[Slow Computer]

Hi and sorry for late reply

I just got email notification today, no idea why.

For general slowness, see here and post back if it helped

[Slow Computer]

Hi REMIX_23

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
  
• Doubleclick on the HJTInstall.exe icon on your desktop.
  
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
  
• Click on Install.
  
• It will create a HijackThis icon on the desktop.
  
• Once installed, it will launch Hijackthis.
  
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  
• Come back here to this thread and Paste the log in your next reply.
  
• DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
  

[Virtumonde]

Hi Ani

Rename HijackThis.exe to Ani.exe and post back a fresh HijackThis log, please

[Neep Help Removing Fake Alert-s.dll]

Hi

Then you're clean!

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:

• Download the latest version of Java Runtime Environment (JRE) 6 Update 4 and save it to your desktop.
  
• Scroll down to where it saysThe J2SE Runtime Environment (JRE) allows end-users to run Java applications.
  
• Click the Download button to the right.
  
• Select Windows on platform combobox and check the box that says:
  Accept License Agreement. Click continue.
  
• The page will refresh.
  
• Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  
• Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  
• Click the Remove or Change/Remove button.
  
• Repeat as many times as necessary to remove each Java versions.
  
• Reboot your computer once all Java components are removed.
  
• Then from your desktop double-click on jre-6u4-windows-i586-p.exe to install the newest version.
  

Update Adobe Reader

It looks like your version of Adobe Reader is out of date and you're vulnerable for infections.

Please download the newest version here:

http://www.adobe.com/products/acrobat/read...t=1&dlm=nos

Install it, then go to Add/Remove Programs and remove any older versions that may remain.

Next we remove all used tools.

Please download OTMoveIt and save it to desktop.

• Double-click OTMoveIt.exe.
  
• Click the CleanUp! button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes, if not delete it by yourself.
  

Note: If you receive a warning from your firewall or other security programs regarding OTMoveIt attempting to contact the internet, please allow it to do so.

• Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.
  You can find instructions on how to enable and re-enable system restore here:
  Windows XP System Restore Guide
  

Re-enable system restore with instructions from tutorial above

• Make your Internet Explorer more secure - This can be done by following these simple instructions:
  
• From within Internet Explorer click on the Tools menu and then click on Options.
  
• Click once on the Security tab
  
• Click once on the Internet icon so it becomes highlighted.
  
• Click once on the Custom Level button.
  
• Change the Download signed ActiveX controls to Prompt
  
• Change the Download unsigned ActiveX controls to Disable
  
• Change the Initialize and script ActiveX controls not marked as safe to Disable
  
• Change the Installation of desktop items to Prompt
  
• Change the Launching programs and files in an IFRAME to Prompt
  
• Change the Navigate sub-frames across different domains to Prompt
  
• When all these settings have been made, click on the OK button.
  
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
  
• Next press the Apply button and then the OK to exit the Internet Properties page.
  

• Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  
• Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  
• Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
  This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:
  Instructions for Spybot S & D
  
• Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
  A tutorial on installing & using this product can be found here:
  Using SpywareBlaster to protect your computer from Spyware and Malware
  
• Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
  

Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety

• MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
  
• Google Toolbar <= Get the free google toolbar to help stop pop up windows.
  
• Comodo BOCLEAN <= Stop identity thieves from getting personal information. Instantly detects well over 1,000,000 unique, variant and repack malware in total. And it's free.
  
• Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
  Using Winpatrol to protect your computer from malicious software
  

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!

[Neep Help Removing Fake Alert-s.dll]

Hi

That looks good

Still problems?

[Neep Help Removing Fake Alert-s.dll]

Hi

Empty this folder:

F:\Documents and Settings\kcslone\Local Settings\Temp\

Delete these:

F:\WINNT\system32\f3PSSavr.scr

F:\WINNT\system32\stt.exe

Empty Recycle Bin.

Please download ATF Cleaner by Atribune and save

it to desktop.

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All

Click the Empty Selected button.

NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All

Click the Empty Selected button.

NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit to close ATF-Cleaner.

Re-scan with kaspersky.

Post:

- a fresh HijackThis log

- kaspersky report

[Neep Help Removing Fake Alert-s.dll]

Hi

Uninstall via add/remove programs:

MYWEBSEARCH

Delete this folder:

F:\PROGRAM FILES\MYWEBSEARCH

Empty Recycle Bin

Open HijackThis, click do a system scan only and checkmark this:

O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C92CBD8D6} - C:\Program Files\Video Add-on\isfmdl.dll (file missing)

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O23 - Service: McAfee Application Installer Cleanup (0256771200859940) (0256771200859940mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP25677~1.EXE (file missing)

Close all windows including browser and press fix checked.

Reboot.

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then start to download the latest definition files.
  
• Once the scanner is installed and the definitions downloaded, click Next.
  
• Now click on Scan Settings
  
• In the scan settings make sure that the following are selected:
  o Scan using the following Anti-Virus database:
  + Extended (If available otherwise Standard)
  o Scan Options:
  + Scan Archives
  + Scan Mail Bases
  
• Click OK
  
• Now under select a target to scan select My Computer
  
• The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  
• Now click on the Save as Text button
  
• Save the file to your desktop.
  
