll
=> C:\WINDOWS\SYSTEM32\wsiShared.dll


The FileASSASSIN will then delete the file, or ask you to reboot your computer in order to delete it. Please allow it to reboot, if necessary.

==

Lastly, please disable the antivirus feature in Comodo Internet Security, if you want to use Avira Antivir. If you need help with this, please let me know.

==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sun Dec 13, 2009 8:06 am

The files are deleted!

I don't use the antivirus feature in Comodo. I only use the firewall feature. My computer "seems to think" that I have and use two antivirus programs. At securitycenter (correct enlglish translation?) it still thinks that I have AVG installed, even though I have used AVG remover (or what it is called from their website) twice.

Log:
Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus
Avira updated!
``````````````````````````````
Anti-malware/Other Utilities Check:

SUPERAntiSpyware Free Edition
CCleaner
Java(TM) 6 Update 11
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 8.1.7 - Svenska
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Hannes Malmberg Skrivbord SecurityCheck.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````


Thank you for the help!

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Sun Dec 13, 2009 1:41 pm

Please do this for AVG:

1. Click on the Start menu.
2. Select Run...
3. Type wbemtest and click OK
4. Connect to root\SecurityCenter
5. Click on Query
6. Type in SELECT * FROM AntiVirusProduct and click on Apply



If there is more than one result, it means there is more than one Antivirus program installed. Double click on each result to view the properties for that Antivirus product. Identify the product(s) installed and DELETE any records for an Antivirus software that is no longer installed.

==

Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

Please download the newest version of Java from [You must be registered and logged in to see this link.].

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

==

Let me know how the updates went. Also, let me know if AVG is showing up anymore.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sun Dec 13, 2009 3:23 pm

Hello,

Yep there was more than one result, one AVG and one Avira. So I started a search on the computer with the "keyword": AVG, and I found two folders which hadn't been deleted. They were both in C:\documents and settings\all users\application data and they were named avg8 and grisoft. I deleted these but the computer still thinks I have two anti-virus programs installed. I actually don't know where to find the rest of these "avg-leftovers". Do you have an idea where to find these? Usually cc-cleaners "registry cleaning function" removes these "leftovers" but it can't find any this time... I can't find anything in "processes" that has to do with avg either.

Thank you for the help and have a nice day

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Sun Dec 13, 2009 3:37 pm

Completely Uninstall AVG software

Download and run avgremover.exe

For 32-Bit, Download: [You must be registered and logged in to see this link.]

Let me know how this goes.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sun Dec 13, 2009 3:46 pm

Tried it out one more time and my computer still thinks I have two anti-virus programs installed (I have tried AVG remover before to solve this problem). If you would like to see the log, here it is:

2009-12-13 20:41:41,750 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2009-12-13 20:41:41,781 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2009-12-13 20:41:41,781 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2009-12-13 20:41:41,781 WARN AvgDir param empty.
2009-12-13 20:41:41,781 WARN AvgDataDir param empty.
2009-12-13 20:41:47,250 INFO AvgRemover runs in attempt number 1
2009-12-13 20:41:47,250 INFO ***** Services *****
2009-12-13 20:41:47,250 INFO Processing service avg8emc
2009-12-13 20:41:47,390 INFO Service avg8emc is not installed
2009-12-13 20:41:47,390 DEBUG Service avg8emc RegCleanup
2009-12-13 20:41:47,390 DEBUG Registry keys for service avg8emc are not present
2009-12-13 20:41:47,390 INFO Processing service avgfws8
2009-12-13 20:41:47,390 INFO Service avgfws8 is not installed
2009-12-13 20:41:47,390 DEBUG Service avgfws8 RegCleanup
2009-12-13 20:41:47,390 DEBUG Registry keys for service avgfws8 are not present
2009-12-13 20:41:47,390 INFO Processing service avg8wd
2009-12-13 20:41:47,390 INFO Service avg8wd is not installed
2009-12-13 20:41:47,390 DEBUG Service avg8wd RegCleanup
2009-12-13 20:41:47,390 DEBUG Registry keys for service avg8wd are not present
2009-12-13 20:41:47,390 INFO Processing service AvgWFPx
2009-12-13 20:41:47,390 INFO Service AvgWFPx is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgWFPx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgWFPx are not present
2009-12-13 20:41:47,406 INFO Processing service AvgWFPa
2009-12-13 20:41:47,406 INFO Service AvgWFPa is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgWFPa RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgWFPa are not present
2009-12-13 20:41:47,406 INFO Processing service AvgMfx86
2009-12-13 20:41:47,406 INFO Service AvgMfx86 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgMfx86 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgMfx86 are not present
2009-12-13 20:41:47,406 INFO Processing service AvgMfx64
2009-12-13 20:41:47,406 INFO Service AvgMfx64 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgMfx64 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgMfx64 are not present
2009-12-13 20:41:47,406 INFO Processing service AvgLdx86
2009-12-13 20:41:47,406 INFO Service AvgLdx86 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgLdx86 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgLdx86 are not present
2009-12-13 20:41:47,406 INFO Processing service AvgLdx64
2009-12-13 20:41:47,406 INFO Service AvgLdx64 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgLdx64 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgLdx64 are not present
2009-12-13 20:41:47,406 INFO Processing service AvgTdiX
2009-12-13 20:41:47,406 INFO Service AvgTdiX is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgTdiX RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgTdiX are not present
2009-12-13 20:41:47,406 INFO Processing service AvgTdiA
2009-12-13 20:41:47,406 INFO Service AvgTdiA is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgTdiA RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgTdiA are not present
2009-12-13 20:41:47,406 INFO Processing service AvgRkx86
2009-12-13 20:41:47,406 INFO Service AvgRkx86 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgRkx86 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgRkx86 are not present
2009-12-13 20:41:47,406 INFO Processing service AvgRkx64
2009-12-13 20:41:47,406 INFO Service AvgRkx64 is not installed
2009-12-13 20:41:47,406 DEBUG Service AvgRkx64 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AvgRkx64 are not present
2009-12-13 20:41:47,406 INFO Processing service avg9emc
2009-12-13 20:41:47,406 INFO Service avg9emc is not installed
2009-12-13 20:41:47,406 DEBUG Service avg9emc RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service avg9emc are not present
2009-12-13 20:41:47,406 INFO Processing service avgfws9
2009-12-13 20:41:47,406 INFO Service avgfws9 is not installed
2009-12-13 20:41:47,406 DEBUG Service avgfws9 RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service avgfws9 are not present
2009-12-13 20:41:47,406 INFO Processing service avg9wd
2009-12-13 20:41:47,406 INFO Service avg9wd is not installed
2009-12-13 20:41:47,406 DEBUG Service avg9wd RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service avg9wd are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSAgent
