Need Help used remove AV security fix windows doesnt work?

View previous topic View next topic Go down

Need Help used remove AV security fix windows doesnt work?

Post by Rogue69 on 28th June 2010, 5:58 am

OTL Extras logfile created on: 6/27/2010 10:48:02 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\Rene'\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 72.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 90.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 366.23 Gb Total Space | 270.66 Gb Free Space | 73.90% Space Free | Partition Type: NTFS
Drive D: | 6.38 Gb Total Space | 0.79 Gb Free Space | 12.45% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RENE-PC
Current User Name: Rene'
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DA1DFB-2C11-466C-AEB1-CC408CF91BE1}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{0AA30F7C-6594-4AA6-9998-511A58D7D016}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{14D3916D-B133-4E03-AB07-2F0F4C487D01}" = lport=2869 | protocol=6 | dir=in | app=system |
"{25FF9086-9013-42F9-8346-9BEA7CC09089}" = lport=139 | protocol=6 | dir=in | app=system |
"{2BF07B76-B885-458C-B372-59B31DD33620}" = rport=445 | protocol=6 | dir=out | app=system |
"{3DEBE12D-5E54-40CB-81B7-D427A9FE8DFE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{42AE6433-D02F-45E4-997C-552AD1A30C6F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{5D6F04CC-98D4-4088-B5EF-D370B1B42FCA}" = rport=137 | protocol=17 | dir=out | app=system |
"{6446A5F6-FBEA-4AB7-B856-2BC3831CACCE}" = lport=138 | protocol=17 | dir=in | app=system |
"{741253DD-4CBF-4C46-AC9A-9122CD74897F}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{745272DB-48A1-4111-B6C5-1F7BA1D319CC}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{78249476-F3C0-4A74-AF1F-4E36E95CE4EC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{80E2C75F-74A2-4EB4-BF66-24142C5C4BA6}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{84BE4645-4B2A-464A-829E-5085CBFA9125}" = lport=137 | protocol=17 | dir=in | app=system |
"{9DE66166-6972-4E3C-A262-CDD289E76941}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B32DD3E3-687B-44D2-B75F-2760BB88C38B}" = rport=139 | protocol=6 | dir=out | app=system |
"{B8616D77-F955-47B1-997C-2588281166D1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C281406E-3401-45C3-BA28-F9EE76B6817D}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C9FF8CC8-03F2-4414-A263-71206D0B5EB2}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{DCECC0BB-4B5F-4FF7-86EC-E4AFB91BE427}" = lport=445 | protocol=6 | dir=in | app=system |
"{E2A8AE83-64D0-4B75-AA15-3AB1E942CE19}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002F5547-AA04-4D7B-97D8-AF82A3D807D1}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{092CC771-A4FA-4C7E-B835-23952A74DAC6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0B85C5DD-C49F-4F71-8F4E-666830576051}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{125A213C-0BB1-466D-9249-091F2C721909}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{12DA0EC4-1AD9-42FD-B0C1-BEB072478B26}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{156D4CFA-2485-4B0F-8C37-3F1B265C5571}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1669D219-5F49-4D06-A239-C542C6BA8675}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{21E8050A-5C82-453C-BA50-8F5044636928}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2D9F8102-F605-42BB-917A-948B6974D0C1}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{31F79D14-8674-470A-8A31-5A811EAA1943}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3803B818-E508-4643-9F66-2C7C6670B195}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{3B38DFBE-776B-4B45-9218-9EE872828A39}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{3BE2E028-94B1-431E-8798-1840AF3EB933}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{3E814795-6BE7-45DF-A135-65F63CE49BA0}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{43E769D8-E0FA-42BF-B262-4A0345FFA0A1}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{45C16895-28F1-4819-AB1C-A85C6E65E2FA}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{468C574D-D396-40F5-AB23-33509A61D25A}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4D67ACD4-8F5E-4B49-80A4-4D649A3ACD9B}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{4E93A247-A7CC-4028-96B8-E06EA2CFE636}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{50C17E0F-52EA-40DA-ABAC-BCCDFB446DD9}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{5630CA13-730D-45B3-825B-EC065A107A2E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F7E5997-D201-464F-BA1B-1599AB3136A0}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5FB887CD-AD30-413E-A65E-C7C47775084D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{626C2910-6581-487A-A9C8-7E436ADE7D9F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{661AD5E7-B552-46B2-B8CE-DAE9C73837D1}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{685BCDD5-AC5A-4A1A-9113-F2EE1D83A635}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{75963BB9-D8F3-4332-B58F-D7F228057283}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{76F51FF2-633C-47A0-ABC8-8364574176D4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{777EE1EA-4906-4D0A-A687-E162F93A86AC}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{801D2504-132F-4FC7-91CF-ACE90B037E64}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{83EC39C3-E004-4189-B2E4-DD1468357701}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8541F1A1-F549-412E-95D8-986BB2B49222}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |
"{8AB4AF34-66FF-4B08-B6E6-86D3A67471A6}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{955025D1-EEBB-4367-A42C-50D9E2AD39B2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97510EFE-DFD7-48AD-88C3-29105689E5BC}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{9764C25D-C658-4454-9CC0-C5A0FC771CFC}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{A637C8F2-DDD3-42E9-9890-DE8B6DFBBDF4}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{AD2C1A8C-3847-460C-ACE9-B12B29034E9D}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{B1FE3BD2-50AF-49B7-BAE8-4E0B78DC8C47}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B65CBCF0-6757-4352-9B86-419D848CE1D1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B705F0D9-A311-40C7-ABE2-44DA420E6641}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B79162D7-BBBA-4C31-8708-A5610FBD0017}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{C4DA4F26-8603-45BF-8D6D-7C122BF9BAB2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C60D2349-1477-450B-A269-58ACCAB83AB1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C7680B22-5ECD-4E18-BE5C-779F2ED596D7}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{C82FCB8D-37B3-421B-B553-FE3079F9A658}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4074718-AECE-4925-8AC8-D084BB6B4369}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E1535F04-603A-4927-AB75-1BBAA9189BC4}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{EA6D9BF2-078F-4980-9421-FE6B333B45F0}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EC511530-9FD2-4DA6-AD68-09A795A403D8}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{ECF55B77-BCC3-40E9-BF7E-8DC6A1CC5C99}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EE148311-48E3-4D6D-B580-6AE1AAE499A4}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F65F9E4F-E542-46BD-BB17-15ECC304F146}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{FB97D2BA-E2DC-444C-816E-9B69AE1535E0}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"TCP Query User{5AC1C9F1-4E33-47C6-AE42-2CDC92F4ABF0}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{9BEB526E-B58A-4860-9B6C-202BD1B84DC4}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{E2A676F9-7375-4471-884B-18508A413E5F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{F3AB0D55-ABCF-42ED-9B8B-9616C00C7788}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{57E44F1C-BE0E-4244-B609-3A9B73B9DD60}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{6323B407-D023-41FA-8D75-9E2EE2204FC4}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{C75F0824-2946-4976-83B0-311ACE0218ED}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{C9AFEC6F-B607-405D-86F5-644583C93A10}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{0373779B-A362-4B2E-B8E9-7442F19F9394}" = HP Total Care Advisor
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}" = c4100_Help
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{45C5421D-7A5E-4FE9-8F42-D98DF070E783}" = Coby Media Manager
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4F1CECBC-670F-4DAA-81D6-944B12450917}" = DIGOpt
"{54AE3C08-D7D8-45FF-9348-0B4BE0D5A6CB}" = Comcast Universal Installer v1.2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{58762801-BA53-42B3-890B-C6B9CC8CFE26}" = QuickConnect
"{5E06C076-E4E7-4239-A886-B3D8AC84C166}" = HP Print Diagnostic Utility
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6AEE2B0B-B3C1-4367-B1EF-FC4ED98DEED1}" = C4100
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_OUTLOOKR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_OUTLOOKR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_OUTLOOKR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_OUTLOOKR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}" = muvee autoProducer 5.0
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"AVG8Uninstall" = AVG Free 8.5
"Browser Defender_is1" = Browser Defender 2.0.6.15
"CAL" = Canon Camera Access Library
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ComcastHSI" = Comcast High-Speed Internet Install Wizard
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EOS Utility" = Canon Utilities EOS Utility
"Flock" = Flock 1.0
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"LimeWire" = LimeWire 5.4.6
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"OUTLOOKR" = Microsoft Office Outlook 2007 Trial
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Spyware Doctor" = Spyware Doctor 7.0
"TomTom HOME" = TomTom HOME 2.7.4.1962
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Software Update" = Yahoo! Software Update
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
"WASHINGTON" = University of Washington B-Line

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/28/2010 1:11:14 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0xaac, application
start time 0x01cb168054a9e709.

Error - 6/28/2010 1:11:31 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0xb24, application
start time 0x01cb16805e72c909.

Error - 6/28/2010 1:12:14 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0x3a4, application
start time 0x01cb168078616d39.

Error - 6/28/2010 1:13:51 AM | Computer Name = Rene-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 6/28/2010 1:13:54 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0x17d8, application
start time 0x01cb1680b2f834b9.

Error - 6/28/2010 1:26:54 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0x1304, application
start time 0x01cb16827d3a1b6d.

Error - 6/28/2010 1:27:19 AM | Computer Name = Rene-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18904 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 12a8 Start Time: 01cb16827b463aad Termination Time: 44

Error - 6/28/2010 1:27:49 AM | Computer Name = Rene-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module PCTBDCore.dll, version 2.0.6.11, time stamp 0x4af8a3c7,
exception code 0xc0000005, fault offset 0x0002696b, process id 0x1038, application
start time 0x01cb1682a580c6ad.

Error - 6/28/2010 1:31:11 AM | Computer Name = Rene-PC | Source = EventSystem | ID = 4609
Description =

Error - 6/28/2010 1:44:41 AM | Computer Name = Rene-PC | Source = EventSystem | ID = 4609
Description =

[ OSession Events ]
Error - 6/4/2009 3:10:36 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/4/2009 3:11:05 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/16/2010 7:39:14 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/22/2010 6:43:22 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/22/2010 6:45:17 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/22/2010 6:45:39 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/14/2010 4:21:41 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/14/2010 4:21:53 PM | Computer Name = Rene-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/28/2010 1:24:27 AM | Computer Name = Rene-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:20:48 PM on 6/27/2010 was unexpected.

Error - 6/28/2010 1:24:47 AM | Computer Name = Rene-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer HP Photosmart C4100 series
(Copy 1) with shared resource name HP Photosmart C4100 series (Copy 1). Error 2114.
The printer cannot be used by others on the network.

Error - 6/28/2010 1:25:55 AM | Computer Name = Rene-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/28/2010 1:25:55 AM | Computer Name = Rene-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/28/2010 1:26:47 AM | Computer Name = Rene-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 6/28/2010 1:26:49 AM | Computer Name = Rene-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 6/28/2010 1:31:02 AM | Computer Name = Rene-PC | Source = DCOM | ID = 10005
Description =

Error - 6/28/2010 1:31:11 AM | Computer Name = Rene-PC | Source = DCOM | ID = 10005
Description =

Error - 6/28/2010 1:31:20 AM | Computer Name = Rene-PC | Source = DCOM | ID = 10005
Description =

Error - 6/28/2010 1:31:31 AM | Computer Name = Rene-PC | Source = Service Control Manager | ID = 7026
Description =

Rogue69
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2010-06-28
OS OS : windows vista
Points Points : 23553
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need Help used remove AV security fix windows doesnt work?

Post by Belahzur on 28th June 2010, 7:33 pm

Hello.
Please post the main OTL.txt log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245091
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum