More tools bars and redirects

system · February 3, 2013, 1:12am

Windows Vista SP1 (keeps failing wheni try to upgrade to SP2)

Had numerous bs antivirus/spyware programs.
Numerous toolbars etc…

Removed alot of items and justneed the final check from you all.

See attached logs:

system · February 3, 2013, 1:13am

aswMBR log
FSS log

system · February 3, 2013, 1:14am

Rogue killer items

(PLEASE NOTE TDSSKILLER CAME BACK NEGATIVE)

essexboy · February 3, 2013, 10:40am

What errors do you get when you try to install SP2

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
SRV - [2012/01/31 18:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 07:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
DRV:64bit: - [2012/11/12 07:47:46 | 000,312,160 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/05/27 22:05:14 | 000,117,328 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 02:59:54 | 000,377,936 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 18:03:18 | 000,037,456 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/01 16:25:18 | 000,041,552 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 10:12:34 | 000,026,704 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 09:53:22 | 000,029,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:64bit: - [2010/07/12 06:34:00 | 000,057,696 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgfwd6a.sys -- (Avgfwfd)
IE - HKU\S-1-5-21-2732333668-901077165-761671325-1000\..\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=UXxdm011YYus&ptnrS=UXxdm011YYus&si=maps4pc&ptb=3A7F36D6-84C9-4CAE-A5B0-8B949FAA32FD&ind=2012111821&n=77ee63cd&psa=&st=sb&searchfor={searchTerms}
IE - HKU\S-1-5-21-2732333668-901077165-761671325-1000\..\SearchScopes\{FA0C34CB-B138-4ADB-9338-09D43602321B}: "URL" = http://findgala.com/?&uid=302&q={searchTerms}
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O33 - MountPoints2\{631f3989-f33b-11de-86c4-00235a439880}\Shell\AutoRun\command - "" = F:\nmusbcfg.exe
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)
[2013/01/21 20:28:17 | 000,361,339 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm

:Files
C:\Program Files (x86)\AVG
C:\Windows\SysNative\drivers\AVG

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

system · February 3, 2013, 2:27pm

sp2 just keeps failing to install.
Also, can UNINSTALL AVG…and the OTL run stopped and locked up when it was at the following:
FILES:
programfiles AVG

essexboy · February 3, 2013, 2:41pm

Do you get an error message when the install fails … Or an error code ?

Download and run AVG remover from here http://www.avg.com/gb-en/utilities

essexboy · February 3, 2013, 2:41pm

Also download and run SURT from here http://www.microsoft.com/en-gb/download/details.aspx?id=504
This may cure the SP install block

system · February 3, 2013, 3:24pm

failed code:800B0100

keep running OTL, after it freezes I restart and it goes farther but then freezeing on an AVG portion again. Trying other uninstall items and willreport back shortly

system · February 3, 2013, 3:30pm

The MS link you gave me…error…update does not apply to my system

The AVG seems to have been removed. I am reruning OTL…will report back shortly

essexboy · February 3, 2013, 3:50pm

Hmm that is the Vista version

Could you run this troubleshooter and try again http://go.microsoft.com/fwlink/?LinkId=231149

system · February 3, 2013, 4:07pm

avg pctuneup 2011…wont uninstall.

will try the fix it link you sent

system · February 3, 2013, 4:24pm

wont let me just RUN the program…wants to save it, but I have to program to execute it

system · February 3, 2013, 4:34pm

is that pctuneup thing a real AVG program?

also here is logs from avg removal

essexboy · February 3, 2013, 5:16pm

is that pctuneup thing a real AVG program?

Unfortunately yes, more snake oil than anything else

OK lets use a programme to reset windows and then see we if can install SP2

Download Windows Repair (all in one) from this site

Install the programme then run

https://dl.dropbox.com/u/73555776/waio%20start.JPG

Go to step 3 and allow it to run SFC

https://dl.dropbox.com/u/73555776/waio%20step3.JPG

On the start repairs tab click start

https://dl.dropbox.com/u/73555776/waiostart%20rep.JPG

Select the following items and tick restart system when finished

https://dl.dropbox.com/u/73555776/waio%20rep%20list.JPG

system · February 4, 2013, 3:00am

Running the repair tool…for about 4 hours now…???

it is still in the reset registry permissions section…over 4000000 modified files??? 60+failures…

Does this seem correct??

letting it run unless you say otherwise… :o

essexboy · February 4, 2013, 1:56pm

Yes as all the registry permissions need to be reset to default, this will clear a lot of problem. As it is taking so long that may be where part of your problems lie

system · February 4, 2013, 2:09pm

16 hours later and its still on the same step (1) as it was yestarday…only difference is the number that was about 4million is now back at about 2million? …

I shut off the program…something is wrong… :-\

essexboy · February 4, 2013, 2:10pm

OK re-run it but remove the top 3 ticks up to WMI

system · February 4, 2013, 9:24pm

Essex…this went bad real fast. :o

Instead of trying to save it, I restored it to factory condition 8)

I have more fun learning and fighting the virus removal battle…but this one seemed too far gone.

Thanks for your time with this one, Im sure youll see me again

essexboy · February 4, 2013, 9:50pm

There was a lot of damage to the system so you probably took the best course

Is all OK now ?

More tools bars and redirects

Announcements