2009-12-13 20:41:47,406 INFO Service AVGIDSAgent is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSAgent RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSAgent are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSShimxpx
2009-12-13 20:41:47,406 INFO Service AVGIDSShimxpx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSShimxpx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSShimxpx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSFilterxpx
2009-12-13 20:41:47,406 INFO Service AVGIDSFilterxpx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSFilterxpx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSDriverxpx
2009-12-13 20:41:47,406 INFO Service AVGIDSDriverxpx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSDriverxpx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSShimvtx
2009-12-13 20:41:47,406 INFO Service AVGIDSShimvtx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSShimvtx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSShimvtx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSFiltervtx
2009-12-13 20:41:47,406 INFO Service AVGIDSFiltervtx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSFiltervtx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSDrivervtx
2009-12-13 20:41:47,406 INFO Service AVGIDSDrivervtx is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSDrivervtx RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSFiltervta
2009-12-13 20:41:47,406 INFO Service AVGIDSFiltervta is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSFiltervta RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSFiltervta are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSDrivervta
2009-12-13 20:41:47,406 INFO Service AVGIDSDrivervta is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSDrivervta RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSDrivervta are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSShimw7x
2009-12-13 20:41:47,406 INFO Service AVGIDSShimw7x is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSShimw7x RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSShimw7x are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSFilterw7x
2009-12-13 20:41:47,406 INFO Service AVGIDSFilterw7x is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSFilterw7x RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSDriverw7x
2009-12-13 20:41:47,406 INFO Service AVGIDSDriverw7x is not installed
2009-12-13 20:41:47,406 DEBUG Service AVGIDSDriverw7x RegCleanup
2009-12-13 20:41:47,406 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2009-12-13 20:41:47,406 INFO Processing service AVGIDSFilterw7a
2009-12-13 20:41:47,406 INFO Service AVGIDSFilterw7a is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSFilterw7a RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSDriverw7a
2009-12-13 20:41:47,421 INFO Service AVGIDSDriverw7a is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSDriverw7a RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSErHrxpx
2009-12-13 20:41:47,421 INFO Service AVGIDSErHrxpx is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSErHrxpx RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSErHrvtx
2009-12-13 20:41:47,421 INFO Service AVGIDSErHrvtx is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSErHrvtx RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSErHrvta
2009-12-13 20:41:47,421 INFO Service AVGIDSErHrvta is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSErHrvta RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSErHrvta are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSErHrw7x
2009-12-13 20:41:47,421 INFO Service AVGIDSErHrw7x is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSErHrw7x RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2009-12-13 20:41:47,421 INFO Processing service AVGIDSErHrw7a
2009-12-13 20:41:47,421 INFO Service AVGIDSErHrw7a is not installed
2009-12-13 20:41:47,421 DEBUG Service AVGIDSErHrw7a RegCleanup
2009-12-13 20:41:47,421 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2009-12-13 20:41:47,421 INFO ***** Registry keys and values *****
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2009-12-13 20:41:47,421 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2009-12-13 20:41:47,421 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2009-12-13 20:41:47,421 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2009-12-13 20:41:47,421 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2009-12-13 20:41:47,421 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\.avgdi
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\.avgdi not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\Clients
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\Clients not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\AVG8
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG8 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\AVG9
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG9 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\AVG IDS
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\AVG:DumpType Remove
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\AVG:DumpType not present - Key not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Remove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG Security Toolbar
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\AVG8
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG8 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG\AVG9
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG\AVG9 not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Remove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\AVG Security Toolbar
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2009-12-13 20:41:47,421 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2009-12-13 20:41:47,421 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,421 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2009-12-13 20:41:47,421 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2009-12-13 20:41:47,421 INFO Processing registry aAvgAPI.AvgBro
2009-12-13 20:41:47,437 DEBUG Key aAvgAPI.AvgBro ForceRemove
2009-12-13 20:41:47,437 DEBUG Key aAvgAPI.AvgBro not found
2009-12-13 20:41:47,437 INFO Processing registry AVG.Office
2009-12-13 20:41:47,437 DEBUG Key AVG.Office ForceRemove
2009-12-13 20:41:47,437 DEBUG Key AVG.Office not found
2009-12-13 20:41:47,437 INFO Processing registry AVG.Office.8
2009-12-13 20:41:47,437 DEBUG Key AVG.Office.8 ForceRemove
2009-12-13 20:41:47,437 DEBUG Key AVG.Office.8 not found
2009-12-13 20:41:47,437 INFO Processing registry avgtoolbar.AVGTOOLBAR
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2009-12-13 20:41:47,437 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2009-12-13 20:41:47,437 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2009-12-13 20:41:47,437 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2009-12-13 20:41:47,437 INFO Processing registry LinkScannerIE.NavFilter
2009-12-13 20:41:47,437 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2009-12-13 20:41:47,437 DEBUG Key LinkScannerIE.NavFilter not found
2009-12-13 20:41:47,437 INFO Processing registry LinkScannerIE.NavFilter.1
2009-12-13 20:41:47,437 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2009-12-13 20:41:47,437 DEBUG Key LinkScannerIE.NavFilter.1 not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2009-12-13 20:41:47,437 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,437 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,437 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2009-12-13 20:41:47,437 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2009-12-13 20:41:47,437 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2009-12-13 20:41:47,437 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2009-12-13 20:41:47,437 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2009-12-13 20:41:47,437 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2009-12-13 20:41:47,437 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2009-12-13 20:41:47,437 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2009-12-13 20:41:47,437 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2009-12-13 20:41:47,437 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2009-12-13 20:41:47,437 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2009-12-13 20:41:47,437 INFO ***** Files and folders *****
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 0
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 1
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 2
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 3
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 4
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 5
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 6
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 7
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 8
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 9
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 10
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 11
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 12
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 13
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 14
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 15
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 16
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\Hannes Malmberg\Application Data\AVGTOOLBAR
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\Hannes Malmberg\Application Data\AVGTOOLBAR not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Start-meny\Program\avg 8.0
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Start-meny\Program\avg 8.0 not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Start-meny\Program\avg free 8.0
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Start-meny\Program\avg free 8.0 not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Start-meny\Program\avg 8.5
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Start-meny\Program\avg 8.5 not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Start-meny\Program\avg free 8.5
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Start-meny\Program\avg free 8.5 not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg 8.0.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg 8.0.lnk not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg free 8.0.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg free 8.0.lnk not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg 8.5.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg 8.5.lnk not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg free 8.5.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg free 8.5.lnk not found
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 27
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 28
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 29
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 30
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 31
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 32
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 33
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 34
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 35
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 36
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 37
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 38
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 39
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 40
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 41
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 42
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 43
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 44
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 45
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 46
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 47
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 48
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 49
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 50
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 51
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 52
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 53
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 54
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 55
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 56
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 57
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 58
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 59
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 60
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 61
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 62
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 63
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 64
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 65
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 66
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 67
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 68
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 69
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 70
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-12-13 20:41:47,437 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg 9.0.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg 9.0.lnk not found
2009-12-13 20:41:47,437 DEBUG Processing item C:\Documents and Settings\All Users\Skrivbord\avg free 9.0.lnk
2009-12-13 20:41:47,437 INFO File C:\Documents and Settings\All Users\Skrivbord\avg free 9.0.lnk not found
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 76
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 77
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 78
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 79
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 80
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 81
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 82
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 83
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 84
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 85
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 86
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 87
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 88
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 89
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 90
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 91
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 92
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 93
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 94
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 95
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 96
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 97
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 98
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 99
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 100
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 101
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 102
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 103
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 104
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 105
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 106
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 107
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 108
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 109
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 110
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 111
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 112
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 113
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 114