• Copy and paste that information in your next post.
  

Note: This scanner will work with Internet Explorer Only!

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log

- kaspersky report

[Neep Help Removing Fake Alert-s.dll]

Hi

Please print out or copy these instructions/tutorial to Notepad as the internet will not be (while in Safe Mode) available to you at certain points of the removal process. Make sure to work through all the Steps in the exact order in which they are listed below. If there's anything that you don't understand, ask your question(s) before moving on with the fixes.

Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  

______________________________

Reboot your computer in Safe Mode.

• If the computer is running, shut down Windows, and then turn off the power.
  
• Wait 30 seconds, and then turn the computer on.
  
• Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  
• Ensure that the Safe Mode option is selected.
  
• Press Enter. The computer then begins to start in Safe mode.
  
• Login on your usual account.
  

______________________________

Double-click on SmitfraudFix.exe

Select option #2 - Clean by typing 2 and press Enter.

Wait for the tool to complete and disk cleanup to finish.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.

The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually. Reboot in Safe Mode.

The tool will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

______________________________

Navigate to C:\Windows\Temp

Click Edit, click Select All, press the DELETE key, and then click Yes to confirm that you want to send all the items to the Recycle Bin.

Navigate to C:\Documents and Settings\(EVERY LISTED USER)\Local Settings\Temp

Click Edit, click Select All, press the DELETE key, and then click Yes to confirm that you want to send all the items to the Recycle Bin.

Clean out your Temporary Internet files. Proceed like this:

Quit Internet Explorer, all browsers and quit any instances of Windows Explorer.

For Internet Explorer 7

• Click Start, click Control Panel, and then double-click Internet Options.
  
• On the General tab, click Delete... under Browsing History.
  
• Next to Temporary Internet Files, click Delete files, and then click OK.
  
• Next to Cookies, click Delete cookies, and then click OK.
  
• Next to History, click Delete history, and then click OK.
  
• Click the Close button.
  
• Click OK.
  

For Internet Explorer 4.x - 6.x

• Click Start, click Control Panel, and then double-click Internet Options.
  
• On the General tab, click Delete Files under Temporary Internet Files.
  
• In the Delete Files dialog box, tick the Delete all offline content check box, and then click OK.
  
• On the General tab, click Delete Cookies under Temporary Internet Files, and then click OK.
  
• Click on the Programs tab then click the Reset Web Settings button. Click Apply then OK.
  
• Click OK.
  

For Netscape 4.x and Up

• Click Edit from the Netscape menubar.
  
• Click Preferences... from the Edit menu.
  
• Expand the Advanced menu by clicking the triangle sign.
  
• Click Cache.
  
• Click both the Clear Memory Cache and the Clear Disk Cache buttons.
  

For Mozilla 1.x and Up

• Click Edit from the Mozilla menubar.
  
• Click Preferences... from the Edit menu.
  
• Expand the Advanced menu by clicking the plus sign.
  
• Click Cache.
  
• Click the Clear Cache button.
  

For Opera

• Click File from the Opera menubar.
  
• Click Preferences... from the File menu.
  
• Click the History and Cache menu.
  
• Click the two Clear buttons next to Typed in addresses and Visited addresses (history) and click the Empty now button to clear the Disk cache.
  
• Click Ok to close the Preferences menu.
  

Next Click Start, click Control Panel and then double-click Display. Click on the Desktop tab, then click the Customize Desktop button. Click on the Web tab. Under Web Pages you should see a checked entry called Security info or something similar. If it is there, select that entry and click the Delete button. Click Ok then Apply and Ok.

Empty the Recycle Bin by right-clicking the Recycle Bin icon on your Desktop, and then clicking Empty Recycle Bin.

______________________________

• Open SUPERAntiSpyware.
  
• Under "Configuration and Preferences", click the Preferences button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
    
  • Scan for tracking cookies.
    
  • Terminate memory threats before quarantining.
    

  [*]Click the "Close" button to leave the control center screen.

  [*]Back on the main screen, under "Scan for Harmful Software" click Scan your computer.

  [*]On the left, make sure you check C:\Fixed Drive.

  [*]On the right, under "Complete Scan", choose Perform Complete Scan.

  [*]Click "Next" to start the scan. Please be patient while it scans your computer.

  [*]After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".

  [*]Make sure everything has a checkmark next to it and click "Next".

  [*]A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.

  [*]If asked if you want to reboot, click "Yes".

  [*]To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Please copy and paste the Scan Log results in your next reply.
    

  [*]Click Close to exit the program.

______________________________

Please post:

1. c:\rapport.txt
   
2. SUPERAntiSpyware log
   
3. A new HijackThis log
   

You may need several replies to post the requested logs, otherwise they might get cut off.

[Neep Help Removing Fake Alert-s.dll]

Hi

Download SmitfraudFix (by S!Ri) to your Desktop.

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe

Select option #1 - Search by typing 1 and press Enter

This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

[Neep Help Removing Fake Alert-s.dll]

Hi cheryl

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
  
• Doubleclick on the HJTInstall.exe icon on your desktop.
  
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
  
• Click on Install.
  
• It will create a HijackThis icon on the desktop.
  
• Once installed, it will launch Hijackthis.
  
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  
• Come back here to this thread and Paste the log in your next reply.
  
• DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
  
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
  

[Help, I Cannot Remove A Virus From My Computer]

Hi

Then I don't think that I can help you with that issue (not malware related).

If it's itunes which misbehaves you can try contacting Apple or you can start a new thread here

[Help, I Cannot Remove A Virus From My Computer]

Hi

How much RAM you have?

[Help, I Cannot Remove A Virus From My Computer]

Hi

Have you tried re-installing iTunes?

[Help, I Cannot Remove A Virus From My Computer]

Hi

I don't mean memory usage here.

I mean which program uses most of cpu as you said this:

"that my cpu usage is always in the 90s and it barley goes down even when i close any programs that are running".

[Help, I Cannot Remove A Virus From My Computer]

Hi

What processes use the most of CPU?

[Help, I Cannot Remove A Virus From My Computer]

Hi

See here and post back if it helped

[Help, I Cannot Remove A Virus From My Computer]

Hi

See here , Registry section.

[Help, I Cannot Remove A Virus From My Computer]

Hi

Sure it can be hardware problem.

However, if your windows installation is 2 years old, that can be a problem, too.

Windows tends to get slower among time.

Have you cleaned your registry after slowdown?

[Help, I Cannot Remove A Virus From My Computer]

Hi

Well when you have eg. last time defragged or cleaned temp files?

[Help, I Cannot Remove A Virus From My Computer]

Hi

I don't think so?

Number of viruses found: 0

Number of infected objects: 0

Number of suspicious objects: 0

It's normal that some objects are locked. That just means that they are in use during the scan.

[Help, I Cannot Remove A Virus From My Computer]

Hi

Empty this folder:

C:\Documents and Settings\SONNY J\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar

Empty Recycle Bin

Still problems?

[Help, I Cannot Remove A Virus From My Computer]

Hi

Please do an online scan with Kaspersky Online Scanner. You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then start to download the latest definition files.
  
• Once the scanner is installed and the definitions downloaded, click Next.
  
• Now click on Scan Settings
  
• In the scan settings make sure that the following are selected:
  o Scan using the following Anti-Virus database:
  + Extended (If available otherwise Standard)
  o Scan Options:
  + Scan Archives
  + Scan Mail Bases
  
• Click OK
  
• Now under select a target to scan select My Computer
  
• The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
  
• Now click on the Save as Text button
  
• Save the file to your desktop.
  
• Copy and paste that information in your next post.
  

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

Post:

- a fresh HijackThis log

- kaspersky report

[My Hijackthis Log[RESOLVED][INACTIVE]]

Re-opened upon request.

[Help, I Cannot Remove A Virus From My Computer]

Hi

Looking over your log, it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:

1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.

2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.

3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - C:\Program Files\ActivationManager\ActivationManager.dll (file missing)

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

Close all windows including browser and press fix checked.

Reboot.

I see that Viewpoint is installed. Viewpoint, Viewpoint Manager, Viewpoint Media Player are Viewpoint components which are installed as a side effect of installing other software, most notably AOL and AOL Instant Messenger (AIM). Viewpoint Manager is responsible for managing and updating Viewpoint Media Player’s components. You can disable this using the Viewpoint Manager Control Panel found in the Windows Control Panel menu. By selecting Disable auto-updating for the Viewpoint Manager -- the player will no longer attempt to check for updates. Anything that is installed without your consent is suspect. Read what Viewpoint says and make your own decision.

To provide a satisfying consumer experience and to operate effectively, the Viewpoint Media Player periodically sends information to servers at Viewpoint. Each installation of the Viewpoint Media Player is identifiable to Viewpoint via a Customer Unique Identifier (CUID), an alphanumeric identifier embedded in the Viewpoint Media Player. The Viewpoint Media Player randomly generates the CUID during installation and uses it to indicate a unique installation of the product. A CUID is never connected to a user's name, email address, or other personal contact information. CUIDs are used for the sole purpose of filtering redundant information. Each of these information exchanges occurs anonymously.

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware.

I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components (Viewpoint, Viewpoint Manager, Viewpoint Media Player):

1. Click Start, point to Settings, and then click Control Panel.
   
2. In Control Panel, double-click Add or Remove Programs.
   
3. In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.
   
4. Do the same for each Viewpoint component.
   

Post a fresh HijackThis log.

What program found that virus and where is it now?

[Help, I Cannot Remove A Virus From My Computer]

Hi

I see no antivirus installed so that's the next step:

Looking over your log, it seems you don't have any evidence of an anti-virus software.

Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:

1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.

2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.

3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

To access the Uninstall Manager you would do the following:

1. Start HijackThis

2. Click on the Config button

3. Click on the Misc Tools button

4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply

Post:

- a fresh HijackThis log

- uninstall list