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 115
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 116
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 117
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 118
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 119
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 120
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 121
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 122
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 123
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 124
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 125
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 126
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 127
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 128
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 129
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 130
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 131
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 132
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 133
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 134
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 135
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 136
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 137
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 138
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 139
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 140
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 141
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 142
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 143
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 144
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 145
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 146
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 147
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 148
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 149
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 150
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 151
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 152
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 153
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 154
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 155
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 156
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 157
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 158
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 159
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 160
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 161
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 162
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 163
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 164
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 165
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 166
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 167
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 168
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 169
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 170
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 171
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 172
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 173
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 174
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 175
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 176
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 177
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 178
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 179
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 180
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 181
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 182
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 183
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 184
2009-12-13 20:41:47,437 DEBUG Missing ParentDir path for fileItem number 185
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,437 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,453 DEBUG Processing item C:\WINDOWS\System32\Drivers
2009-12-13 20:41:47,453 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2009-12-13 20:41:47,453 INFO Directory C:\WINDOWS\System32\Drivers\avg not found
2009-12-13 20:41:47,453 DEBUG Processing item C:\WINDOWS\System32
2009-12-13 20:41:47,453 DEBUG Processing item C:\Program\AVG
2009-12-13 20:41:47,453 INFO Directory C:\Program\AVG not found
2009-12-13 20:41:47,453 DEBUG Missing ParentDir path for fileItem number 194
2009-12-13 20:41:47,453 INFO ***** Avg Fw NDIS driver *****
2009-12-13 20:41:48,234 INFO FW NDIS driver not present

------

Any other ideas? Smile

Thank you

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Sun Dec 13, 2009 4:07 pm

By the way, this file: C:\WINDOWS\SYSTEM32\wsiShared.dll, belonged to the program startup inspector (or maybe it didn't belong to the program, but it was at least needed to be on the computer for startup inspector to run). No harm done however, since I nowadays use ccleaner for that task. Just thought that you maybe wanted to know (or perhaps you did already know?).

Oh and sorry for being such a pain Goofy

Thank you Smile

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Mon Dec 14, 2009 1:13 am

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Mon Dec 14, 2009 3:58 am

Here is the log:

Malwarebytes' Anti-Malware 1.42
Databasversion: 3357
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2009-12-14 09:57:26
mbam-log-2009-12-14 (09-57-26).txt

Skanningstyp: Snabb skanning
Antal skannade objekt: 104014
Förfluten tid: 3 minute(s), 48 second(s)

Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 0
Infekterade registervärden: 0
Infekterade registerdataposter: 0
Infekterade mappar: 0
Infekterade filer: 0

Infekterade minnesprocesser:
(Inga illasinnade poster hittades)

Infekterade minnesmoduler:
(Inga illasinnade poster hittades)

Infekterade registernycklar:
(Inga illasinnade poster hittades)

Infekterade registervärden:
(Inga illasinnade poster hittades)

Infekterade registerdataposter:
(Inga illasinnade poster hittades)

Infekterade mappar:
(Inga illasinnade poster hittades)

Infekterade filer:
(Inga illasinnade poster hittades)

-----------

Thank you

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Mon Dec 14, 2009 7:40 am

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by HannesM on Thu Dec 17, 2009 7:27 am

Hello,

I managed to install the new versions of adobe and java without any problems and the "warning" pop up doesn't appear anymore. I haven't been able to reply in the last couple of days, since I have had to much to do before my christmas holiday, sorry about that.
The "two anti-virus programs problem" I will return with after new year under a different topic, since I won't be, where my computer is, during christmas.

Thank you for all your help and merry christmas! Thank You!

HannesM
Intermediate
Intermediate

Status :
Online
Offline

Posts : 75
Joined : 2009-03-24
OS : XP
Points : 28377
# Likes : 0

View user profile

Back to top Go down

Re: Warning!! Your personal computer needs to install...

Post by Dr Jay on Thu Dec 17, 2009 9:11 am

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

  • [You must be registered and logged in to see this link.]
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found [You must be registered and logged in to see this link.].
  • [You must be registered and logged in to see this link.].
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Administrator
Administrator

Status :
Online
Offline

Posts : 13705
Joined : 2009-09-06
Gender : Male
OS : Windows 10 Home & Pro
Points : 144815
# Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum