Articles

Windows XP SP3 Internet explorer errors

January 6, 2013 at 06:43:17
Specs: Windows 7, 3.0 Ghz

First I will say this. I like using Internet explore. Changing browsers is not a fix for me. Thanks :)

Sometimes I get an error on internet explorer. I have to ctrl alt delete and close IE. The error usually is object error or invalid pointer. This only happens in explorer. Is there a way to fix this? I also disabled tool bars.
This is Windows XP Professional SP3 all updates. The above specs are not this computer.

Thanks.


See More: Windows XP SP3 Internet explorer errors

Report •


#1
January 6, 2013 at 06:47:51

Which version of internet explorer are you running? I think 8 is the last version that XP supports.

How do you know when a politician is lying? His mouth is moving.


Report •

#2
January 6, 2013 at 08:06:55

Yes, definite, IE8 is latest for XP.

You could reset IE and see if that fixes it:
Tools > Internet Options > Advanced tab > Reset button.

You will lose most addons and some of your personal settings will get lost. The addons come back as required and anything else is easy to sort.

Always pop back and let us know the outcome - thanks


Report •

#3
January 6, 2013 at 09:14:28

"guapo"
Which version of internet explorer are you running?
I think 8 is the last version that XP supports.


This is Windows XP Professional SP3 all updates.


Report •

Related Solutions

#4
January 6, 2013 at 09:21:42

I have reset Internet Explore and still same problem. I also scanned with male ware bytes.

Report •

#5
January 6, 2013 at 09:48:31

"I also disabled tool bars"

What toolbars do you mean? Add-ons like AVG, Google, Yahoo, etc? They shouldn't be disabled, they should be uninstalled. Toolbars are problematic. Not only do they take up screen space, but they can slow the browser & sometimes invite (or open the door) to infection.

"The error usually is object error or invalid pointer"

http://support.microsoft.com/kb/268...

http://www.ehow.com/info_12229509_i...

http://support.microsoft.com/kb/308260

Make sure you regularly clean your IE history, temp internet files, cookies, etc.

http://www.piriform.com/ccleaner/bu...


Report •

#6
January 6, 2013 at 10:08:09

"This is Windows XP Professional SP3 all updates"

Yes, but IE8 is still the latest IE version. IE9 is for Vista and above.

Always pop back and let us know the outcome - thanks


Report •

#7
January 6, 2013 at 11:47:14

OK I meant all updates for ie8. No updates are available because I have them all.

I figured I would pop back. I will pop back later. l.o.l


Report •

#8
January 6, 2013 at 14:32:33

I just reset Internet Explore again. Still causing problems.

Report •

#9
January 6, 2013 at 15:03:18

Could be an add-on interfering. To check, you can run Internet Explorer without add-ons by going to Start, All Programs, Accessories, System Tools and open Internet Explorer (No Add-ons).
If the problem stops, an add-on is causing the problem. To identify what one is causing it, go to Tools, Manage Add-ons, change the Show option on the left to All Add-ons, select all add-ons on the list to the right and click Disable All. Restart Internet Explorer normally and go to Tools, Manage Add-ons again and enable each add-on one by one and test to identify the problematic add-on.
If you wish to remove an add-on completely, you should be able to right click it, choose More Information, and then click the Remove button.

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#10
January 6, 2013 at 19:41:59

Do you have Privacy Safeguard installed?
If so, uninstall it.

Do you have any gadgets installed?
gadgets windows xp desktop
http://is.gd/Vknps3


Report •

#11
January 7, 2013 at 05:07:11

No neither privacy safeguard or gadgets were ever installed. I so this same post a few post down from someone else. Someone suggested to run TFC. I ran that and rebooted and still get object error.

Report •

#12
January 7, 2013 at 06:21:12

Boot to safe mode & then run IE. Does it still happen?

How do you know when a politician is lying? His mouth is moving.


Report •

#13
January 7, 2013 at 07:37:23

I will try running in safe mode. Also will try running again with no add on's. Someone posted the same issue but as Windows 7 it was posted on XP forum but now was moved to 7 forum. I tried the suggestion TFC by old timer. It ran and rebooted. Still did not fix the issue. I went to add/remove. I removed all tool bars. I removed Gateway IE customization also. I uninstalled ie 8 and reinstalled it and still have the issue. I try to go to Windows updates to reinstall the updates amd get object error on that page. This is really really really annoying. It is driving me crazy and that is a bad thing because I am already crazy. I forgot to mention. At one time there was a nasty infection actually a toolbar called fun moods. I did not install that my nephew did. Here is what would happen. When another tab was opened it would open fun moods search. I wish and maybe there is a program that searches for left overs? As far as I know the fun moods is gone and has been for while.

Report •

#14
January 7, 2013 at 08:12:52

This does not happen in safe mode. I am about to look in add/remove again and check startup and see if anything funny. I don't think it is virus/maleware related though. And I am sure fun moods is gone. I will double check.

Report •

#15
January 7, 2013 at 08:22:45

As you know Safe Mode is minimal so it's something that upsets IE when it's only running with normal Windows. Yes, both checks in #14 are a good ideas..

Always pop back and let us know the outcome - thanks


Report •

#16
January 7, 2013 at 08:22:49

I just looked in add/remove. Privacy safeguard was there. I never saw it before because there is a lot of things there. I am still going thru add/remove. Sorry I said it was not there before I mentioned I was already crazy.
I just tried going to Windows Update. This time no object error. It seems it was Privacy Guard maybe installed with uTorrent that my nephew installed. Now I think this system is good to go. I do not let my nephew touch my computers any more. This is still an issue.
I am still crazy.

Report •

#17
January 7, 2013 at 10:23:39

"I just looked in add/remove. Privacy safeguard was there"
Uninstall it in Normal mode.

Then run these 2 programs & post the contents of the logs.

Run AdwCleaner
http://www.softpedia.com/get/Antivi...
http://www.softpedia.com/progScreen...
http://general-changelog-team.fr/en...
http://www.raymond.cc/blog/adwclean...
Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Run Junkware Removal Tool
http://www.bleepingcomputer.com/dow...
http://thisisudax.blogspot.com.au/2...


Report •

#18
January 7, 2013 at 12:51:38

Forget about add & remove. If it doesn't happen in safe mode, the startup tab of msconfig is where you want to look. Something in there is causing the conflict. Click start, run, type msconfig, press enter, go to the startup tab, uncheck anything that you don't need to load into memory at boot time or disable all, click apply, ok & restart. Click ok again after it restarts.

How do you know when a politician is lying? His mouth is moving.


Report •

#19
January 8, 2013 at 04:24:35

The AdwCleaner 2.105 the site you gave has 2 download options. I click the download all it is is a file called setup.exe. I am not downloading a file with just setup.exe. I will have to search google for another site and I will post the log when I find it.

Report •

#20
January 8, 2013 at 05:21:30

Here is AdwCleaner 2.105 log


# AdwCleaner v2.105 - Logfile created 01/08/2013 at 08:20:30
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - CTG-SERVER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Folder Found : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Found : C:\Documents and Settings\All Users\Application Data\Premium
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Smartdl

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\Software\Web Assistant
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0oj8mm3a.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6158 octets] - [08/01/2013 08:20:30]

########## EOF - C:\AdwCleaner[R1].txt - [6218 octets] ##########


Report •

#21
January 8, 2013 at 05:44:36

JRT Log file


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.1 (01.06.2013:2)
OS: Microsoft Windows XP x86
Ran by Administrator on at
Computer was rebooted
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\esrv.incredibaresrvc
Successfully deleted: [Registry Key] hkey_classes_root\esrv.incredibaresrvc.1
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\im
Successfully deleted: [Registry Key] hkey_current_user\software\iminstaller
Successfully deleted: [Registry Key] hkey_current_user\software\incredibar.com
Successfully deleted: [Registry Key] hkey_local_machine\software\incredibar.com
Successfully deleted: [Registry Key] hkey_current_user\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\web assistant
Successfully deleted: [Registry Key] hkey_local_machine\software\web assistant
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\i
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibar.dskbnd
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibar.dskbnd.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibar.incredibarhlpr
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibar.incredibarhlpr.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibarapp.appcore
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\incredibarapp.appcore.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3220468
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT3225826
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\installmate"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\premium"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\smartdl"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\start menu\programs\ytd video downloader"

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\{336d0c35-8a85-403a-b9d2-65c292c39087}

~~~ Chrome

Successfully deleted: [Folder] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Folder] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Folder] C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] hkey_current_user\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/08/2013 at 8:35:29.90
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Report •

#22
January 8, 2013 at 06:16:44

I think you making it far more complicated than it's needs to be. Why don't you want to do what I suggested in post #18? Since it doesn't happen in safe mode, the conflict is in the startup.

How do you know when a politician is lying? His mouth is moving.


Report •

#23
January 8, 2013 at 08:05:21

guapo, You said Forget about add & remove. But I had already double checked add/remove. I found Privacy Safeguard after I double checked. Someone asked about it and I figured I would double check. I also checked msconfig. There was nothing in msconfig that looked funny. That is why I went ahead and double checked. I really don't know why it didn't happen in safe mode. But I ran the other two programs as suggested. It looks like the JRT found some things.I will wait to see what the next suggestion. And I thank all that has helped.

Report •

#24
January 8, 2013 at 08:24:28

What happened when you disabled all, as per #18?

Might be worth running this:
http://www.softpedia.com/get/Antivi...

Always pop back and let us know the outcome - thanks


Report •

#25
January 8, 2013 at 08:29:12

I never disabled. I didn't see anything unusual. I had already saw the Privacy Guard anyway. I have messed with msconfig enough to know what's good and what's not.
Sometimes I do over look things like I did with the Add/Remove. I just didn't disable because I personally didn't see the need.
"Might be worth running this:
http://www.softpedia.com/get/Antivi...

Ive already used AdwCleaner 2.105. Did you see the log?


Report •

#26
January 8, 2013 at 08:32:59

Ooops, sorry, going blind it seems...

Always pop back and let us know the outcome - thanks


Report •

#27
January 8, 2013 at 08:38:00

I appreciate that you want to stick with IE. However, just to prove whether this is an IE issue or a system issue it could be worth temporarily installing Firefox to see if that does the same. It uninstalls quite easily afterwards.

Always pop back and let us know the outcome - thanks


Report •

#28
January 8, 2013 at 08:39:45

I have Firefox and Chrome. Firefox didn't do it. Not sure about Chrome.

Report •

#29
January 8, 2013 at 08:47:53

You could try re-registering the dll's using the script here:
http://ask-geeks.blogspot.co.uk/201...

Always pop back and let us know the outcome - thanks


Report •

#30
January 8, 2013 at 10:11:55

"guapo, You said Forget about add & remove. But I had already double checked add/remove. I found Privacy Safeguard after I double checked"

All I did was Google the original problem & Privacy Safeguard came up regularly as the culprit. Uninstalling fixed the problem.

Post #5 here.
http://forum.videohelp.com/threads/...

http://social.technet.microsoft.com...

http://answers.microsoft.com/en-us/...

http://forums.comcast.com/t5/E-Mail...

http://helpdesk.pcpitstop.com/index...

http://answers.microsoft.com/en-us/...


Report •

#31
January 8, 2013 at 10:14:18

"ChristopherTGarrett January 8, 2013 at 05:21:30 Pacific

Here is AdwCleaner 2.105 log"

Thanks.

Heaps of problems found, you should have hit the Delete button.

New log please.


Report •

#32
January 8, 2013 at 13:41:43

The need to disable is to find the conflict. Just because it 'looks good' doesn't mean it is.

How do you know when a politician is lying? His mouth is moving.


Report •

#33
January 8, 2013 at 17:17:12

"Heaps of problems found, you should have hit the Delete button."

I will run it again. I don't think I saw an option to delete. I told you I was crazy.

"New log please."

I will post after I run it again.


Report •

#34
January 8, 2013 at 17:37:22

"I don't think I saw an option to delete"
Right alongside > Search.
Do a Search & then hit > Delete.

Report •

#35
January 8, 2013 at 17:58:56

Yes I saw it the second time. I deleted it.

Here is the log.

# AdwCleaner v2.105 - Logfile created 01/08/2013 at 20:49:28
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - CTG-SERVER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\My Documents\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0oj8mm3a.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6287 octets] - [08/01/2013 08:20:30]
AdwCleaner[R2].txt - [4016 octets] - [08/01/2013 20:20:43]
AdwCleaner[S1].txt - [4009 octets] - [08/01/2013 20:49:28]

########## EOF - C:\AdwCleaner[S1].txt - [4069 octets] ##########


Report •

#36
January 8, 2013 at 18:01:23

"guapo January 8, 2013 at 16:41:43

The need to disable is to find the conflict. Just because it 'looks good' doesn't mean it is."

I guess I understand now guapo. I guess somthign good in startup you mean it could be infected? Anyway I am not doubting you. Just the normal items were in startup that I know real good.


Report •

#37
January 8, 2013 at 18:28:35

"Here is the log"
I suspect you have more infections on the comp, we shall now start the checking process.

As we dismantle the infection bit by bit, that may allow the repeat use of programs, which may in turn pick up more.
Removal of infected parts of the system, may cause other parts to stop working, such as your Internet connection or Services. These then we have to repair later.

If any program won't run ( due to the infection ) let me know. Post the log/logs after each run.
Screenshots ( SS ) may also requested, or if you want to illustrate a point yourself, use the uploader.
If any of the logs are too large, upload them to a site of your choosing or, all can be done with this. I use Imgur.com
Image Uploader
http://www.softpedia.com/get/Intern...
http://www.softpedia.com/progScreen...
http://zenden.ws/imageuploader_ru
How to use
http://i.imgur.com/rr0p9.gif
http://i.imgur.com/zsqmE.gif
http://i.imgur.com/OA9LW.gif
http://i.imgur.com/PujnZ.gif


Report •

#38
Report •

#39
January 8, 2013 at 18:34:32

I will do all the suggested in the morning. I am tired right now. But I will post somthing below. But first will say this. I noticed my net a little slow tonight. My brother in law could be on my wi-fi he downloads things and sometimes it slows me down. But read this below.

I just remembered. My e-mail with my ISP it is at&t. It is the same as yahoo mail just I have a @bellsouth.net address. Anyway this morning a bot was sending e-mails from my address. I just now remembered this didn't think about posting it this morning. I know it was sending spam because my yahoo address is in my address book. That sounds crazy but maybe a good thing my yahoo address in there for this reason. Just thought I would post this.


Report •

#40
January 8, 2013 at 18:45:30

"Just thought I would post this"
That just reinforces my suspicion, that a lot more is going on. The checks we will do, will reveal all.

Report •

#41
January 8, 2013 at 18:48:29

OK But I think I have used the trial of Hitman Pro it's updateing now shows at the bottom trial expired. I think it will scan. Just not remove.

Report •

#42
January 8, 2013 at 19:03:36

"Just not remove"
Correct, we shall have to use another.

2: Run ESET & post the log please. This scan may take a very long while, so please be patient. Start it before going to work or bed.
http://www.eset.com/us/online-scann...
http://www.eset.com/home/products/o...
You may have to download ESET from a good computer, put it on a thumb drive & run it from there.
Create a ESET SysRescue CD or USB drive
http://kb.eset.com/esetkb/index?pag...
How do I use my ESET SysRescue CD or USB flash drive to scan and clean my system?
http://kb.eset.com/esetkb/index?pag...
Configure ESET this way & disable your AV.
http://i.imgur.com/3U7YC.gif
How to Temporarily Disable your Anti-virus
http://www.bleepingcomputer.com/for...
Why Would I Ever Need an Online Virus Scanner?
I already have an antivirus program installed, isn't that enough?
http://www.squidoo.com/the-best-fre...
Once onto a machine, malware can disable antivirus programs, prevent antimalware programs from downloading updates, or prevent a user from running antivirus scans or installing new antivirus software or malware removal tools. At this point even though you are aware the computer is infected, removal is very difficult.
5: Why does the ESET Online Scanner run slowly on my computer?
If you have other antivirus, antispyware or anti-malware programs running on your computer, they may intercept the scan being performed by the ESET Online Scanner and hinder performance. You may wish to disable the real-time protection components of your other security software before running the ESET Online Scanner. Remember to turn them back on after you are finished.
17: How can I view the log file from ESET Online Scanner?
http://kb.eset.com/esetkb/index?pag...
http://www.eset.com/home/products/o...
The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\EsetOnlineScanner\log.txt". You can view this file by navigating to the directory and double-clicking on it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start ? Run dialog box from the Start Menu on the desktop.
If no threats are found, you will simply see an information window that no threats were found.
http://www.trishtech.com/security/s...


Report •

#43
January 9, 2013 at 04:51:40

The hitman pro only found some adware and tracking cookies nothing serious.

Report •

#44
January 9, 2013 at 05:19:39

"The hitman pro only found some adware and tracking cookies nothing serious"

That sounds promising, but with infections, no 1 program can keep up with the thousands of new variations coming out every day.

Run ESET when you get a chance.

What time zone are you in please?

3: Run RogueKiller
http://www.softpedia.com/get/Securi...
http://www.softpedia.com/progScreen...
http://majorgeeks.com/RogueKiller_d...
http://www.geekstogo.com/forum/file...
http://www.sur-la-toile.com/RogueKi...
http://www.sur-la-toile.com/RogueKi...
RogueKiller tutorial
http://en.kioskea.net/faq/11626-rog...
•Please quit all programs
•Right-click the RogueKiller file and select "Run as Administrator'
•Press: SCAN
•On the RogueKiller console, click the Registry tab.
•Make sure the entries there are checked.
•Then, press the [Delete] button.
An RKreport (Mode: Delete) is created on the Desktop.
Please provide the RKreport (Mode: Delete) in your reply.
Restart the computer.


Report •

#45
January 9, 2013 at 06:50:14

I am in EST timezone. I downloaded the trial of eset. I started the scan before it updated. But I went ahead and finished the scan because it had already found 1 infection. The scan finished and I rebooted but something strange happened after I rebooted. It found new hardware for some reason. I have not connected anything at all. The only usb devices I have is USB Keyboard USB mouse USB printer and USB Webcam. All the devices are working and nothing has changed. Also I do have a 500 GB SATA as a secound drive 80 GB boot drive. I am really thinking about buying the eset 3 PC's. I will see how the trial goes. Here is the log before the update.

Scan Log
Version of virus signature database: 7699 (20121116)
Date: 1/9/2013 Time: 8:28:28 AM
Scanned disks, folders and files: Operating memory;Boot sector;C:\Boot sector;C:\
Operating memory » C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - error opening [4]
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{F3832C38-F020-4C3D-BB95-7F59E2524A37}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\0oj8mm3a.default\Cache\_CACHE_003_ » SMARTINSTALLMAKER;VER=2 - error - unknown compression method
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/UBCD_BOOT.iso - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/BURNCDCC.TXT - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/BURNCDCC.EXE - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/FreeISOBurner.exe - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/ISO-BURNER.EXE - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » idata.cab » CAB » internalList.zip » ZIP » internalList.dat - error - password-protected file
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » idata.cab » CAB » internalList.zip » ZIP » info.enc - error - password-protected file
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_cza.cab » CAB » avgsbfree_cz.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_daa.cab » CAB » avgsbfree_da.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_esa.cab » CAB » avgsbfree_es.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_fra.cab » CAB » avgsbfree_fr.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_hua.cab » CAB » avgsbfree_hu.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ida.cab » CAB » avgsbfree_id.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ina.cab » CAB » avgsbfree_in.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ita.cab » CAB » avgsbfree_it.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_koa.cab » CAB » avgsbfree_ko.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_msa.cab » CAB » avgsbfree_ms.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_nla.cab » CAB » avgsbfree_nl.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_pla.cab » CAB » avgsbfree_pl.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_pta.cab » CAB » avgsbfree_pt.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_rua.cab » CAB » avgsbfree_ru.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_sca.cab » CAB » avgsbfree_sc.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ska.cab » CAB » avgsbfree_sk.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_spa.cab » CAB » avgsbfree_sp.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_tra.cab » CAB » avgsbfree_tr.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_usa.cab » CAB » avgsbfree_us.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_zha.cab » CAB » avgsbfree_zh.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_zta.cab » CAB » avgsbfree_zt.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\Downloads\Setup(1).exe - probably a variant of Win32/Adware.iBryte.C application - cleaned by deleting - quarantined [1]
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Ahead Nero Burning Rom-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Babylon.Toolbar-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BrokenApplicationPaths.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BrokenApplicationPaths.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » BurstMedia-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Cache-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » CasaleMedia-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Common Dialogs-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Cookie-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » DoubleClick-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » History-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » iCrossRider-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.lst - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » IncrediBar-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » IncrediBar-0000.md5 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/bh/incredibar.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarApp.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarEng.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarsrv.exe - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarTlbr.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/uninstall.exe - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Internet Explorer-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Quarantine.lst - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Log-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Log-0000.md5 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/SchedLgU.Txt - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/setupapi.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wbemcore.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wbemess.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wmiprov.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » MediaPlex-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » MS Direct3D-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » MS DirectDraw-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » MS DirectInput-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » MS Media Player-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » MS Office 11.0 (Word)-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » MusicMatch JukeBox-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Statcounter-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Windows Explorer-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Windows Media SDK-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Windows-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Windows.OpenWith-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Program Files\Common Files\Acronis\TrueImageHome\agent_ramdisk.dat » GZIP » agent_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\ramdisk.dat » GZIP » ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\rescuecd_ramdisk.dat » GZIP » rescuecd_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\wiper_ramdisk.dat » GZIP » wiper_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi » MSI » required.cab » CAB - error reading archive
C:\Program Files\Microsoft CAPICOM 2.1.0.2\License\license.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\OFFICE11\1033\VIDEO.MHT » MIME - is OK (internal scanning not performed)
Number of scanned objects: 215865
Number of threats found: 1
Number of cleaned objects: 1
Time of completion: 9:07:50 AM Total scanning time: 2362 sec (00:39:22)

Notes:
[1] Object has been deleted as it only contained the virus body.
[4] Object cannot be opened. It may be in use by another application or operating system.


Report •

#46
January 9, 2013 at 07:58:27

Here is the log after the update. I am sorry for posting 2 logs. I do have some good news. I am getting my HP Desktop back from my brother in law. It has Windows 7 and an AMD processor I like AMD better than Intel. I will still use this Gateway I hope to get it clean.

Scan Log
Version of virus signature database: 7876 (20130109)
Date: 1/9/2013 Time: 10:22:26 AM
Scanned disks, folders and files: Operating memory;Boot sector;C:\Boot sector;C:\
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{F3832C38-F020-4C3D-BB95-7F59E2524A37}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BP3U6F7C\6001.18000.080118-1840-kb3aikl_en[1].iso » ISO » netfxia64.exe - decompression could not complete (possible reasons: insufficient free memory or disk space, or a problem with temp folders)
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BP3U6F7C\6001.18000.080118-1840-kb3aikl_en[1].iso » ISO » netfxx86.exe - error reading archive
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\EFZM4TH7\JavaSetup7u10[1].exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\EFZM4TH7\JavaSetup7u10[1].exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\EFZM4TH7\JavaSetup7u10[1].exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\My Documents\JavaSetup7u10.exe » CAB » jusched - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\My Documents\JavaSetup7u10.exe » CAB » task.xml - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\My Documents\JavaSetup7u10.exe » CAB » task64.xml - archive damaged - the file could not be extracted.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/UBCD_BOOT.iso - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/BURNCDCC.TXT - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/BURNCDCC.EXE - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/FreeISOBurner.exe - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\UBCD_BOOT.iso.7z » 7ZIP » Software/ISO-BURNER.EXE - Incorrect file checksum (CRC); the file is probably password protected.
C:\Documents and Settings\Administrator\My Documents\Your Gmail address dawgfan1785@gmail.com has been created.txt » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » idata.cab » CAB » internalList.zip » ZIP » internalList.dat - error - password-protected file
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » idata.cab » CAB » internalList.zip » ZIP » info.enc - error - password-protected file
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_cza.cab » CAB » avgsbfree_cz.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_daa.cab » CAB » avgsbfree_da.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_esa.cab » CAB » avgsbfree_es.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_fra.cab » CAB » avgsbfree_fr.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_hua.cab » CAB » avgsbfree_hu.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ida.cab » CAB » avgsbfree_id.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ina.cab » CAB » avgsbfree_in.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ita.cab » CAB » avgsbfree_it.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_koa.cab » CAB » avgsbfree_ko.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_msa.cab » CAB » avgsbfree_ms.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_nla.cab » CAB » avgsbfree_nl.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_pla.cab » CAB » avgsbfree_pl.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_pta.cab » CAB » avgsbfree_pt.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_rua.cab » CAB » avgsbfree_ru.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_sca.cab » CAB » avgsbfree_sc.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_ska.cab » CAB » avgsbfree_sk.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_spa.cab » CAB » avgsbfree_sp.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_tra.cab » CAB » avgsbfree_tr.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_usa.cab » CAB » avgsbfree_us.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_zha.cab » CAB » avgsbfree_zh.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\AVG2\AV\avg_ipw_x64_all_2012_1780a3823.exe » 7ZSD » lng_zta.cab » CAB » avgsbfree_zt.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Ahead Nero Burning Rom-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Ahead Nero Burning Rom-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Babylon.Toolbar-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BrokenApplicationPaths.zip » ZIP » sbRecovery.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BrokenApplicationPaths.zip » ZIP » sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip » ZIP » BurstMedia-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cache-0000.zip » ZIP » Cache-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip » ZIP » CasaleMedia-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Common Dialogs-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Common Dialogs-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip » ZIP » Cookie-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip » ZIP » DoubleClick-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\History-0000.zip » ZIP » History-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » iCrossRider-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.lst - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » IncrediBar-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » IncrediBar-0000.md5 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/bh/incredibar.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarApp.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarEng.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarsrv.exe - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/incredibarTlbr.dll - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip » ZIP » Program Files/Incredibar.com/incredibar/1.5.11.14/uninstall.exe - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Internet Explorer-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Quarantine.lst - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Log-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » Log-0000.md5 - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/SchedLgU.Txt - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/setupapi.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wbemcore.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wbemess.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Log-0000.zip » ZIP » WINDOWS/System32/wbem/logs/wmiprov.log - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip » ZIP » MediaPlex-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » MS Direct3D-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » MS DirectDraw-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » MS DirectInput-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » MS Media Player-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » MS Office 11.0 (Word)-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MS Office 11.0 (Word)-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » MusicMatch JukeBox-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\MusicMatch JukeBox-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip » ZIP » Statcounter-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Windows Explorer-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Windows Media SDK-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Windows-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » 121125-160815.xml - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.ini - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Windows.OpenWith-0000.sfv - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip » ZIP » Quarantine.reg - error - password-protected file
C:\Program Files\Common Files\Acronis\TrueImageHome\agent_ramdisk.dat » GZIP » agent_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\ramdisk.dat » GZIP » ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\rescuecd_ramdisk.dat » GZIP » rescuecd_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Common Files\Acronis\TrueImageHome\wiper_ramdisk.dat » GZIP » wiper_ramdisk.dat.initrd » CPIO » - archive damaged
C:\Program Files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi » MSI » required.cab » CAB - error reading archive
C:\Program Files\Microsoft CAPICOM 2.1.0.2\License\license.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\OFFICE11\1033\VIDEO.MHT » MIME - is OK (internal scanning not performed)
Number of scanned objects: 246454
Number of threats found: 0
Time of completion: 10:54:33 AM Total scanning time: 1927 sec (00:32:07)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.


Report •

#47
January 9, 2013 at 09:51:02

Well I downloaded the WAIK for XP made the eset rescue. I made it on a 2 GB USB drive. Anyway it will not load. I get an error Windows failed to start. The error is
File: \Boot\BCD

Status: 0xc000000e

Now what? My system I had to do some things in the BIOS even though USB boot was enabled I had to go to the harddrives and set the USB drive as a harddrive. But this system did pretty much the same thing once with a MSE boot disk. Now I will do the online scan first maybe someone has a solution to the USB boot problem. I could put the drive in my other desktop and boot to the USB like that. I think I did that the time I had the problem with the MSE boot disk. So I don't think the problem is related to the USB drive. I will run the online scan. And maybe overnight tonight the boot scan. I see this just may take a few days I think there is other suggestions I still need to do.

BTW What is the record on replies to a problem on this forum?

<edit>
Update
I tried the USB Boot on my laptop. It boots the eset rescue just fine no errors. So it looks like the issue may be with my system. Maybe there is some solution.


Report •

#48
January 9, 2013 at 10:58:06

Record post about 300 (years ago on Win 9x) - nowhere near it yet LOL.

I would keep going with Johnw. It's a bit tiresome I know, but if the result is a squeaky clean system then it is worth it.

Always pop back and let us know the outcome - thanks


Report •

#49
January 9, 2013 at 11:01:59

Thanks for the ESET logs.

"I will run the online scan"
Good.

MSE is what I use to prevent infections getting on the comp.
Malware Prevention
http://www.malwarevault.com/index.html
"There is no magic involved. The majority of malware is installed by the user themselves"

A lot of programs, now give you the choice to install toolbars & other during the install. Either uncheck these items during install, or use Custom.

"The scan finished and I rebooted but something strange happened after I rebooted. It found new hardware for some reason"
Removal of infected parts of the system, may cause other parts to stop working. These then will repair themselves on a reboot or we may have to manually repair.

"I am in EST timezone"
Ok, I'm here, back to bed soon.
http://www.timeanddate.com/worldclo...


Report •

#50
January 9, 2013 at 11:21:53

boot disk Status: 0xc000000e
http://is.gd/ce13lX

Don't forget to run RougeKiller.


Report •

#51
January 9, 2013 at 18:18:21

RougeKiller logfile

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/file...
Website : http://tigzy.geekstogo.com/roguekil...
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Administrator [Admin rights]
Mode : Scan -- Date : 01/09/2013 20:29:24

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD800JD-00MSA1 +++++
--- User ---
[MBR] 6c68f177d135af545e4ecc9a7ea5d4a5
[BSP] 806c5995929b2de3c0c082aa1618b4b7 : Legit3 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD5000AADS-11M2B1 +++++
--- User ---
[MBR] fd999c88e61c65d7096264b39b71c0b2
[BSP] b7dd22fcda41e0525091c68cc714f3c8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 18 | Size: 476938 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01092013_02d2029.txt >>
RKreport[1]_S_01092013_02d2029.txt


I am going to run the eset online again. When I came home it was still scanning. It was scanning the 500 GB. The 500 GB has at least 300 GB used if not more. I just stopped it. It was over 7 hours. Is the online one same as the one installed?


Report •

#52
January 9, 2013 at 19:07:43

"Is the online one same as the one installed?"
Doubt it, that's probably why the installed one couldn't remove all those files.

Also, I did post this previously.

I already have an antivirus program installed, isn't that enough?
http://www.squidoo.com/the-best-fre...


Report •

#53
January 10, 2013 at 00:33:56

I did the online scan again. I didn't see an option to view a log.

Report •

#54
January 10, 2013 at 01:58:12

My post #42
Did you look here > The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\EsetOnlineScanner\log.txt". You can view this file by navigating to the directory and double-clicking on it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start ? Run dialog box from the Start Menu on the desktop.

Or maybe this applies, also on my post #42 > If no threats are found, you will simply see an information window that no threats were found.
http://www.trishtech.com/security/s...

Have you been into > Spybot - Search & Destroy & deleted all those quarantined files?

Download Security Check by screen317 from one of the following links and save it to your desktop.
http://screen317.spywareinfoforum.o...
http://screen317.changelog.fr/Secur...
* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Save it to your Desktop.
* Double click SecurityCheck.exe. If you run Windows Vista or 7, right click and choose 'Run as Administrator'.
o If you are asked by Windows to run this program or not, please click 'Yes' or 'Run'.
o When you see a console window, press any key to continue scanning.
o Wait while it scans.
o If your firewall alerts you of Security Check, please press 'Allow' or similar.
* A Notepad document should open automatically after scan is completed. It will be called checkup.txt; please post the contents of that document.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.


Report •

#55
January 11, 2013 at 03:04:35

OK Thanks. Here is the log for that. Sorry for the delay. I did not get on last night. I really thing the net slowing down was my brother in law. There moving today so I will not be sharing the wi-fi anymore. .

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-10 01:23:40
# local_time=2013-01-09 08:23:40 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8204 16776701 100 92 0 3770770 0 0
# scanned=126730
# found=7
# cleaned=0
# scan_time=25233
# nod_component=V3 Build:0x30000000
T:\BACKUP-HP-12-2-12\Chris\Downloads\SoftonicDownloader_for_talking-tom-cat.exe a variant of Win32/SoftonicDownloader.E application (unable to clean) EA286046067E2259FA1F2CBDE74E9819535439FF I
T:\BACKUP-HP-12-2-12\LEXAR\Chris\DELL 10-27-12\Downloads\iLividSetupV1.exe Win32/Toolbar.SearchSuite application (unable to clean) E282AE6F9010A57E32628A3678218C7DEC5283CC I
T:\IMPORTANT2\oi_setup.exe a variant of Win32/OpenInstall application (unable to clean) 293EA3BB9DE1A62A42C18241E9EB63803DC044A0 I
T:\IMPORTANT2\SoftonicDownloader_for_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) C707640F61B794CE666E23470798415D6445062E I
T:\IMPORTANT2\Ahead[1].Nero.7.xx.All.Editions_KEYGEN-FFF\Keygen.exe a variant of Win32/Keygen.AJ application (unable to clean) BF0083D91171615741454447E4A5FC75BEBD4A15 I
T:\IMPORTANT2\Dell 2-13-12\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application (unable to clean) 57889881D67CA307D7542E9670F3DA21959AEE4A I
T:\IMPORTANT2\Kelly Malcolm\Kelly\AppData\Local\Temp\jar_cache4793502705589174431.tmp multiple threats (unable to clean) DFD3B894A006BD398C8E932CA940721BD1D0161E I
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-10 04:26:32
# local_time=2013-01-09 11:26:32 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8204 16776701 100 92 0 3781742 0 0
# scanned=78739
# found=0
# cleaned=0
# scan_time=4950
# nod_component=V3 Build:0x30000000
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-10 09:47:10
# local_time=2013-01-10 04:47:10 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8204 16776701 100 92 0 3800980 0 0
# scanned=78763
# found=0
# cleaned=0
# scan_time=4190
# nod_component=V3 Build:0x30000000


Report •

#56
January 11, 2013 at 03:40:44

Thanks for the log.

Still got problems that ESET was unable to remove.

Download Security Check by screen317 from one of the following links and save it to your desktop.
http://screen317.spywareinfoforum.o...
http://screen317.changelog.fr/Secur...
* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Save it to your Desktop.
* Double click SecurityCheck.exe. If you run Windows Vista or 7, right click and choose 'Run as Administrator'.
o If you are asked by Windows to run this program or not, please click 'Yes' or 'Run'.
o When you see a console window, press any key to continue scanning.
o Wait while it scans.
o If your firewall alerts you of Security Check, please press 'Allow' or similar.
* A Notepad document should open automatically after scan is completed. It will be called checkup.txt; please post the contents of that document.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.


Report •

#57
January 11, 2013 at 03:47:07

Re ESET, keep that online program, don't delete it, we may need to use it again.
It is a tool that only needs updating to use again, very handy for using on friends/family comps.

Report •

#58
January 11, 2013 at 03:58:56

With your time zone, I had no idea what part of the world you were in, I now see you are in United States & it is early in the morning.

Are you staying with me for a while?


Report •

#59
January 11, 2013 at 04:23:23

Are you staying with me for a while?
Yes.
by EST I mean Eastern Standard Time

Report •

#60
January 11, 2013 at 04:28:43

Here is security Check log. And yes I will defrag later.

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u]
Windows Firewall Enabled!
Please wait while WMIC compiles updated MOF files.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
E
S
E
T
ECHO is off.
N
O
D
3
2
ECHO is off.
A
n
t
i
v
i
r
u
s
ECHO is off.
5
.
2
ECHO is off.
Antivirus up to date!
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u]
Windows Defender
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java 7 Update 10
Java 2 Runtime Environment, SE v1.4.2
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]
Windows Defender MSMpEng.exe
Windows Defender MSASCui.exe
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Windows Defender MsMpEng.exe
Windows Defender MSASCui.exe
[b][u]`````````````````System Health check`````````````````[/b][/u]
Total Fragmentation on Drive C:: 12% [color=red][b]Defragment your hard drive soon! (Do NOT defrag if SSD!)[/b][/color]
[b][u]````````````````````End of Log``````````````````````[/b][/u]


Report •

#61
January 11, 2013 at 04:37:26

Open CCleaner > Tools > Uninstall, down the bottom right hand corner, Click on > Save to text file. Save file to Desktop. Post that info please.

Report •

#62
January 11, 2013 at 05:00:19

Acronis True Image Home Acronis 3/30/2012 234.00 MB 11.0.8053
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 1/9/2013 11.5.502.146
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 1/9/2013 11.5.502.146
Adobe Reader X (10.1.5) Adobe Systems Incorporated 1/9/2013 117.00 MB 10.1.5
Amazon MP3 Downloader 1.0.17 Amazon Services LLC 12/31/2012 1.0.17
ATT-PRT22 12/31/2012
Belarc Advisor 8.2 Belarc Inc. 12/31/2012 8.2.7.16
Big Game Hunter II 12/31/2012
Cabela's Big Game Hunter 2004 Season 12/31/2012
CCleaner Piriform 11/6/2012 3.24
Compatibility Pack for the 2007 Office system Microsoft Corporation 1/9/2013 151.00 MB 12.0.6612.1000
Creative PCI Audio Drivers 12/9/2012
Defraggler Piriform 12/31/2012 2.11
DoMore 1
EASEUS Partition Master 4.0 Professional EASEUS 10/10/2012
EnGenius 11n USB Wireless LAN Driver and Utility EnGenius Technologies 11/28/2012 1.00.0147
ESET NOD32 Antivirus ESET, spol. s r.o. 1/9/2013 70.47 MB 5.2.15.0
ESET Online Scanner v3 1/11/2013
Field & Stream ® Trophy Buck 12/31/2012
Flight For Windows95 12/31/2012
Gateway Drivers and Applications Recovery 12/31/2012
Gateway User's Guide 12/31/2012
Google Chrome Google Inc. 10/8/2012 23.0.1271.97
GTA San Andreas Rockstar Games 8/29/2012 1.00.00001
Hard Truck 18 Wheels of Steel ValueSoft 11/25/2012 1.00.0000
HP Customer Participation Program 14.0 HP 12/31/2012 14.0
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP 12/31/2012 14.0
HP Imaging Device Functions 14.0 HP 12/31/2012 14.0
HP Photo Creations HP Photo Creations Powered by RocketLife 12/31/2012 1.0.0.7702
HP Product Detection Hewlett-Packard Company 3/30/2012 1.90 MB 10.7.9.0
HP Smart Web Printing 4.60 HP 12/31/2012 4.60
HP Solution Center 14.0 HP 12/31/2012 14.0
HP Update Hewlett-Packard 3/31/2012 3.98 MB 5.003.001.001
Hunting Unlimited 2011 Valusoft 11/26/2012 1.00.0000
Intel(R) PRO Network Adapters and Drivers 12/31/2012
Intel(R) PROSet Intel 3/1/2003 14.77 MB 6.05.2001
Java 2 Runtime Environment, SE v1.4.2 Sun Microsystems, Inc. 9/3/2003 61.66 MB 1.4.2
Java 7 Update 10 Oracle 1/9/2013 128.00 MB 7.0.100
Logitech Desktop Messenger Logitech, Inc. 12/31/2012 2.52.18
Logitech QuickCam Logitech Inc. 3/30/2012 45.55 MB 10.51.2029
Logitech® Camera Driver 12/31/2012
Malwarebytes Anti-Malware version 1.70.0.1100 Malwarebytes Corporation 12/30/2012 1.70.0.1100
Microsoft .NET Framework 1.1 1/9/2013
Microsoft .NET Framework 2.0 Service Pack 2 Microsoft Corporation 1/9/2013 183.00 MB 2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2 Microsoft Corporation 1/9/2013 253.00 MB 3.2.30729
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 1/9/2013
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 1/9/2013 4.0.30319
Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Corporation 11/9/2012
Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation 3/30/2012 1
Microsoft Flight Simulator 2002 12/31/2012
Microsoft Flight Simulator 98 12/31/2012
Microsoft Midtown Madness 12/31/2012
Microsoft Midtown Madness 2 12/31/2012
Microsoft Office File Validation Add-In Microsoft Corporation 11/9/2012 11.21 MB 14.0.5130.5003
Microsoft Office Live Add-in 1.5 Microsoft Corporation 11/11/2012 0.50 MB 2.0.4024.1
Microsoft Office Outlook Connector Microsoft Corporation 11/9/2012 7.76 MB 12.0.6423.1000
Microsoft Office Professional Edition 2003 Microsoft Corporation 1/9/2013 1,110.00 MB 11.0.8173.0
Microsoft Silverlight Microsoft Corporation 11/9/2012 37.70 MB 5.1.10411.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11/9/2012 1.74 MB 3.1.0000
Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Corporation 3/30/2012
Microsoft Virtual PC 2007 SP1 Microsoft Corporation 11/24/2012 38.04 MB 6.0.192.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 3/30/2012 5.28 MB 8.0.61001
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 1/1/2013 14.97 MB 10.0.40219
Mozilla Firefox 17.0.1 (x86 en-US) Mozilla 1/11/2013 17.0.1
Mozilla Maintenance Service Mozilla 12/31/2012 17.0.1
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 10/11/2012 1.42 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 10/11/2012 2.77 MB 4.20.9876.0
MSXML 6.0 Parser (KB927977) Microsoft Corporation 11/24/2012 1.44 MB 6.00.3890.0
MUSICMATCH® Jukebox 12/31/2012
NASCAR Revolution SE 12/31/2012
Nero BurnRights 12/31/2012
Nero OEM 1/9/2013
NVIDIA Drivers 12/28/2012
PowerDVD 12/31/2012
Recuva Piriform 12/31/2012 1.44
Roll 12/31/2012
Shop for HP Supplies HP 12/31/2012 14.0
Sierra Utilities 12/31/2012
Total Commander (Remove or Repair) Ghisler Software GmbH 12/31/2012 8.01
VLC media player 2.0.5 VideoLAN 12/31/2012 2.0.5
WinASO Registry Optimizer 4.7.7 X.M.Y International LLC 1/8/2013
Windows Automated Installation Kit Microsoft Corporation 1/9/2013 1,123.00 MB 1.1.0.0
Windows Defender Microsoft Corporation 12/3/2012 8.77 MB 1.1.1593.21
Windows Internet Explorer 8 Microsoft Corporation 1/7/2013 20090308.140743
Windows Live Essentials Microsoft Corporation 11/9/2012 14.0.8117.0416
Windows Live Sign-in Assistant Microsoft Corporation 11/9/2012 1.93 MB 5.000.818.5
Windows Live Sync Microsoft Corporation 11/9/2012 2.79 MB 14.0.8117.416
Windows Live Upload Tool Microsoft Corporation 11/9/2012 0.22 MB 14.0.8014.1029
Windows Media Format 11 runtime 12/31/2012
Windows Media Player 11 12/31/2012
Windows XP Service Pack 3 Microsoft Corporation 3/30/2012 20080414.031525
Yahoo! Messenger Yahoo! Inc. 1/10/2013
YTD Video Downloader 3.9.4 GreenTree Applications SRL 12/31/2012

Report •

#63
January 11, 2013 at 05:09:26

What Realtime AV do you have installed?

AVG was mentioned in the ESET trial scan.

Have you now made ESET your main AV, you can only have one realtime AV installed.

The ESET online scanner dos'nt count.


Report •

#64
January 11, 2013 at 05:25:53

I have the trial of eset. I have had AVG in the past. It was removed. Not even sure why it was in the log.

Report •

#65
January 11, 2013 at 05:27:40

Run TFC
http://www.geekstogo.com/forum/file...
http://oldtimer.geekstogo.com/TFC.exe
http://www.itxassociates.com/OT-Too...
Please double-click TFC.exe to run it. (Note: If you are running on Vista/Windows 7, right-click on the file and choose Run As Administrator).
It will close all programs when run, so make sure you have saved all your work before you begin.
Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Then Run ComboFix & post the log please.
http://www.bleepingcomputer.com/dow...
http://download.bleepingcomputer.co...
http://www.techsupportforum.com/sec...
http://www.forospyware.com/sUBs/Com...
A guide and tutorial on using ComboFix
http://www.bleepingcomputer.com/com...
Note:
Do not mouseclick combofix's window while it is running. That may cause it to stall.
If after running Combofix you discover none of your programs will open up, and you recieve the following error: "Illegal operation attempted on a registry key that has been marked for deletion". Then the answer is to REBOOT the machine, and all will be corrected.
Can't Install an Antivirus - Windows Security Center still detects previous AV
http://www.experts-exchange.com/Vir...
We are almost ready to start ComboFix, but before we do so, we need to take some preventative measures so that there are no conflicts with other programs when running ComboFix. At this point you should do the following:
* Close all open Windows including this one.
* Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix. Instructions on disabling these type of programs can be found in this topic.
http://www.bleepingcomputer.com/for...
Once these two steps have been completed, double-click on the ComboFix icon found on your desktop. Please note, that once you start ComboFix you should not click anywhere on the ComboFix window as it can cause the program to stall. In fact, when ComboFix is running, do not touch your computer at all. The scan could take a while, so please be patient.


Report •

#66
January 11, 2013 at 05:37:43

Re #64

At some time consider going to AVG's website and you will find an uninstaller. This will get rid of AVG remnants. With AV's the trick is to ensure that they are not running when you do the uninstall (although even then some bits can get left behind).

Always pop back and let us know the outcome - thanks


Report •

#67
January 11, 2013 at 05:49:19

"by EST I mean Eastern Standard Time"
We have EST in Australia too, as does the Caribbean & Central America.

Report •

#68
January 11, 2013 at 09:54:54

Derek January 11, 2013 at 08:37:43

At some time consider going to AVG's website and you will find an uninstaller.

OK I will do that.

Johnw January 11, 2013 at 08:49:19

"by EST I mean Eastern Standard Time"
We have EST in Australia too, as does the Caribbean & Central America

OK Sorry again for the delay had a flaw in the slaw.. I actually had an issue at my bank with the auto pay to my phone and internet bill. I had to get money to get it paid. It is taking care of now. I will get that combo fix log. It has to install recovery console. I will try and post back as soon as I can.


Report •

#69
January 11, 2013 at 10:36:07

Here is the log for combofix

ComboFix 13-01-11.01 - Administrator 01/11/2013 13:22:32.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3655.3082 [GMT -5:00]
Running from: c:\documents and settings\Administrator\My Documents\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\system32\Cache
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-11 to 2013-01-11 )))))))))))))))))))))))))))))))
.
.
2013-01-11 13:28 . 2013-01-11 17:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Audacity
2013-01-11 13:28 . 2013-01-11 13:28 -------- d-----w- c:\program files\Audacity
2013-01-11 06:43 . 2013-01-11 06:43 60872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{15967234-A885-467F-B690-D3B893CD23F0}\offreg.dll
2013-01-11 06:40 . 2012-11-19 06:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{15967234-A885-467F-B690-D3B893CD23F0}\mpengine.dll
2013-01-09 17:15 . 2013-01-09 17:15 -------- d-----w- c:\program files\Windows Imaging
2013-01-09 17:13 . 2013-01-09 17:15 -------- d-----w- c:\program files\Windows AIK
2013-01-09 17:10 . 2013-01-09 17:10 -------- d-----w- C:\WAIK
2013-01-09 17:06 . 2013-01-09 17:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2013-01-09 15:00 . 2013-01-09 15:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun
2013-01-09 14:59 . 2013-01-09 14:58 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-01-09 14:59 . 2013-01-09 14:58 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-09 14:59 . 2013-01-09 14:58 779704 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-09 14:59 . 2013-01-09 14:58 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-09 14:55 . 2013-01-09 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2013-01-09 13:38 . 2013-01-09 13:38 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2013-01-09 13:24 . 2013-01-09 18:00 -------- d-----w- c:\program files\ESET
2013-01-09 13:24 . 2013-01-09 13:24 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2013-01-09 02:50 . 2013-01-09 02:50 30616 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-01-08 13:24 . 2013-01-08 13:24 -------- d-----w- c:\windows\ERUNT
2013-01-08 13:24 . 2013-01-08 13:24 -------- d-----w- C:\JRT
2013-01-07 15:24 . 2013-01-07 15:24 -------- dc-h--w- c:\windows\ie8
2013-01-01 23:03 . 2013-01-01 23:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\AVG
2012-12-31 18:10 . 2012-12-31 18:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2012-12-31 18:07 . 2012-12-31 22:00 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Avg2013
2012-12-31 18:07 . 2012-12-31 18:07 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\MFAData
2012-12-31 17:57 . 2012-12-31 17:57 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-12-31 17:54 . 2012-12-31 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-12-19 14:51 . 2012-12-19 14:51 -------- d-----w- c:\windows\Microsoft Antimalware
2012-12-18 14:28 . 2012-12-18 14:28 186584 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-12-17 23:21 . 2012-12-17 23:21 -------- d-----w- c:\program files\GreenTree Applications
2012-12-17 22:13 . 2012-12-19 13:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc
2012-12-17 22:12 . 2012-12-17 22:12 -------- d-----w- c:\program files\VideoLAN
2012-12-17 21:20 . 2012-12-17 21:20 -------- d-----w- c:\windows\system32\winrm
2012-12-17 21:20 . 2012-12-17 21:20 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2012-12-15 22:10 . 2012-12-15 22:10 -------- d-----w- C:\dell
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 18:05 . 2012-04-11 11:24 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 18:05 . 2012-03-30 19:05 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2003-03-01 15:35 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:49 . 2012-04-05 15:08 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-10 23:09 . 2012-12-10 23:09 400384 ----a-w- c:\windows\WBDBP32I.DLL
2012-12-05 21:47 . 2012-11-24 17:03 164880 ---ha-w- c:\documents and settings\Administrator\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll
2012-11-28 19:49 . 2012-11-28 19:49 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys
2012-11-28 19:49 . 2012-11-28 19:49 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe
2012-11-26 12:03 . 2012-11-26 12:03 26 ----a-w- c:\windows\winstart.bat
2012-11-26 12:03 . 2012-11-26 12:03 123 ----a-w- c:\windows\tmpcpyis.bat
2012-11-26 12:03 . 2012-11-26 12:03 122 ----a-w- c:\windows\tmpdelis.bat
2012-11-25 22:10 . 2012-11-25 22:10 56832 ------w- c:\windows\system32\iyvu9_32.dll
2012-11-25 22:10 . 2012-10-11 01:09 143872 ------w- c:\windows\system32\iacenc.dll
2012-11-25 22:10 . 2012-11-25 22:10 756736 ------w- c:\windows\system32\ir41_32.dll
2012-11-25 08:00 . 2012-11-25 08:00 229224 ----a-w- c:\windows\system32\drivers\VMM.sys
2012-11-19 06:04 . 2012-12-03 15:53 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-11-16 18:57 . 2012-11-16 18:57 160856 ----a-w- c:\windows\system32\drivers\eamon.sys
2012-11-13 01:25 . 2003-03-01 15:39 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01 . 2012-03-30 15:51 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02 . 2002-12-12 06:14 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17 . 2004-02-07 00:05 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17 . 2003-03-01 15:37 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17 . 2003-03-01 15:37 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2012-03-30 15:51 385024 ------w- c:\windows\system32\html.iec
2012-10-23 17:25 . 2012-11-27 00:15 340112 ----a-w- c:\windows\system32\HMIPCore.dll
2012-12-06 18:01 . 2012-12-06 18:01 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 86016]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-01-26 53248]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-16 3117384]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
EnGenius 11n USB Wireless LAN Utility.lnk - c:\program files\EnGenius\11n USB Wireless LAN Utility\RtWLan.exe [2012-11-28 933888]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-3-30 67128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete\0bootdelete\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\EnGenius\\11n USB Wireless LAN Utility\\RtWLan.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15842:UDP"= 15842:UDP:UDP 15842
"10944:UDP"= 10944:UDP:UDP 10944
"15260:TCP"= 15260:TCP:TCP 15260
"18962:TCP"= 18962:TCP:TCP 18962
"1542:TCP"= 1542:TCP:Realtek WPS TCP Prot
"1542:UDP"= 1542:UDP:Realtek WPS UDP Prot
"53:UDP"= 53:UDP:Realtek AP UDP Prot
"18437:UDP"= 18437:UDP:UDP 18437
"23114:UDP"= 23114:UDP:UDP 23114
"16674:TCP"= 16674:TCP:TCP 16674
"27560:TCP"= 27560:TCP:TCP 27560
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [3/28/2012 1:06 PM 120152]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3/28/2012 1:06 PM 104160]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11/16/2012 2:24 PM 913184]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [10/10/2012 7:50 PM 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [10/10/2012 7:50 PM 3072]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [1/8/2013 9:50 PM 30616]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192su.sys [11/28/2012 2:49 PM 605856]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [3/31/2012 4:13 PM 25088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 18:05]
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-30 18:46]
.
2013-01-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-30 18:46]
.
2013-01-11 c:\windows\Tasks\HP Photo Creations Communicator.job
- c:\documents and settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe [2012-03-30 19:30]
.
2013-01-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
TCP: DhcpNameServer = 192.168.1.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0oj8mm3a.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - ExtSQL: !HIDDEN! 2012-03-30 14:58; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-11 13:27
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-57989841-1972579041-682003330-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,06,bb,cc,29,36,6f,4c,8c,08,51,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,06,bb,cc,29,36,6f,4c,8c,08,51,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,06,bb,cc,29,36,6f,4c,8c,08,51,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,06,bb,cc,29,36,6f,4c,8c,08,51,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,06,bb,cc,29,36,6f,4c,8c,08,51,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(1180)
c:\windows\system32\relog_ap.dll
.
Completion time: 2013-01-11 13:29:52
ComboFix-quarantined-files.txt 2013-01-11 18:29
.
Pre-Run: 48,118,747,136 bytes free
Post-Run: 48,068,829,184 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
[spybotsd]
timeout.old=30
.
- - End Of File - - 45A71ED3FFB56749B17DE9C6879C8BCB


Report •

#70
January 11, 2013 at 11:09:10

Thanks for the combofix log, that nailed & removed quite a bit.

Did you run TFC?

Please download and run ListParts by Farbar (for 32-bit system):
http://download.bleepingcomputer.co...
Click on the Scan button.
The scan results will open in Notepad.
Post those results in your next reply.


Report •

#71
January 11, 2013 at 11:12:49

TFC Here it is

ListParts by Farbar Version: 30-10-2012
Ran by Administrator (administrator) on 11-01-2013 at 14:12:12
Windows XP (X86)
Running From: C:\Documents and Settings\Administrator\My Documents\Downloads
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 27%
Total physical RAM: 3654.73 MB
Available physical RAM: 2638.02 MB
Total Pagefile: 5030.56 MB
Available Pagefile: 4192.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 2001.23 MB

======================= Partitions =========================

2 Drive c: (OS) (Fixed) (Total:74.53 GB) (Free:44.76 GB) NTFS ==>[Drive with boot components (Windows XP)]
4 Drive t: (CTG) (Fixed) (Total:465.76 GB) (Free:72.93 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 75 GB 0 B
Disk 1 Online 466 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 75 GB 32 KB
======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 75 GB Healthy System (partition with boot components)
======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 466 GB 9 KB
======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 T CTG NTFS Partition 466 GB Healthy
======================================================================================================

****** End Of Log ******


Report •

#72
January 11, 2013 at 11:29:37

"TFC Here it is"

No, that is ListParts, thanks anyway.

TFC, the question still remains, have you run it?


Report •

#73
January 11, 2013 at 12:14:35

Yes I ran TFC.

Report •

#74
January 11, 2013 at 12:24:21

Remove ESET trial version please ( not the Online version ) Let me know when you have done it. Don't download anything until we finish a few steps.
It is in > Add or Remove Programs
http://support.microsoft.com/kb/307895

Report •

#75
January 11, 2013 at 17:24:06

eset has been uninstalled. I ran the AVG removal tool also. I have been busy today. Will keep an eye for the next 3 hours I know as of right now it's about 9:30 am Saturday 1-12-13. I may try to stay up a little longer tonight.

Report •

#76
January 11, 2013 at 17:33:30

"I may try to stay up a little longer tonight"
We are getting very close to the finish line.

Did AVG find anything?


Report •

#77
Report •

#78
January 11, 2013 at 17:49:45

Did AVG find anything?
I only ran the uninstaller. It never asked to reboot after I ran the uninstaller. I am about to install mse. But remember this system will not boot with the USB drive. I guess if I have to I can make a CD for defender offline. I am jumping ahead not even sure what your going to ask next.

Report •

#79
January 11, 2013 at 17:55:46

"I only ran the uninstaller"
Yep, that's what I'm talking about.

"But remember this system will not boot with the USB drive"
I shall get to that soon.


Report •

#80
January 11, 2013 at 18:07:31

Just to say I don't think the AVG uninstaller reports back.
It just removes any remnants it finds and says nothing.
EDIT:
Turns out I was wrong, see #81. Worth knowing.

Always pop back and let us know the outcome - thanks


Report •

#81
January 11, 2013 at 18:11:59

I just googled it Derek.

http://www.bleepingcomputer.com/dow...
After running the program a log file called avgremover.log will be generated in the same location the executable is located. This log file contains information about what AVG programs were detected and what was removed.


Report •

#82
January 11, 2013 at 18:15:46

Well Doh! It was on my desktop. I didn't even notice it I have several logs there now.

I tried posting the log. It's too large. I get
413 Request Entity Too Large


Report •

#83
January 11, 2013 at 18:19:12

"Well Doh! It was on my desktop"
Copy & paste the results please.

Have you installed MSE?


Report •

#84
January 11, 2013 at 18:21:18

Yes MSE is installed.

Report •

#85
January 11, 2013 at 18:22:47

"I tried posting the log. It's too large"

Go to my post #37
How to use.
http://i.imgur.com/C1qBB.gif
http://i.imgur.com/wqOKq.gif


Report •

#86
January 11, 2013 at 18:28:13

Re #81
Ooops - have amended my #80.

Always pop back and let us know the outcome - thanks


Report •

#87
January 11, 2013 at 18:30:31

I am not exactly sure what you need an image of. You mean an image of the log file? I think there used to be a site to upload log files. Or if you want you could PM me your e-mail and I can send it but that's only if you want to and it may not be a good idea if im infected unless your using a mac.

Report •

#88
January 11, 2013 at 18:38:07

"I am not exactly sure what you need an image of"
Not sending an image, you are sending a file, as per this SS.
http://i.imgur.com/C1qBB.gif

See how you go, using email is fine by me, if you can't do it.

Another way is to break the file down into sections/parts & post.


Report •

#89
January 11, 2013 at 18:55:26

I figured out the image uploaded. I added the log. I am having trouble with the stupid capacha thing whatever it's called.

Report •

#90
January 11, 2013 at 19:00:40

OK I will try this.

Part 1

2013-01-12 01:19:01,890 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2013-01-12 01:19:01,906 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:19:01,906 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:19:01,906 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2013-01-12 01:19:01,906 INFO Command line: "C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2013_2706.exe"
2013-01-12 01:19:01,906 WARN AvgDir param empty.
2013-01-12 01:19:01,906 WARN AvgDataDir param empty.
2013-01-12 01:19:01,921 DEBUG Disabling IDP Self Protection has failed with error 0xe0010054
2013-01-12 01:19:08,046 INFO AvgRemover runs in attempt number 1
2013-01-12 01:19:08,046 INFO Attempting to uninstall AVG Identity Protection.
2013-01-12 01:19:08,062 INFO Attempting to uninstall toolbar
2013-01-12 01:19:08,062 INFO ***** Msi data *****
2013-01-12 01:19:08,062 DEBUG No product code found for our upgrade codes, nothing to do here
2013-01-12 01:19:08,062 INFO ***** Exchange&Outlook plugins data *****
2013-01-12 01:19:08,062 INFO Removing AvgOutlook addin
2013-01-12 01:19:08,062 INFO AvgOutlook Removing HKCR addin keys x86
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2013-01-12 01:19:08,062 INFO AvgOutlook Removing HKCR addin keys x64
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'avgoutlook.Addin': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'avgoutlook.Addin.1': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'CLSID\{9F39046C-801E-4E15-8CD9-ACF0ACF29048}': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'CLSID\{F083C5AB-08AD-4ABF-A2BE-8FA5C7D2F10A}': 0xe001003d
2013-01-12 01:19:08,062 DEBUG Failed to delete key 'AppID\avgoutlook.DLL': 0xe001003d
2013-01-12 01:19:08,062 INFO Removing Sharepoint plugin if exists
2013-01-12 01:19:08,062 DEBUG Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2013-01-12 01:19:08,062 DEBUG Failed to open key 'Software\Microsoft\Shared Tools\Web Server Extensions\AVScanner': 0xe0010013
2013-01-12 01:19:08,062 INFO Removing Antispam plugin for Exchange 2000/2003 if exists
2013-01-12 01:19:08,062 DEBUG Stopping service 'MSExchangeIS' to remove VSAPI plugin...
2013-01-12 01:19:08,062 DEBUG Service MSExchangeIS Stop failed (error: c0070424)
2013-01-12 01:19:08,062 DEBUG Exchange&Outlook plugins removal failed with error 0xc0070424
2013-01-12 01:19:08,062 INFO ***** Services *****
2013-01-12 01:19:08,078 INFO Processing service avg8emc, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service avgfws8, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service avg8wd, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgWFPx, it can take several minutes...
2013-01-12 01:19:08,078 INFO Service avgfws8 is not installed
2013-01-12 01:19:08,078 DEBUG Service avgfws8 RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service avgfws8 are not present
2013-01-12 01:19:08,078 INFO Service AvgWFPx is not installed
2013-01-12 01:19:08,078 INFO Service avg8wd is not installed
2013-01-12 01:19:08,078 DEBUG Service avg8wd RegCleanup
2013-01-12 01:19:08,078 INFO Service avg8emc is not installed
2013-01-12 01:19:08,078 DEBUG Registry keys for service avg8wd are not present
2013-01-12 01:19:08,078 DEBUG Service AvgWFPx RegCleanup
2013-01-12 01:19:08,078 DEBUG Service avg8emc RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgWFPx are not present
2013-01-12 01:19:08,078 INFO Processing service AvgMfx86, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgLdx86, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgWFPa, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgMfx64, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service avg9wd, it can take several minutes...
2013-01-12 01:19:08,078 DEBUG Registry keys for service avg8emc are not present
2013-01-12 01:19:08,078 INFO Processing service AvgTdiX, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgTdiA, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgLdx64, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AvgWfpA, it can take several minutes...
2013-01-12 01:19:08,078 INFO Service avg9wd is not installed
2013-01-12 01:19:08,078 INFO Service AvgWFPa is not installed
2013-01-12 01:19:08,078 INFO Service AvgMfx64 is not installed
2013-01-12 01:19:08,078 DEBUG Service avg9wd RegCleanup
2013-01-12 01:19:08,078 DEBUG Service AvgMfx64 RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgMfx64 are not present
2013-01-12 01:19:08,078 DEBUG Registry keys for service avg9wd are not present
2013-01-12 01:19:08,078 INFO Service AvgWfpA is not installed
2013-01-12 01:19:08,078 DEBUG Service AvgWfpA RegCleanup
2013-01-12 01:19:08,078 DEBUG Service AvgWFPa RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgWfpA are not present
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgWFPa are not present
2013-01-12 01:19:08,078 INFO Service AvgTdiX is not installed
2013-01-12 01:19:08,078 INFO Service AvgLdx64 is not installed
2013-01-12 01:19:08,078 DEBUG Service AvgTdiX RegCleanup
2013-01-12 01:19:08,078 DEBUG Service AvgLdx64 RegCleanup
2013-01-12 01:19:08,078 INFO Service AvgTdiA is not installed
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgTdiX are not present
2013-01-12 01:19:08,078 DEBUG Service AvgTdiA RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgLdx64 are not present
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgTdiA are not present
2013-01-12 01:19:08,078 INFO Processing service AvgWfpX, it can take several minutes...
2013-01-12 01:19:08,078 INFO Service AvgMfx86 is not installed
2013-01-12 01:19:08,078 INFO Service AvgLdx86 is not installed
2013-01-12 01:19:08,078 DEBUG Service AvgMfx86 RegCleanup
2013-01-12 01:19:08,078 DEBUG Service AvgLdx86 RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgMfx86 are not present
2013-01-12 01:19:08,078 INFO Service AvgWfpX is not installed
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgLdx86 are not present
2013-01-12 01:19:08,078 INFO Processing service AvgRkx86, it can take several minutes...
2013-01-12 01:19:08,078 DEBUG Service AvgWfpX RegCleanup
2013-01-12 01:19:08,078 INFO Processing service AvgRkx64, it can take several minutes...
2013-01-12 01:19:08,078 INFO Service AvgRkx86 is not installed
2013-01-12 01:19:08,078 DEBUG Service AvgRkx86 RegCleanup
2013-01-12 01:19:08,078 INFO Service AvgRkx64 is not installed
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgRkx86 are not present
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgWfpX are not present
2013-01-12 01:19:08,078 DEBUG Service AvgRkx64 RegCleanup
2013-01-12 01:19:08,078 DEBUG Registry keys for service AvgRkx64 are not present
2013-01-12 01:19:08,078 INFO Processing service avg9emc, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service avgfws9, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AVGIDSAgent, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AVGIDSShimxpx, it can take several minutes...
2013-01-12 01:19:08,078 INFO Processing service AVGIDSDriverxpx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Service avg9emc is not installed
2013-01-12 01:19:08,093 INFO Processing service avgfws, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSDrivervtx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSShimvtx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSFilterxpx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSWatcher, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSDrivervta, it can take several minutes...
2013-01-12 01:19:08,093 DEBUG Service avg9emc RegCleanup
2013-01-12 01:19:08,093 INFO Service AVGIDSDriverxpx is not installed
2013-01-12 01:19:08,093 INFO Service avgfws is not installed
2013-01-12 01:19:08,093 INFO Service AVGIDSShimxpx is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSDriverxpx RegCleanup
2013-01-12 01:19:08,093 INFO Service AVGIDSShimvtx is not installed
2013-01-12 01:19:08,093 DEBUG Service avgfws RegCleanup
2013-01-12 01:19:08,093 DEBUG Service AVGIDSShimvtx RegCleanup
2013-01-12 01:19:08,093 INFO Service AVGIDSDrivervta is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSShimxpx RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSShimvtx are not present
2013-01-12 01:19:08,093 DEBUG Registry keys for service avgfws are not present
2013-01-12 01:19:08,093 DEBUG Service AVGIDSDrivervta RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service avg9emc are not present
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSShimxpx are not present
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSDrivervta are not present
2013-01-12 01:19:08,093 INFO Service AVGIDSAgent is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSAgent RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSAgent are not present
2013-01-12 01:19:08,093 INFO Service AVGIDSWatcher is not installed
2013-01-12 01:19:08,093 INFO Service avgfws9 is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSWatcher RegCleanup
2013-01-12 01:19:08,093 INFO Processing service AVGIDSFiltervtx, it can take several minutes...
2013-01-12 01:19:08,093 DEBUG Service avgfws9 RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSWatcher are not present
2013-01-12 01:19:08,093 DEBUG Registry keys for service avgfws9 are not present
2013-01-12 01:19:08,093 INFO Processing service AVGIDSFiltervta, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSShimw7x, it can take several minutes...
2013-01-12 01:19:08,093 INFO Service AVGIDSFiltervtx is not installed
2013-01-12 01:19:08,093 INFO Service AVGIDSFiltervta is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSFiltervta RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSFiltervta are not present
2013-01-12 01:19:08,093 INFO Service AVGIDSShimw7x is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSFiltervtx RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2013-01-12 01:19:08,093 DEBUG Service AVGIDSShimw7x RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSShimw7x are not present
2013-01-12 01:19:08,093 INFO Service AVGIDSFilterxpx is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSFilterxpx RegCleanup
2013-01-12 01:19:08,093 INFO Processing service AVGIDSDriverw7x, it can take several minutes...
2013-01-12 01:19:08,093 INFO Service AVGIDSDrivervtx is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSDrivervtx RegCleanup
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2013-01-12 01:19:08,093 INFO Service AVGIDSDriverw7x is not installed
2013-01-12 01:19:08,093 INFO Processing service avgwd, it can take several minutes...
2013-01-12 01:19:08,093 DEBUG Service AVGIDSDriverw7x RegCleanup
2013-01-12 01:19:08,093 INFO Processing service AVGIDSErHrw7x, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSErHrvtx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSDriverw7a, it can take several minutes...
2013-01-12 01:19:08,093 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2013-01-12 01:19:08,093 INFO Processing service AVGIDSFilterw7x, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSErHrvta, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSErHrxpx, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSFilterw7a, it can take several minutes...
2013-01-12 01:19:08,093 INFO Processing service AVGIDSErHrw7a, it can take several minutes...
2013-01-12 01:19:08,093 INFO Service AVGIDSFilterw7x is not installed
2013-01-12 01:19:08,093 INFO Service AVGIDSErHrvta is not installed
2013-01-12 01:19:08,093 INFO Service AVGIDSErHrw7x is not installed
2013-01-12 01:19:08,093 DEBUG Service AVGIDSFilterw7x RegCleanup
2013-01-12 01:19:08,093 DEBUG Service AVGIDSErHrvta RegCleanup
2013-01-12 01:19:08,093 DEBUG Service AVGIDSErHrw7x RegCleanup
2013-01-12 01:19:08,093 INFO Service AVGIDSDriverw7a is not installed
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSErHrvta are not present
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2013-01-12 01:19:08,109 DEBUG Service AVGIDSDriverw7a RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2013-01-12 01:19:08,109 INFO Service AVGIDSErHrw7a is not installed
2013-01-12 01:19:08,109 DEBUG Service AVGIDSErHrw7a RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2013-01-12 01:19:08,109 INFO Service AVGIDSFilterw7a is not installed
2013-01-12 01:19:08,109 DEBUG Service AVGIDSFilterw7a RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2013-01-12 01:19:08,109 INFO Service AVGIDSErHrvtx is not installed
2013-01-12 01:19:08,109 DEBUG Service AVGIDSErHrvtx RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2013-01-12 01:19:08,109 INFO Service AVGIDSErHrxpx is not installed
2013-01-12 01:19:08,109 DEBUG Service AVGIDSErHrxpx RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2013-01-12 01:19:08,109 INFO Service avgwd is not installed
2013-01-12 01:19:08,109 DEBUG Service avgwd RegCleanup
2013-01-12 01:19:08,109 DEBUG Registry keys for service avgwd are not present
2013-01-12 01:19:08,109 INFO ***** Avg Fw NDIS driver(separate process) *****
2013-01-12 01:19:08,156 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2013-01-12 01:19:08,156 DEBUG Deleting stuck RunOnce value from registry.
2013-01-12 01:19:08,156 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:19:08,156 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:19:08,156 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2013-01-12 01:19:08,156 INFO Command line: "C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2013_2706.exe" /ndisonly /skipask
2013-01-12 01:19:08,156 WARN AvgDir param empty.
2013-01-12 01:19:08,156 WARN AvgDataDir param empty.
2013-01-12 01:19:08,156 DEBUG Disabling IDP Self Protection has failed with error 0xe0010054
2013-01-12 01:19:08,156 INFO AvgRemover runs in attempt number 1
2013-01-12 01:19:08,156 INFO ***** Avg Fw NDIS driver *****
2013-01-12 01:19:08,156 INFO ...this operation can take several minutes...
2013-01-12 01:19:08,156 INFO FW removing policy
2013-01-12 01:19:09,343 INFO FW NDIS driver not present
2013-01-12 01:19:09,343 DEBUG Remove NDIS driver pass, next uninstalation step is 10, old was 1
2013-01-12 01:19:09,343 INFO ***** end of Fw NDIS separated process *****
2013-01-12 01:19:09,343 INFO ***** Drivers *****
2013-01-12 01:19:09,343 INFO ***** Running AVG process *****
2013-01-12 01:19:09,812 INFO ***** Registry keys and values *****


Report •

#91
January 11, 2013 at 19:02:35

Part 2

2013-01-12 01:19:09,812 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-01-12 01:19:09,812 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2013-01-12 01:19:09,812 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2013-01-12 01:19:09,812 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-01-12 01:19:09,812 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2013-01-12 01:19:09,812 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2013-01-12 01:19:09,812 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2013-01-12 01:19:09,812 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1E73965B-8B48-48be-9C8D-68B920ABC1C4} Remove
2013-01-12 01:19:09,812 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1E73965B-8B48-48be-9C8D-68B920ABC1C4} is not present
2013-01-12 01:19:09,812 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2013-01-12 01:19:09,812 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2013-01-12 01:19:09,812 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2013-01-12 01:19:09,812 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg10Alrt not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg2012Alrt not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avgloga
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgloga ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgloga not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avgloga
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgloga ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgloga not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSHA
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHA ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHA not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSHA
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHA ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHA not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avgdiag
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgdiag ForceRemove
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgdiag not found
2013-01-12 01:19:09,812 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avgdiag
2013-01-12 01:19:09,812 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgdiag ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\Avgdiag not found
2013-01-12 01:19:09,828 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSShim
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSShim ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSShim not found
2013-01-12 01:19:09,828 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSShim
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSShim ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSShim not found
2013-01-12 01:19:09,828 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSHX
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHX ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHX not found
2013-01-12 01:19:09,828 INFO Processing registry SYSTEM\CurrentControlSet\Services\AVGIDSHX
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHX ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SYSTEM\CurrentControlSet\Services\AVGIDSHX not found
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-01-12 01:19:09,828 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2013-01-12 01:19:09,828 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,828 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2013-01-12 01:19:09,828 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2013-01-12 01:19:09,828 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,843 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2013-01-12 01:19:09,843 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,843 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_UI Remove
2013-01-12 01:19:09,843 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_UI is not present
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,843 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_UI Remove
2013-01-12 01:19:09,843 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_UI is not present
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Avg9LsUninstall not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-01-12 01:19:09,843 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-01-12 01:19:09,843 INFO Processing registry SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb\command
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb\command ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb\command not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell\AvgDxOpenVerb not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdi\shell
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi\shell not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdi
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdi not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\.avgdx
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\.avgdx not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension ForceRemove
2013-01-12 01:19:09,859 DEBUG Key SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\AVG Shell Extension not found
2013-01-12 01:19:09,859 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG9 Shell Extension not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG Shell Extension not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\avgsbg.state
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\avgsbg.state.1
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\avgsbg.state.1 not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2013-01-12 01:19:09,875 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2013-01-12 01:19:09,875 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter ForceRemove
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter not found
2013-01-12 01:19:09,890 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2013-01-12 01:19:09,890 INFO Processing registry SOFTWARE\Classes\LinkScannerIE.NavFilter.1
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 ForceRemove
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\LinkScannerIE.NavFilter.1 not found
2013-01-12 01:19:09,890 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2013-01-12 01:19:09,890 INFO Processing registry SOFTWARE\Classes\MicroScanner.MicroScanner
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner ForceRemove
2013-01-12 01:19:09,890 DEBUG Key SOFTWARE\Classes\MicroScanner.MicroScanner not found
2013-01-12 01:19:09,890 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AVGSE.DLL not found
2013-01-12 01:19:09,906 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,906 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2013-01-12 01:19:09,906 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2013-01-12 01:19:09,906 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2013-01-12 01:19:09,906 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY Remove
2013-01-12 01:19:09,906 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG_TRAY is not present
2013-01-12 01:19:09,906 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2013-01-12 01:19:09,906 INFO Processing registry SOFTWARE\Classes\AppID\avgsbg.DLL
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SOFTWARE\Classes\AppID\avgsbg.DLL not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\Control\GroupOrderList
2013-01-12 01:19:09,906 DEBUG Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG Remove
2013-01-12 01:19:09,906 INFO Value SYSTEM\ControlSet001\Control\GroupOrderList:AVG is not present
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\Avg
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avg ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avg not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\Avgfwfd
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avgfwfd not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\AVG Security Toolbar Service
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\AVG Security Toolbar Service not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\Avgfws
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avgfws ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\Avgfws not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSAgent
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent ForceRemove
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSAgent not found
2013-01-12 01:19:09,906 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSDriver
2013-01-12 01:19:09,906 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSDriver ForceRemove
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSEH
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSEH not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\AVGIDSFilter
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\AVGIDSFilter not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgldx64
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgldx64 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgldx86
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgldx86 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx64
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgmfx64 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgmfx86
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgmfx86 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx64
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgrkx64 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgrkx86
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgrkx86 not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgtdia
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgtdia ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgtdia not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgtdix
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgtdix ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgtdix not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgwd
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwd ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwd not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgfwdx
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgfwdx not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgfwda
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgfwda ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgfwda not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpa
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwfpa not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet001\services\avgwfpx
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx ForceRemove
2013-01-12 01:19:09,921 DEBUG Key SYSTEM\ControlSet001\services\avgwfpx not found
2013-01-12 01:19:09,921 INFO Processing registry SYSTEM\ControlSet002\services\Avg
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avg ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avg not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\Avgfwfd
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avgfwfd not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\AVG Security Toolbar Service
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVG Security Toolbar Service not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\Avgfws
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avgfws ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\Avgfws not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSAgent
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSAgent not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSDriver
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSDriver not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSEH
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSEH not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\AVGIDSFilter
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\AVGIDSFilter not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\avgldx64
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgldx64 not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\avgldx86
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgldx86 not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx64
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgmfx64 not found
2013-01-12 01:19:09,937 INFO Processing registry SYSTEM\ControlSet002\services\avgmfx86
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 ForceRemove
2013-01-12 01:19:09,937 DEBUG Key SYSTEM\ControlSet002\services\avgmfx86 not found


Report •

#92
January 11, 2013 at 19:04:42

Part 3

2013-01-12 01:19:10,328 INFO Processing registry .avgdxa
2013-01-12 01:19:10,328 DEBUG Key .avgdxa ForceRemove
2013-01-12 01:19:10,328 DEBUG Key .avgdxa not found
2013-01-12 01:19:10,328 INFO Processing registry aAvgAPI.AvgBro
2013-01-12 01:19:10,328 DEBUG Key aAvgAPI.AvgBro ForceRemove
2013-01-12 01:19:10,328 DEBUG Key aAvgAPI.AvgBro not found
2013-01-12 01:19:10,328 INFO Processing registry AVG.Office
2013-01-12 01:19:10,328 DEBUG Key AVG.Office ForceRemove
2013-01-12 01:19:10,328 DEBUG Key AVG.Office not found
2013-01-12 01:19:10,328 INFO Processing registry AVG.Office.8
2013-01-12 01:19:10,328 DEBUG Key AVG.Office.8 ForceRemove
2013-01-12 01:19:10,328 DEBUG Key AVG.Office.8 not found
2013-01-12 01:19:10,328 INFO Processing registry AvgDiagFile
2013-01-12 01:19:10,328 DEBUG Key AvgDiagFile ForceRemove
2013-01-12 01:19:10,328 DEBUG Key AvgDiagFile not found
2013-01-12 01:19:10,328 INFO Processing registry AvgDiagExFile
2013-01-12 01:19:10,328 DEBUG Key AvgDiagExFile ForceRemove
2013-01-12 01:19:10,328 DEBUG Key AvgDiagExFile not found
2013-01-12 01:19:10,328 INFO Processing registry avgtoolbar.AVGTOOLBAR
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2013-01-12 01:19:10,328 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2013-01-12 01:19:10,328 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2013-01-12 01:19:10,328 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2013-01-12 01:19:10,328 INFO Processing registry LinkScannerIE.NavFilter
2013-01-12 01:19:10,328 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2013-01-12 01:19:10,328 DEBUG Key LinkScannerIE.NavFilter not found
2013-01-12 01:19:10,328 INFO Processing registry LinkScannerIE.NavFilter.1
2013-01-12 01:19:10,328 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2013-01-12 01:19:10,328 DEBUG Key LinkScannerIE.NavFilter.1 not found
2013-01-12 01:19:10,328 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2013-01-12 01:19:10,343 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-01-12 01:19:10,343 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-01-12 01:19:10,343 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2013-01-12 01:19:10,343 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2013-01-12 01:19:10,343 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2013-01-12 01:19:10,343 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2013-01-12 01:19:10,359 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2013-01-12 01:19:10,359 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2013-01-12 01:19:10,359 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2013-01-12 01:19:10,359 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2013-01-12 01:19:10,359 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-01-12 01:19:10,359 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-01-12 01:19:10,359 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2013-01-12 01:19:10,359 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2013-01-12 01:19:10,359 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2013-01-12 01:19:10,375 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{8B39AD4E-1AB3-4AE1-B533-706F1CACED83} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{6E801D47-45B7-4D10-8268-DBBD5C233F82} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{DC182551-99C7-4e28-A8F3-8DCFC4745C4C} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{B2BFA8E6-DB09-43F4-8469-BC587CB603EB} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-01-12 01:19:10,375 INFO Processing registry CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2013-01-12 01:19:10,375 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2013-01-12 01:19:10,375 DEBUG Key CLSID\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2013-01-12 01:19:10,375 INFO Processing registry AppID\avgsbg.DLL
2013-01-12 01:19:10,375 DEBUG Key AppID\avgsbg.DLL ForceRemove
2013-01-12 01:19:10,375 DEBUG Key AppID\avgsbg.DLL not found
2013-01-12 01:19:10,375 INFO Processing registry AppID\avgdtie.DLL
2013-01-12 01:19:10,375 DEBUG Key AppID\avgdtie.DLL ForceRemove
2013-01-12 01:19:10,375 DEBUG Key AppID\avgdtie.DLL not found
2013-01-12 01:19:10,375 DEBUG Removing Session Manager values
2013-01-12 01:19:10,375 DEBUG Registry remover failed for some registry item(s)
2013-01-12 01:19:10,375 INFO ***** Files and folders *****


Report •

#93
January 11, 2013 at 19:05:16

Part 4

2013-01-12 01:19:10,390 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,390 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,390 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,421 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,421 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,421 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,421 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,421 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,421 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,421 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\avgcfg.*'
2013-01-12 01:19:10,421 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,421 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,421 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\avgcore.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\decider.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\avgpostinst.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\avgui.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\commonpriv.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\krnlapi.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log\lng.*'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Trying HardForce delete 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log' deleted
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,437 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log'
2013-01-12 01:19:10,437 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Avg2013' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Trying HardForce delete 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013' deleted
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Avg2013' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Avg2013' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp\avg@toolbar'
2013-01-12 01:19:10,453 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp\avg@toolbar' not found
2013-01-12 01:19:10,453 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Application Data\avg*.*'
2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\avg*.*'
2013-01-12 01:19:10,468 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\LocalService\Application Data\avg*.*'
2013-01-12 01:19:10,468 INFO Directory 'C:\Documents and Settings\LocalService\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\LocalService\Local Settings\Application Data\avg*.*'
2013-01-12 01:19:10,468 INFO Directory 'C:\Documents and Settings\LocalService\Local Settings\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Application Data\avg*.*'
2013-01-12 01:19:10,468 INFO Directory 'C:\Documents and Settings\NetworkService\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\avg*.*'
2013-01-12 01:19:10,468 INFO Directory 'C:\Documents and Settings\NetworkService\Local Settings\Application Data\avg*.*' not found
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 12
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 13
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 14
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 15
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 16
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 17
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 18
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 19
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 20
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 21
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 22
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 23
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 24
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 25
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 26
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 27
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 28
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 29
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 30
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 31
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 32
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 33
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 34
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 35
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 36
2013-01-12 01:19:10,468 DEBUG Missing ParentDir path for fileItem number 37


Report •

#94
January 11, 2013 at 19:05:48

Part 5

2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR'
2013-01-12 01:19:10,468 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR' not found
2013-01-12 01:19:10,468 DEBUG Processing item 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall'
2013-01-12 01:19:10,515 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\outlook.cfg' in whitelist
2013-01-12 01:19:10,625 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\outlook.cfg' deleted
2013-01-12 01:19:10,625 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userawacs.cfg' in whitelist
2013-01-12 01:19:10,640 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userawacs.cfg' deleted
2013-01-12 01:19:10,640 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\usergui.cfg' in whitelist
2013-01-12 01:19:10,640 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\usergui.cfg' deleted
2013-01-12 01:19:10,640 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userguistate.cfg' in whitelist
2013-01-12 01:19:10,687 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userguistate.cfg' deleted
2013-01-12 01:19:10,703 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall' deleted
2013-01-12 01:19:10,703 DEBUG Processing item 'C:\Documents and Settings\Administrator\Application Data\AVG2013'
2013-01-12 01:19:10,703 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVG2013' deleted
2013-01-12 01:19:10,703 DEBUG Processing item 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log'
2013-01-12 01:19:10,718 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log' in whitelist
2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log' deleted
2013-01-12 01:19:10,718 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log.lock' in whitelist
2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log.lock' deleted
2013-01-12 01:19:10,718 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log' in whitelist
2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log' deleted
2013-01-12 01:19:10,718 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.1' in whitelist
2013-01-12 01:19:10,734 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.1' deleted
2013-01-12 01:19:10,734 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.2' in whitelist
2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.2' deleted
2013-01-12 01:19:10,750 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.3' in whitelist
2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.3' deleted
2013-01-12 01:19:10,750 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.4' in whitelist
2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.4' deleted
2013-01-12 01:19:10,750 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.5' in whitelist
2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.5' deleted
2013-01-12 01:19:10,750 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.6' in whitelist
2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.6' deleted
2013-01-12 01:19:10,765 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.lock' in whitelist
2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.lock' deleted
2013-01-12 01:19:10,765 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log' in whitelist
2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log' deleted
2013-01-12 01:19:10,765 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log.lock' in whitelist
2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log.lock' deleted
2013-01-12 01:19:10,765 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log.lock' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log.lock' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log.lock' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log.lock' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log.lock' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log.lock' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log.lock' in whitelist
2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log.lock' deleted
2013-01-12 01:19:10,781 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log.lock' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log.lock' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log.lock' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log.lock' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log.lock' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log.lock' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log.lock' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log.lock' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log' deleted
2013-01-12 01:19:10,796 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log.lock' in whitelist
2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log.lock' deleted
2013-01-12 01:19:10,828 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log' deleted
2013-01-12 01:19:10,828 DEBUG Processing item 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013'
2013-01-12 01:19:10,828 DEBUG Directory C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013 not deleted (error c0070091)
2013-01-12 01:19:10,828 DEBUG Processing item 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs'
2013-01-12 01:19:10,843 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-215623.log' in whitelist
2013-01-12 01:19:10,859 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-215623.log' deleted
2013-01-12 01:19:10,859 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-220057.log' in whitelist
2013-01-12 01:19:10,859 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-220057.log' deleted
2013-01-12 01:19:10,859 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-180759.log' in whitelist
2013-01-12 01:19:10,875 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-180759.log' deleted
2013-01-12 01:19:10,875 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-215623.log' in whitelist
2013-01-12 01:19:10,875 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-215623.log' deleted
2013-01-12 01:19:10,875 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-220057.log' in whitelist
2013-01-12 01:19:10,890 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-220057.log' deleted
2013-01-12 01:19:10,890 DEBUG Looking for file file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\r86-20121231-180901.log' in whitelist
2013-01-12 01:19:10,890 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\r86-20121231-180901.log' deleted
2013-01-12 01:19:10,906 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs' deleted
2013-01-12 01:19:10,906 DEBUG Processing item 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData' deleted
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.0' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.0' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg 8.5' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\avg free 8.5' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.0.lnk' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.0.lnk' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 8.5.lnk' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 8.5.lnk' not found
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 54
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 55
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 56
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 57
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 58
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 59
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 60
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 61
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 62
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 63
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 64
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 65
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 66
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 67
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 68
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 69
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 70
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 71
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 72
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 73
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 74
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 75


Report •

#95
January 11, 2013 at 19:06:33

Part 6

2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Update' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 9.0' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0'
2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 9.0' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg 9.0.lnk' not found
2013-01-12 01:19:10,937 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk'
2013-01-12 01:19:10,937 INFO File 'C:\Documents and Settings\All Users\Desktop\avg free 9.0.lnk' not found
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 84
2013-01-12 01:19:10,937 DEBUG Missing ParentDir path for fileItem number 85
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 86
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 87
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 88
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 89
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 90
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 91
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 92
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 93
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 94
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 95
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 96
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 97
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 98
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 99
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 100
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 101
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 102
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 103
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 104
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 105
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 106
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 107
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 108
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 109
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 110
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 111
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 112
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 113
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 114
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 115
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 116
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 117
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 118
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 119
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 120
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 121
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 122
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 123
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 124
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 125
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 126
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 127
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 128
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 129
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 130
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 131
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 132
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 133
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 134
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 135
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 136
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 137
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 138
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 139
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 140
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 141
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 142
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 143
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 144
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 145
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 146
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 147
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 148
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 149
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 150
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 151
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 152
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 153
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 154
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 155
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 156
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 157
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 158
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 159
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 160
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 161
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 162
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 163
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 164
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 165
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 166
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 167
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 168
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 169
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 170
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 171
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 172
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 173
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 174
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 175
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 176
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 177
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 178
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 179
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 180
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 181
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 182
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 183
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 184
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 185
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 186
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 187
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 188
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 189
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 190
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 191
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 192
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 193
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 194
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 195
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 196
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 197
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 198
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 199
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 200
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 201
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 202
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 203
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 204
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 205
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 206
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 207
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 208
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 209
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 210
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 211
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 212
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 213
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 214
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 215
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 216
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 217
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 218
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 219
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 220
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 221
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 222
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 223
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 224
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 225
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 226
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 227
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 228
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 229
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 230
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 231
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 232
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 233
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 234
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 235
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 236
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 237
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 238
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\AVG'
2013-01-12 01:19:10,953 INFO Directory 'C:\WINDOWS\System32\Drivers\AVG' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsdriverx.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsdriverx.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsdrivera.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsdrivera.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsehx.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsehx.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidseha.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidseha.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsfilterx.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsfilterx.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsfiltera.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsfiltera.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsshimx.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsshimx.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsshimw8x.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsshimw8x.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsuniversalddx.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsuniversalddx.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32\Drivers\avgidsuniversaldda.sys'
2013-01-12 01:19:10,953 INFO File 'C:\WINDOWS\System32\Drivers\avgidsuniversaldda.sys' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\System32'
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget'
2013-01-12 01:19:10,953 INFO Directory 'C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget' not found
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 258
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupCoreBackup' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\SetupBackup' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Chjw' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10\Antispam' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG10'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG10' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011'
2013-01-12 01:19:10,953 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2011' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk'
2013-01-12 01:19:10,953 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk'
2013-01-12 01:19:10,953 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2011.lnk' not found
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\WINDOWS\SysWOW64\Drivers\AVG'
2013-01-12 01:19:10,953 INFO Directory 'C:\WINDOWS\SysWOW64\Drivers\AVG' not found
2013-01-12 01:19:10,953 DEBUG Missing ParentDir path for fileItem number 269
2013-01-12 01:19:10,953 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\logs'
2013-01-12 01:19:10,984 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\mfa-20121231-175415.log' in whitelist
2013-01-12 01:19:10,984 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\mfa-20121231-175415.log' deleted
2013-01-12 01:19:10,984 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\msi-20121231-175415.log' in whitelist
2013-01-12 01:19:10,984 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\msi-20121231-175415.log' deleted
2013-01-12 01:19:11,000 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\logs' deleted
2013-01-12 01:19:11,000 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\pack'
2013-01-12 01:19:11,000 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\pack' not found
2013-01-12 01:19:11,000 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\mkt'
2013-01-12 01:19:11,000 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\mkt' not found
2013-01-12 01:19:11,000 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData'
2013-01-12 01:19:11,000 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\progupd.cfg' in whitelist
2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\progupd.cfg' deleted
2013-01-12 01:19:11,015 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\public_installation_log.xml' in whitelist
2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\public_installation_log.xml' deleted
2013-01-12 01:19:11,015 DEBUG Looking for file file 'C:\Documents and Settings\All Users\Application Data\MFAData\unconv.html' in whitelist
2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\unconv.html' deleted
2013-01-12 01:19:11,015 DEBUG Directory C:\Documents and Settings\All Users\Application Data\MFAData not deleted (error c0070091)
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupCoreBackup'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupCoreBackup' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupBackup'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\SetupBackup' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\Antispam' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\IDS'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\IDS' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012\fet'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012\fet' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2012'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2012' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2012'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2012' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk'
2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2012.lnk'
2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2012.lnk' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\WINDOWS\System32\Drivers'
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\SetupCoreBackup'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\SetupCoreBackup' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\avi'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\avi' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\SetupBackup'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\SetupBackup' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Chjw'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Chjw' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Antispam'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Antispam' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\admincli'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\admincli' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Cfg'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Cfg' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\cfgall'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\cfgall' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\DB'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\DB' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Dumps'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Dumps' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\EMC'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\EMC' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\fet'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\fet' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\IDS'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\IDS' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\log'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\log' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\lsdb\prev'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\lsdb\prev' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\lsdb'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\lsdb' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\scanlogs'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\scanlogs' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Temp'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Temp' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\update\download'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\update\download' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\update'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\update' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013\Antispam'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013\Antispam' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\AVG2013'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\AVG2013' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\pack'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\pack' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData\survey'
2013-01-12 01:19:11,015 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\survey' not found
2013-01-12 01:19:11,015 DEBUG Processing item 'C:\Documents and Settings\All Users\Application Data\MFAData'
2013-01-12 01:19:11,015 INFO Trying HardForce delete 'C:\Documents and Settings\All Users\Application Data\MFAData'
2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData' deleted
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG FREE 2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk'
2013-01-12 01:19:11,046 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2013.lnk'
2013-01-12 01:19:11,046 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG FREE 2013.lnk' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\log'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\log' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\dumps'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\dumps' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\fet'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\fet' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\temp'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\temp' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\backup'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\backup' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\prepare'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\prepare' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\download'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update\download' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013\update' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\AppData\Local\Avg2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013\log'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013\log' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013\temp'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013\temp' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\Application Data\Avg2013\cfgall'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\Application Data\Avg2013\cfgall' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\Application Data\Avg2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\Application Data\Avg2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\Avg2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\log'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\log' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\fet'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\fet' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\temp'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\temp' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\backup'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\backup' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\prepare'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\prepare' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\download'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update\download' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013\update' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013'
2013-01-12 01:19:11,046 INFO Directory 'C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Avg2013' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0'
2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG LinkScanner® 9.0' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG Standalone LinkScanner'
2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG Standalone LinkScanner' not found
2013-01-12 01:19:11,046 DEBUG Processing item 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk'
2013-01-12 01:19:11,046 INFO File 'C:\Documents and Settings\All Users\Desktop\AVG LinkScanner® 9.0.lnk' not found
2013-01-12 01:19:11,062 DEBUG Processing item 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG'
2013-01-12 01:19:11,062 INFO Directory 'C:\Documents and Settings\All Users\Start Menu\Programs\AVG' not found
2013-01-12 01:19:11,062 DEBUG Processing item 'C:\Program Files\AVG Secure Search'
2013-01-12 01:19:11,062 INFO Directory 'C:\Program Files\AVG Secure Search' not found
2013-01-12 01:19:11,062 DEBUG Missing ParentDir path for fileItem number 342
2013-01-12 01:19:11,062 DEBUG Missing ParentDir path for fileItem number 343
2013-01-12 01:19:11,062 DEBUG Missing ParentDir path for fileItem number 344
2013-01-12 01:19:11,062 DEBUG Missing ParentDir path for fileItem number 345
2013-01-12 01:19:11,062 INFO Attempting to unregister AVG from the Windows Security Center.
2013-01-12 01:19:11,062 INFO unregistering from WSC
2013-01-12 01:19:11,062 INFO WMI WINDOWS SECURITY CENTER
2013-01-12 01:19:11,062 INFO WSC object created
2013-01-12 01:19:11,062 INFO WSC object attatched
2013-01-12 01:19:11,140 INFO WSC object registered
2013-01-12 01:19:11,156 INFO WSC object unregistered
2013-01-12 01:19:11,156 INFO Begin of EnableWinFW.
2013-01-12 01:19:11,156 INFO End of EnableWinFW: 0x00000000
2013-01-12 01:47:30,796 INFO AvgRemover 2012.0.5
-------------------------------------------------------
2013-01-12 01:47:30,828 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:47:30,828 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2013-01-12 01:47:30,828 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2013-01-12 01:47:30,828 INFO Command line: "C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2013_2706.exe"
2013-01-12 01:47:30,828 WARN AvgDir param empty.
2013-01-12 01:47:30,828 WARN AvgDataDir param empty.
2013-01-12 01:47:30,875 DEBUG Disabling IDP Self Protection has failed with error 0xe0010054


Report •

#96
January 11, 2013 at 19:06:51

"capacha thing whatever it's called"
Without a screenshot ( SS ) from you, I don't know what that is all about.

You did go to step 2 of my links & upload to > load.to
http://i.imgur.com/wqOKq.gif


Report •

#97
January 11, 2013 at 19:10:21

The capacha I think that's what it's called. It's where you type in numbers that you see. Like when you sign up for some forums or even gmail and yahoo mail has it. Sometimes it takes forever.

Report •

#98
January 11, 2013 at 19:12:58

If you want to go to bed, let me know please, otherwise I'm hanging on waiting.

To keep things moving, whilst I go through AVG.

Update & run Malwarebytes' Anti-Malware ( MBAM ) Use Quick scan.


Report •

#99
January 11, 2013 at 19:13:44

Yahooooooooooooooooooooooooooooooo!!!!!

I know I posted the part by part. But I got this also. I was not going to let this beat me.

http://www.load.to/l87aSagiHL/avgre...


Report •

#100
January 11, 2013 at 19:17:48

I can wait a few for going to bed.


Report •

#101
January 11, 2013 at 19:21:28

"It's where you type in numbers that you see"
That's why & chose the load.to site, you don't get that.

Whatever you see in that spot, click on it & change it to > load.to

Make sure you select this tab on your final screen.
http://i.imgur.com/PujnZ.gif

Have another go, when you are ready.



Report •

#102
January 11, 2013 at 19:23:47

See post # 99

Here is the male ware bytes log.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.12.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: CTG-SERVER [administrator]

1/11/2013 10:17:25 PM
mbam-log-2013-01-11 (22-17-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204261
Time elapsed: 8 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Report •

#103
January 11, 2013 at 19:29:02

Thanks for MBAM.

Uninstall ComboFix.
Start > Run, Copy and Paste > ComboFix /uninstall and click OK.
Qoobox is a folder created by Combofix to quarantine any infected files.
http://www.bleepingcomputer.com/com...
Double check no Combofix files remain, I use this for searching, I have it open all the time.
UltraSearch
http://www.softpedia.com/get/File-m...
http://www.softpedia.com/progScreen...
http://www.jam-software.com/ultrase...


Report •

#104
January 11, 2013 at 19:32:29

"I know I posted the part by part. But I got this also. I was not going to let this beat me"
That's the attitude, not quite right, refer my post #101.

Try your download link yourself.


Report •

#105
January 11, 2013 at 19:42:48

Here is the link to download the AVG log. It was posted on #99

http://www.load.to/l87aSagiHL/avgre...


Report •

#106
January 11, 2013 at 19:46:04

"Here is the link to download the AVG log. It was posted on #99"
Yep, now download it & see what you get.

Report •

#107
January 11, 2013 at 19:46:35

OK I am sorry it is late and I am tired I will try and hang in a few more minutes. I finally got this. Here it is.

http://www.load.to/6wbeCwf2gh/avgre...


Report •

#108
January 11, 2013 at 19:48:04

"Here is the link to download the AVG log. It was posted on #99"
Yep, now download it & see what you get.

I downloaded it and it opened.


Report •

#109
January 11, 2013 at 19:48:14

Last job for tonight.

Run the ESET Online Scanner again please.


Report •

#110
January 11, 2013 at 19:49:51

OK I will post in the morning. I have a cold and I did take some medicine that makes you sleepy.

Report •

#111
January 11, 2013 at 20:04:02

Hi Derek, do you mind having a go on the AVG log file download links please.

I cannot get the actual log myself.

Ta, John.


Report •

#112
January 11, 2013 at 22:15:52

Re post #66
The AVG uninstaller did a good job Derek, 54 items removed.

Line 807: 2013-01-12 01:19:10,437 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\log' deleted
Line 820: 2013-01-12 01:19:10,453 INFO Directory 'C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013' deleted
Line 884: 2013-01-12 01:19:10,625 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\outlook.cfg' deleted
Line 886: 2013-01-12 01:19:10,640 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userawacs.cfg' deleted
Line 888: 2013-01-12 01:19:10,640 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\usergui.cfg' deleted
Line 890: 2013-01-12 01:19:10,687 INFO File 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall\userguistate.cfg' deleted
Line 891: 2013-01-12 01:19:10,703 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVG2013\cfgall' deleted
Line 893: 2013-01-12 01:19:10,703 INFO Directory 'C:\Documents and Settings\Administrator\Application Data\AVG2013' deleted
Line 896: 2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log' deleted
Line 898: 2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcfg.log.lock' deleted
Line 900: 2013-01-12 01:19:10,718 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log' deleted
Line 902: 2013-01-12 01:19:10,734 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.1' deleted
Line 904: 2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.2' deleted
Line 906: 2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.3' deleted
Line 908: 2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.4' deleted
Line 910: 2013-01-12 01:19:10,750 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.5' deleted
Line 912: 2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.6' deleted
Line 914: 2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgcore.log.lock' deleted
Line 916: 2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log' deleted
Line 918: 2013-01-12 01:19:10,765 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdecider.log.lock' deleted
Line 920: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log' deleted
Line 922: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgdiagex.log.lock' deleted
Line 924: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log' deleted
Line 926: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgidpagentmonitor.log.lock' deleted
Line 928: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log' deleted
Line 930: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgmsgdisp.log.lock' deleted
Line 932: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log' deleted
Line 934: 2013-01-12 01:19:10,781 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgpostinst.log.lock' deleted
Line 936: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log' deleted
Line 938: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgscan.log.lock' deleted
Line 940: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log' deleted
Line 942: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgual.log.lock' deleted
Line 944: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log' deleted
Line 946: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\avgui.log.lock' deleted
Line 948: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log' deleted
Line 950: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\krnlapi.log.lock' deleted
Line 952: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log' deleted
Line 954: 2013-01-12 01:19:10,796 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log\lng.log.lock' deleted
Line 955: 2013-01-12 01:19:10,828 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG2013\log' deleted
Line 960: 2013-01-12 01:19:10,859 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-215623.log' deleted
Line 962: 2013-01-12 01:19:10,859 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\mfa-20121231-220057.log' deleted
Line 964: 2013-01-12 01:19:10,875 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-180759.log' deleted
Line 966: 2013-01-12 01:19:10,875 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-215623.log' deleted
Line 968: 2013-01-12 01:19:10,890 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\msi-20121231-220057.log' deleted
Line 970: 2013-01-12 01:19:10,890 INFO File 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs\r86-20121231-180901.log' deleted
Line 971: 2013-01-12 01:19:10,906 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData\logs' deleted
Line 973: 2013-01-12 01:19:10,937 INFO Directory 'C:\Documents and Settings\Administrator\Local Settings\Application Data\MFAData' deleted
Line 1239: 2013-01-12 01:19:10,984 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\mfa-20121231-175415.log' deleted
Line 1241: 2013-01-12 01:19:10,984 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\logs\msi-20121231-175415.log' deleted
Line 1242: 2013-01-12 01:19:11,000 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData\logs' deleted
Line 1249: 2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\progupd.cfg' deleted
Line 1251: 2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\public_installation_log.xml' deleted
Line 1253: 2013-01-12 01:19:11,015 INFO File 'C:\Documents and Settings\All Users\Application Data\MFAData\unconv.html' deleted
Line 1328: 2013-01-12 01:19:11,046 INFO Directory 'C:\Documents and Settings\All Users\Application Data\MFAData' deleted


Report •

#113
January 12, 2013 at 04:16:51

eset online scanner log.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-12 12:11:55
# local_time=2013-01-12 07:11:55 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# scanned=77497
# found=0
# cleaned=0
# scan_time=4176


Report •

#114
January 12, 2013 at 04:24:38

"eset online scanner log"
Beautiful.

Run Security Check by screen317 again please.


Report •

#115
January 12, 2013 at 04:36:58

Security Check log

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u]
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u]
Windows Defender
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java 7 Update 10
Java 2 Runtime Environment, SE v1.4.2
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (18.0)
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]
Microsoft Security Essentials MSMpEng.exe
[b][u]`````````````````System Health check`````````````````[/b][/u]
Total Fragmentation on Drive C:: 0%
[b][u]````````````````````End of Log``````````````````````[/b][/u]


Report •

#116
January 12, 2013 at 04:40:55

"Security Check log"
Looking much better, though you still have the same problem with Java that was there on the last scan.

To make sure you have secure Java, update it. Extract from > Here is security Check log. And yes I will defrag later.
Results of screen317's Security Check version 0.99.56
Java 2 Runtime Environment, SE v1.4.2
[color=red][b]Java version out of Date!


Report •

#117
January 12, 2013 at 04:44:27

I just checked and I get the message.

Verified Java Version
Completion checkmark
Congratulations!
You have the recommended Java installed (Version 7 Update 10).

And I saw that in the log.


Report •

#118
January 12, 2013 at 04:45:19

I see you have run defrag.

Report •

#119
January 12, 2013 at 04:46:45

Yes even though I analyzed it said I did not need it. I still ran it. But the funny thing is after that security check the first time I analyzed and it said I did.

Report •

#120
January 12, 2013 at 04:47:59

"I just checked and I get the message"
It's not that Java out of date.

It's > Java 2 Runtime Environment, SE v1.4.2


Report •

#121
January 12, 2013 at 04:49:52

What about uninstalling java and reinstalling?

Report •

#122
January 12, 2013 at 04:52:01

I see what your talking about. It is also in add/remove. It is like there is 2 versions. I see both in add/remove

Report •

#123
January 12, 2013 at 04:55:23

You have 2 types of Java, each being used by programs for a different reason.

Can you update Java 2 Runtime Environment, SE from it's Options.


Report •

#124
January 12, 2013 at 05:01:23

"Can you update Java 2 Runtime Environment, SE from it's Options"
If you can't, you can always uninstall it & see if any of your programs/browsers object & tell you, hey, I want it.

I just googled, here is the latest version, if you want to go down that path.
http://www.filehippo.com/download_j...


Report •

#125
January 12, 2013 at 05:01:35

I think the Java 2 Runtime Environment, SE v1.4.2 was installed with the Gateway recovery CD last year when I did a reinstall. I opened and didn't see an option to update.

Report •

#126
January 12, 2013 at 05:12:41

OK this may seem strange. I tried uninstalling. It's asking me to insert the Java 2 runtime Environment SE v1.42 and click OK. I think it needs the CD it was installed from. I am going to get my Gateway recovery CD's out not sure which one it will be on.

Report •

#127
January 12, 2013 at 05:21:51

Use this.

To remove old and redundant versions of the Java Runtime Environment:
http://www.softpedia.com/get/System...
http://www.softpedia.com/progScreen...
http://singularlabs.com/software/ja...


Report •

#128
January 12, 2013 at 05:32:06

I just ran that tool. It still shows in add/remove. I will reboot and check then. I also checked the add/remove of ccleaner.

Report •

#129
January 12, 2013 at 05:38:37

Use Revo Uninstaller in ADVANCED mode if you are still having a problem.

Make sure you read the instructions, PRINT or write them is the best way.

http://www.softpedia.com/get/Tweak/...
http://www.softpedia.com/progScreen...
http://www.revouninstaller.com/
Open Revo, double click on a program logo, click > Yes & then you get your options, with Advanced down the bottom.
If you have partially uninstalled your program, you get a message from Revo, that it can't find the uninstaller, hit Cancel & let Revo continue on, to search for the remnants.
If you get a reboot message, ignore it & do it after Revo has finished.
I use Advanced Mode. Screenshots of how to use.
http://i.imgur.com/Rkkna.gif
http://i.imgur.com/VonCA.gif
http://i.imgur.com/fGmmb.gif
http://i.imgur.com/pdhbV.gif
http://i.imgur.com/fIgy0.gif
http://i.imgur.com/tDH9Z.gif
http://i.imgur.com/DbfgN.gif
http://i.imgur.com/tDafK.gif
http://i.imgur.com/Bz5j9.gif
http://i.imgur.com/X5S5I.gif


Report •

#130
January 12, 2013 at 06:01:42

I think I have it removed. I ran the security check again and here is the log.

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u]
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u]
Windows Defender
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (18.0)
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
[b][u]`````````````````System Health check`````````````````[/b][/u]
Total Fragmentation on Drive C:: 0%
[b][u]````````````````````End of Log``````````````````````[/b][/u]


Report •

#131
January 12, 2013 at 06:05:19

"I think I have it removed. I ran the security check again and here is the log"
Looks good.

Run AdwCleaner & Junkware Removal Tool again please.

"But remember this system will not boot with the USB drive"
Going back to post #55, whatever "T" drive is, it's infected. Is that the USB drive?
Right click on it & scan with MSE, then ESET Online Scanner & finally MBAM.
If ESET isn't available on right click, do it manually.

I'm going to bed now, catch you later in your day. Almost finished. Fun isn't it.


Report •

#132
January 12, 2013 at 06:09:53

T drive is the 500 GB i have. I know there are some crazy things on it. I can get it later. It has 79 GB left out of 500 GB.

Report •

#133
January 12, 2013 at 10:40:29

This is about to drive me crazy. I run JRT it runs and tells me a bad module was found. It says to press Y to reboot now and N to reboot later. Anyway here is the ADW Cleaner log.

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 13:08:25
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - CTG-SERVER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (en-US)

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0oj8mm3a.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6287 octets] - [08/01/2013 08:20:30]
AdwCleaner[R2].txt - [4016 octets] - [08/01/2013 20:20:43]
AdwCleaner[R3].txt - [1224 octets] - [12/01/2013 09:10:52]
AdwCleaner[R4].txt - [1284 octets] - [12/01/2013 09:11:19]
AdwCleaner[R5].txt - [1399 octets] - [12/01/2013 13:07:44]
AdwCleaner[S1].txt - [4138 octets] - [08/01/2013 20:49:28]
AdwCleaner[S2].txt - [1344 octets] - [12/01/2013 09:12:36]
AdwCleaner[S3].txt - [1330 octets] - [12/01/2013 13:08:25]

########## EOF - C:\AdwCleaner[S3].txt - [1390 octets] ##########

I will jet the JRT after it reboots but have done this several times and the log looks clean to me. I have got some other issues over the past day I will explain it could be related to this.


Report •

#134
January 12, 2013 at 10:57:33

Here is the JRT log and it looks clean. First I will explain that other issue. It starts up slow. Also this system is slow responding. Like when I opened my documents and tried to scroll it stalled then I hit ctrl alt and delete and it showed my documents not responding. Also it has done the same when scrolling thru some folders on the 500 GB drive .( T )

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on at
Computer was rebooted
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/12/2013 at 13:54:04.95
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Report •

#135
January 12, 2013 at 12:01:10

It looks like we may be getting somewhere or maybe not. But I did run msconfig and unchecked all on startup. Ran JRT again and it didn't say anything about a bad module. Did not even ask to reboot.

Report •

#136
January 12, 2013 at 12:16:24

Just as I figured. I ran JRT with everything unchecked in startup. It said nothing about a bad module. I run it with everything checked and it said a bad module was found. Now I am just waiting on JRW it is probably about 4 am where he is.

Report •

#137
January 12, 2013 at 13:14:15

Just another update. I found a program under the tools menu on maleware bytes. It's a beta program rootkit scanner I think it's called mbar. Anyway I am scanning right now and it has found 1 infection.

Found 2 and here is the log.

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, T:\ DRIVE_FIXED
CPU speed: 2.593000 GHz
Memory total: 3832262656, free: 3217567744

------------ Kernel report ------------
01/12/2013 16:03:04
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
iaStor.sys
aic78xx.sys
\WINDOWS\System32\Drivers\SCSIPORT.SYS
adpu160m.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
MpFilter.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
timntr.sys
tdrpman.sys
snapman.sys
Mup.sys
agp440.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\nv4_mini.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\e1000325.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\sbpci.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\System32\Drivers\MxlW2k.SYS
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\VMNetSrv.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\tcpip6.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ip6fw.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\??\C:\WINDOWS\system32\Drivers\vmm.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\DRIVERS\hidusb.sys
\SystemRoot\System32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\BANTExt.sys
\SystemRoot\System32\DRIVERS\usbccgp.sys
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\System32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\LVMVDrv.sys
\SystemRoot\system32\drivers\LVUSBSta.sys
\SystemRoot\system32\DRIVERS\LV302V32.SYS
\SystemRoot\system32\DRIVERS\lv302af.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\LVcKap.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\tifsfilt.sys
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\WINDOWS\system32\drivers\mqac.sys
\??\C:\WINDOWS\system32\drivers\RMCast.sys
\SystemRoot\system32\DRIVERS\LVPr2Mon.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FAE0644B-3950-4082-9689-3EA25C47693E}\MpKsla5591fb2.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8aeb1ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-10\
Lower Device Object: 0xffffffff8aee1d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8aed0ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-5\
Lower Device Object: 0xffffffff8aed4940
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2013.01.12.08
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 1
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8aed0ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8aed0998, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff8aee3b70, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8aed0ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8aed6f18, DeviceName: \Device\00000072\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8aed4940, DeviceName: \Device\Ide\IdeDeviceP2T0L0-5\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xffffffffe34fa238, 0xffffffff8aed0ab8, 0xffffffff8966dab8
Lower DeviceData: 0xffffffffe42a2430, 0xffffffff8aed4940, 0xffffffff89e413f0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\WINDOWS\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F8C79CFD

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 156296322
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 80026361856 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-156281488-156301488)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8aeb1ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8aeb1998, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff8aeb7b88, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8aeb1ab8, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8aeb89e8, DeviceName: \Device\00000073\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8aee1d98, DeviceName: \Device\Ide\IdeDeviceP3T0L0-10\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xffffffffe376cac0, 0xffffffff8aeb1ab8, 0xffffffff896648c0
Lower DeviceData: 0xffffffffe109fef0, 0xffffffff8aee1d98, 0xffffffff89b58bf0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: CA928D57

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 18 Numsec = 976770162
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158} --> [Adware.GamePlayLab]
Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)
Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Infected: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kincjchfokkeneeofpeefomkikfkiedl --> [PUP.FCTPlugin]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 1
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal successful. No system shutdown is required.
=======================================


Report •

#138
January 12, 2013 at 13:29:22

Well it still said bad module found. I will now wait and see what JRW saids.

Report •

#139
January 12, 2013 at 14:21:57

Post #45
Also I do have a 500 GB SATA as a secound drive 80 GB boot drive.

Trying to get my head around this.

1: Does this Sata drive have a bootable operating system on it?
In other words, if it is connected on it's own, will it boot.

2: Is "C" drive IDE?

3: I see you found Malwarebytes Anti-Rootkit ( MBAR ), did you run the scans on the Sata drive as per my post #131?


Report •

#140
January 12, 2013 at 15:05:06

OK Both drives are SATA. The system originally came with80 GB IDE . I copied everything over to a 80 GB SATA
It will take a while to scan dtive T 500 GB that has 80 GB left.

Report •

#141
January 12, 2013 at 15:12:02

"Both drives are SATA"

Do both drives have a bootable operating system on it?
In other words, if it is connected on it's own, will it boot.


Report •

#142
January 12, 2013 at 15:31:59

Only the 80 GB SATA has the OS.

Report •

#143
January 12, 2013 at 15:37:17

Need EXACT details of the comp we are working on.
Brand name if applicable, EXACT model & specs.

Report •

#144
January 12, 2013 at 16:33:46

Gateway E 6100

P4 2.60 Ghz HT

4 GB Ram

80 GB SATA Drive (Boot)

500 GB SATA (DATA BACKUP)

256 MB AGP Video

Sound Blaster

If this system gets running good it is a monster.

Video is 128 MB


Report •

#145
January 12, 2013 at 16:46:27

"If this system gets running good"
Fingers crossed.

I guess you are waiting for the scans to finish.


Report •

#146
January 12, 2013 at 17:18:28

"It will take a while to scan dtive T 500 GB that has 80 GB left"
When finished all the scans, run chkdsk on both drives.
How to Use Chkdsk in Windows XP
http://vlaurie.com/computers2/Artic...
http://www.qbs-pchelp.co.uk/chkdsk....
http://en.wikipedia.org/wiki/Chkdsk
http://en.wikipedia.org/wiki/CHKDSK
http://www.schrockinnovations.com/c...
http://www.windowsreinstall.com/art...
Obtaining CHKDSK Results ( log file )
http://www.cpucare.net/OS/XP/Viewin...

"Update
I tried the USB Boot on my laptop. It boots the eset rescue just fine no errors. So it looks like the issue may be with my system. Maybe there is some solution."
Try a rear USB port.
Or,
How to Get More Power to Front USB Ports
http://www.ehow.com/how_8549329_pow...

Dust is the big enemy of comps, causing overheating & slowdowns.
Information about cleaning computer components
http://www.computerhope.com/cleanin...
http://www.wiscocomputing.com/artic...
http://www.librarysupportstaff.com/...
http://www.bleepingcomputer.com/tut...
http://pcgyaan.wordpress.com/2009/0...
Getting The Grunge Out Of Your PC, Fred Langa cleans the dirtiest PC he can find, and along the way shows you how you can easily tackle yours. There are 7 pages.
http://www.informationweek.com/news...


Report •

#147
January 12, 2013 at 18:30:49

Me personally I don't think there is a hardware issue. The 4 GB of ram is new and memtest has been ran. Now as for the drive the 80 GB should be OK. I am going to run the eset online scanner. But here is my plan. I have 1 folder with backup images made with true image. I will not scan the true image backups. I will use the advanced options and only scan the one where it picked the infections up before. It should only be about 99 GB I believe. Anyway it should be finished in the morning. I am tired ive had friends over today and all so I think I am going to go to bed.

Report •

#148
January 13, 2013 at 04:00:55

Here is the eset online scan log.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-12 12:11:55
# local_time=2013-01-12 07:11:55 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# scanned=77497
# found=0
# cleaned=0
# scan_time=4176
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-12 06:05:16
# local_time=2013-01-12 01:05:16 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# scanned=27
# found=0
# cleaned=0
# scan_time=1365
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=c0af97d0ef4c8641868dafd4ed3525c0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-13 11:58:59
# local_time=2013-01-13 06:58:59 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# scanned=84876
# found=15
# cleaned=0
# scan_time=33838
T:\IMPORTANT2\oi_setup.exe a variant of Win32/OpenInstall application (unable to clean) 293EA3BB9DE1A62A42C18241E9EB63803DC044A0 I
T:\IMPORTANT2\SoftonicDownloader_for_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) C707640F61B794CE666E23470798415D6445062E I
T:\IMPORTANT2\Ahead[1].Nero.7.xx.All.Editions_KEYGEN-FFF\Keygen.exe a variant of Win32/Keygen.AJ application (unable to clean) BF0083D91171615741454447E4A5FC75BEBD4A15 I
T:\IMPORTANT2\Dell 2-13-12\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application (unable to clean) 57889881D67CA307D7542E9670F3DA21959AEE4A I
T:\IMPORTANT2\Kelly Malcolm\Kelly\AppData\Local\Temp\jar_cache4793502705589174431.tmp multiple threats (unable to clean) DFD3B894A006BD398C8E932CA940721BD1D0161E I
T:\IMPORTANT2\Nero7\Ahead[1].Nero.7.xx.All.Editions_KEYGEN-FFF.zip a variant of Win32/Keygen.AJ application (unable to clean) 1F07686C2852F52002D496784904BC549130F0A4 I
T:\IMPORTANT2\Youtube Downloader\YouTubeDownloaderSetup272.exe a variant of Win32/Toolbar.Widgi application (unable to clean) C0AB5C6A5F79A1DCB8B266F9A5DC6348E6967BCB I
T:\LEXAR\gtk2121-setup.exe a variant of Win32/1AntiVirus application (unable to clean) 2A22F6DDB3CF5F19600DD6EA43C3154C1EA28B1C I
T:\LEXAR\oi_setup.exe a variant of Win32/OpenInstall application (unable to clean) 293EA3BB9DE1A62A42C18241E9EB63803DC044A0 I
T:\LEXAR\SoftonicDownloader_for_utorrent.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) C707640F61B794CE666E23470798415D6445062E I
T:\LEXAR\st-softonic-sntb.exe Win32/Toolbar.Zugo application (unable to clean) DFC3F9F4C4071EAAADA52BA9887E7ED18FF684CE I
T:\LEXAR\YouTubeDownloaderSetup265.exe a variant of Win32/Toolbar.Widgi application (unable to clean) D2A10A86B5E4F70529E4C8DB7F4CB2E45A2AFE81 I
T:\LEXAR\YouTubeDownloaderSetup35.exe Win32/Toolbar.Widgi application (unable to clean) C3508A63D33516A9CC9505FBC8ABD9A4C257BBCD I
T:\LEXAR\Chris 12-07-11\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application (unable to clean) 8B0905DB055F4A62C295B30C53AAFE0C995C53F0 I
T:\LEXAR\Chris 12-07-11\YouTubeDownloaderSetup34.exe a variant of Win32/Toolbar.Widgi application (unable to clean) 21ECE50E242CD2014C3A73262BFAD894267BE7E3 I

It found 15 infections after over 9 hours. I stopped it. I am going to keep that drive disconnected right now until I can get some things deleted. I just didn't want to wait but I will follow along on whatever else you say as for the C drive. I have it set for a checkdsk when I reboot.


Report •

#149
January 13, 2013 at 04:25:07

"Just as I figured. I ran JRT with everything unchecked in startup. It said nothing about a bad module"

Chkdsk can repair problems related to bad sectors, lost clusters, cross-linked files, and directory errors.

It is the cross-linked files and directory errors we need to see if they are the problem, relating to the bad module.


Report •

#150
January 13, 2013 at 04:27:23

I have ran chkdsk on the 80 GB. As of right now the system seems more stable without the 500 GB. Let me explain about the 500 GB. It used to be an external drive and worked very good I had alot of things on it then most was saved to a DVD also. Here is what happened. I had it sitting on a counter and the wire was hanging down. I walked by with my size 15 foot and caught the cord and it fell on the floor hit hard enough to break the plastic where the USB goes. I took the drive out and hooked it up and all data was gone. I tested the drive over and over. I know it was dumb to put important data on it. But I figured it was OK because I tested it.

Report •

#151
January 13, 2013 at 05:14:05

The chkdsk on the Gateway is still running. I do have a 1 TB drive I was saving. I am going to get things off the 500 GB. Mostly my backups made with true image that's what worries me the most. The 500 GB could still be bad. Maybe it was the problem with the bad module. I have the 500 GB hooked to another computer right now and testing that computer with JRT i wanted to see if it saids bad module.

Report •

#152
January 13, 2013 at 05:26:36

The chkdsk finished. I am not sure where the log is. But I ran JRT again and it still finds a bad module. But I watched the chkdsk screen and never saw anything about cross-linked files. I know what your talking about it would have taken longer I have seen it happen before. It seems there is something somewhere.

Report •

#153
January 13, 2013 at 09:08:23

"I am not sure where the log is"
Refer my post #146

Report •

#154
January 13, 2013 at 09:20:07

OK But first I ran maleware bytes again. Here is the log. The computer will need to reboot.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.13.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Administrator :: CTG-SERVER [administrator]

1/13/2013 9:38:40 AM
mbam-log-2013-01-13 (09-38-40).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 290377
Time elapsed: 50 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\Administrator\Desktop\dell\oi_setup.exe (PUP.BundleInstaller.OI) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Desktop\dell\SoftonicDownloader_for_utorrent.exe (PUP.OfferBundler.ST) -> Quarantined and deleted successfully.

(end)


Report •

#155
January 13, 2013 at 09:30:49

I followed this and I just do not see where the log is posted.
Obtaining CHKDSK Results
How to get to Event Viewer

In Windows XP there are four ways to get to event viewer

<Start><Control Panel><Administrative Tools><Event Viewer>
<Right-Click My Computer><Manage><Event Viewer>
<Start><Run><Eventvwr>
<From C: Prompt><Eventvwr>

Obtaining CHKDSK Results

Once Event Viewer is open, select Application
The 4th column of information in the right-hand pane is titled Source , click on the word Source at the top of the column to sort by that column
Scroll through the Source column to find the most recent entry titled Winlogon
Double-click Winlogon to open the CHKDSK results

I got to event viewer select Application i do not understand what word source is. But right now I am hungry and I am going to get some lunch.


Report •

#156
January 13, 2013 at 10:11:07

Just to add, for future, you can get to Event viewer quickly by typing Event Viewer in Search. You probably won't need to go any further then Ev and it will pop up.

Source is one of the columns.

Always pop back and let us know the outcome - thanks


Report •

#157
January 13, 2013 at 12:44:36

Here it is. Sorry about the confusion.

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 1420 unused index entries from index $SII of file 0x9.
Cleaning up 1420 unused index entries from index $SDH of file 0x9.
Cleaning up 1420 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

78148160 KB total disk space.
41286812 KB in 95273 files.
33580 KB in 7574 indexes.
0 KB in bad sectors.
174556 KB in use by the system.
65536 KB occupied by the log file.
36653212 KB available on disk.

4096 bytes in each allocation unit.
19537040 total allocation units on disk.
9163303 allocation units available on disk.

Internal Info:
80 92 01 00 cb 91 01 00 40 34 02 00 00 00 00 00 ........@4......
30 17 00 00 03 00 00 00 b9 08 00 00 00 00 00 00 0...............
7e 6d 67 07 00 00 00 00 54 5a 63 39 00 00 00 00 ~mg.....TZc9....
0c 1a 24 15 00 00 00 00 98 b5 16 1b 03 00 00 00 ..$.............
f8 05 74 fa 01 00 00 00 62 bb f1 72 05 00 00 00 ..t.....b..r....
a0 47 96 9a 00 00 00 00 90 38 07 00 29 74 01 00 .G.......8..)t..
00 00 00 00 00 70 f2 d7 09 00 00 00 96 1d 00 00 .....p..........

Windows has finished checking your disk.
Please wait while your computer restarts.


For more information, see Help and Support Center at


Report •

#158
January 13, 2013 at 14:20:00

#156
Derek said "Source is one of the columns"
Thanks Derek, I went back to bed.

Re my post #111, do you mind having a go please.
It refers to post #107


Report •

#159
January 13, 2013 at 14:25:50

"ChristopherTGarrett said "Here it is. Sorry about the confusion"

Chkdsk has done a real good job on "C" drive.

We now know "C" drive is virus & error free.

Ball is now in your court, up to you what you do with the 500 gb drive, we know it is infected & probably has errors.


Report •

#160
January 13, 2013 at 14:27:37

I use these every day on every comp I work on.

Run on the "C" drive only

Run Wise Disk Cleaner ( Run the 1st three tabs, left to right. I use default settings, leave boxes that are unchecked, unchecked ) Reboot when finished.
http://www.softpedia.com/get/System...
http://www.softpedia.com/progScreen...
http://www.wisecleaner.com/download...

Run Wise Registry Cleaner ( Only use Registry Cleaner & with default settings. Don't use System Tuneup, that is for Experts, you really have to know what you are doing ) Reboot when finished.
http://www.softpedia.com/get/Tweak/...
http://www.softpedia.com/progScreen...
http://www.wisecleaner.com/wiseregi...

Let me know when you have done those.


Report •

#161
January 13, 2013 at 15:27:55

Johnw

Sorry, I've only been keeping a general eye on proceedings and missed your posts about AVG log. It's a gigantic thing but I've downloaded it and will see what I can make of it.

Always pop back and let us know the outcome - thanks


Report •

#162
January 13, 2013 at 15:40:38

" It's a gigantic thing but I've downloaded it"
Thanks Derek, on my comp, I couldn't get it to download.
Now I know the problem is my end, I must have a setting problem.

"and will see what I can make of it"
Refer post #112


Report •

#163
January 13, 2013 at 16:38:59

Johnw

I saved the downloaded AVG uninstall file, which contained 1957 lines of text,

In the majority of areas it found nothing (files or registry entries). Not too surprising because AVG had already been through the normal uninstall, also some would not be applicable as it deals with all AVG versions. The log is complicated by the fact that mostly DEBUG and WARN (on this log) show that there was no file or registry entry present. In terms of interpretation I made some comparisons with other logs online that AVG had OK'd.

It force removed quite a lot of registry entries. There were instances where it said "Failed to delete key" but it is my belief that most (if not all) were because they were not present.

It removed various files in sub-folders of Documents and settings - no surprise, many programs seem to leave those behind.

There were two registry entries where the log said:
"Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty"
Surprising, as the sub-keys must be theirs. Not given but they are almost certainly in CURRENT_USER & LOCAL_MACHINE - usually identical.

In summary, I believe it is quite AVG clean and there is nothing left behind that would interfere with any other AV. I suppose is just possible that the above two keys that stayed behind could now be removed by a registry cleaner (or manually), although I doubt this is worthwhile as they are designated to AVG only so should not interfere.

EDIT:
This might be of general interest:
http://www.bleepingcomputer.com/for...


Report •

#164
January 13, 2013 at 17:05:38

Ok I have Run Wise Disk Cleaner first 3. It's rebooting now.

Report •

#165
January 13, 2013 at 18:39:51

Is there anything I need to do about the left over AVG? Or is anything left over?

Report •

#166
January 13, 2013 at 19:20:21

"Is there anything I need to do about the left over AVG? Or is anything left over?"
No, not after you run > Wise Registry Cleaner


Report •

#167
January 13, 2013 at 22:41:58

OK So we are finished? What about JRT saying a bad module was found?

Report •

#168
January 13, 2013 at 23:08:48

"OK So we are finished? What about JRT saying a bad module was found?"
Run it again.

Report •

#169
January 13, 2013 at 23:22:39

It still said bad module found. I am rebooting now. It is 2:30 am here. I could not sleep. I am going to stay up a little bit.

Report •

#170
January 13, 2013 at 23:30:15

Wondered why you were still up.

I just googled for instructions.

Download Junkware Removal Tool to your desktop.

Warning! Once the scan is complete JRT will shut down your browser with NO warning.

Shut down your protection software now to avoid potential conflicts.
Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
http://www.bleepingcomputer.com/for...
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Copy and Paste the JRT.txt log into your next message.


Report •

#171
January 13, 2013 at 23:32:56

I know this has nothing to do with the OS. My dad gave me his old wireless N router from his house a few weeks ago when he moved. I am going to use it to replace my old router. And I am going to secure it. I never secured mine because I live on a farm and hardly anyone around. Not really anyone close enough to get my signal anyway. But I figured I may feel safer doing this. And maybe it is safer securing a router.

Report •

#172
January 13, 2013 at 23:41:10

Here is the results of JRT after the reboot. I think I am going to run eset online again. Just to be safe. If clean then I will not worry about the bad module unless you think something is wrong. Because it does do it it seems like every time.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on at
Computer was rebooted
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/14/2013 at 2:33:06.98
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Report •

#173
January 13, 2013 at 23:45:23

"And maybe it is safer securing a router"
Definitely.

I don't use wireless myself, so this the best I can do, gives you a start.

secure a wireless N router
http://is.gd/MZbumc

Securing your Wireless Network
http://www.practicallynetworked.com...
10 Tips for Wireless Home Network Security
http://compnetworking.about.com/od/...
Wireless security
http://en.wikipedia.org/wiki/Wirele...


Report •

#174
January 13, 2013 at 23:48:42

"I think I am going to run eset online again"
Good idea.

"unless you think something is wrong"
I don't, lets see what ESET says.


Report •

#175
January 14, 2013 at 00:27:29

Thanks for all the help. I will post the eset log back.

Report •

#176
January 14, 2013 at 00:48:10

"Bad module"
MrGoodguy ( another helper, refer post #9 ) has just given me this info.
JRT should be giving an option to remove the bad module using a y/n prompt during the running of the program.

Report •

#177
January 14, 2013 at 00:56:49

Sorry to jump in.

The bad module is caused by adware, and needs to be removed.
When JRT finds a bad module it should bring up a bad module txt/instruction to choose what you want to do with it. At the end of the txt there will be a question asking if you would like to reboot to remove the bad module. It requires a Y or N response to carry on. This is from my own experience and I know of no instructions on the web?
I found a vid but its bad quality, it goes over the things I mentioned. Start vid at 30sec's on full screen. http://www.youtube.com/watch?v=ubG5...

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#178
January 14, 2013 at 03:14:48

I run it do the reboot and it finds it again. Just about every time. I am not sure what to do. The system is running a lot better.

Report •

#179
January 14, 2013 at 03:21:23

Are you doing what MrGoodguy says?

"When JRT finds a bad module it should bring up a bad module txt/instruction to choose what you want to do with it. At the end of the txt there will be a question asking if you would like to reboot to remove the bad module. It requires a Y or N response to carry on"

Are you seeing that message?


Report •

#180
January 14, 2013 at 03:33:31

Yes it ask in a cmd screen to reboot. I reboot it finishes and then shows the following in a notpad.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Microsoft Windows XP x86
Ran by Chris on at
Computer was rebooted
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/14/2013 at 6:24:45.62
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


============================================================

And my laptop is doing this now.


Report •

#181
January 14, 2013 at 03:51:26

Are you using the JRT's "Yes" answer to reboot or are your doing it manually through Windows?

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#182
January 14, 2013 at 03:54:58

"It requires a Y or N response to carry on"
Are you getting the Y or N option?

Report •

#183
January 14, 2013 at 04:18:19

Time to give up on that issue, keep checking for new versions & I think eventually the program author will have the fix.

Finally, your reader needs updating.
Adobe Reader 10.1.5 [color=red][b]Adobe Reader out of Date![/b][/color]


Report •

#184
January 14, 2013 at 04:39:38

Yes I am getting Y to reboot N for no. Yes I am clicking the Y to reboot. So it could be a bug?

Report •

#185
January 15, 2013 at 17:29:03

The maker of JRT - Thisisu would like you to copy and paste this command, from a command prompt window:

tasklist /m>"%userprofile%\desktop\modules.txt"

Then post the results it in your next reply.

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#186
January 15, 2013 at 18:11:35

Fantastic effort MrGoodguy.

Report •

#187
January 20, 2013 at 11:19:29

OK I am sorry I have not checked back in a few days. I will do.
I did a JRT again. It still said a bad module was found. Here is the log. It shows it deleted some folder.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.6 (01.20.2013:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Sun 01/20/2013 at 14:26:10.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\openapp"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/20/2013 at 14:35:03.87
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Report •

#188
January 20, 2013 at 11:51:27

Here is the other log you requested. This will be in 2 parts.

Part 1

Image Name PID Modules
========================= ====== =============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 940 ntdll.dll
csrss.exe 1012 ntdll.dll, CSRSRV.dll, basesrv.dll,
winsrv.dll, GDI32.dll, KERNEL32.dll,
USER32.dll, sxs.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll
winlogon.exe 1036 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, AUTHZ.dll,
msvcrt.dll, CRYPT32.dll, MSASN1.dll,
USER32.dll, GDI32.dll, NDdeApi.dll,
PROFMAP.dll, NETAPI32.dll, USERENV.dll,
PSAPI.DLL, REGAPI.dll, SETUPAPI.dll,
VERSION.dll, WINSTA.dll, WINTRUST.dll,
IMAGEHLP.dll, WS2_32.dll, WS2HELP.dll,
IMM32.DLL, MSGINA.dll, COMCTL32.dll,
ODBC32.dll, comdlg32.dll, SHELL32.dll,
SHLWAPI.dll, comctl32.dll, odbcint.dll,
SHSVCS.dll, sfc.dll, sfc_os.dll, ole32.dll,
Apphelp.dll, msctfime.ime, WINSCARD.DLL,
WTSAPI32.dll, sxs.dll, uxtheme.dll,
WINMM.dll, cscdll.dll, dimsntfy.dll,
WlNotify.dll, MPR.dll, WINSPOOL.DRV,
WgaLogon.dll, OLEAUT32.dll, rsaenh.dll,
NTMARTA.DLL, SAMLIB.dll, WLDAP32.dll,
CLBCATQ.DLL, COMRes.dll, msv1_0.dll,
cryptdll.dll, iphlpapi.dll, cscui.dll,
xpsp2res.dll, wdmaud.drv, msacm32.drv,
MSACM32.dll, midimap.dll
services.exe 1080 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, msvcrt.dll,
NCObjAPI.DLL, MSVCP60.dll, SCESRV.dll,
AUTHZ.dll, USER32.dll, GDI32.dll,
USERENV.dll, umpnpmgr.dll, WINSTA.dll,
NETAPI32.dll, ShimEng.dll, AcAdProc.dll,
IMM32.DLL, Apphelp.dll, VERSION.dll,
eventlog.dll, PSAPI.DLL, WS2_32.dll,
WS2HELP.dll, wtsapi32.dll
lsass.exe 1092 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, LSASRV.dll,
MPR.dll, USER32.dll, GDI32.dll, MSASN1.dll,
msvcrt.dll, NETAPI32.dll, NTDSAPI.dll,
DNSAPI.dll, WS2_32.dll, WS2HELP.dll,
WLDAP32.dll, SAMLIB.dll, SAMSRV.dll,
cryptdll.dll, ShimEng.dll, AcGenral.DLL,
WINMM.dll, ole32.dll, OLEAUT32.dll,
MSACM32.dll, VERSION.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, comctl32.dll, comctl32.dll,
msprivs.dll, kerberos.dll, msv1_0.dll,
iphlpapi.dll, netlogon.dll, w32time.dll,
MSVCP60.dll, schannel.dll, CRYPT32.dll,
wdigest.dll, rsaenh.dll, relog_ap.dll,
setupapi.dll, scecli.dll, ipsecsvc.dll,
AUTHZ.dll, oakley.DLL, WINIPSEC.DLL,
mswsock.dll, hnetcfg.dll, wshtcpip.dll,
dssenh.dll, pstorsvc.dll, psbase.dll
svchost.exe 1276 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, NTMARTA.DLL, SAMLIB.dll,
WLDAP32.dll, rpcss.dll, WS2_32.dll,
WS2HELP.dll, xpsp2res.dll, CLBCATQ.DLL,
COMRes.dll, msi.dll, Apphelp.dll
svchost.exe 1364 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, rpcss.dll, WS2_32.dll,
WS2HELP.dll, xpsp2res.dll, rsaenh.dll,
mswsock.dll, hnetcfg.dll, wshtcpip.dll,
wship6.dll, DNSAPI.dll, iphlpapi.dll,
winrnr.dll, WLDAP32.dll, rasadhlp.dll,
CLBCATQ.DLL, COMRes.dll, msi.dll
MsMpEng.exe 1488 ntdll.dll, kernel32.dll, mpsvc.dll,
msvcrt.dll, USER32.dll, GDI32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
ole32.dll, OLEAUT32.dll, USERENV.dll,
WTSAPI32.dll, WINSTA.dll, NETAPI32.dll,
mpclient.dll, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, IMAGEHLP.dll, VERSION.dll,
IMM32.DLL, rsaenh.dll, SqmApi.dll,
NTMARTA.DLL, SAMLIB.dll, WLDAP32.dll,
mprtp.dll, FLTLIB.DLL, psapi.dll,
mpengine.dll, WS2_32.dll, WS2HELP.dll,
CLBCATQ.DLL, COMRes.dll, xpsp2res.dll,
setupapi.dll, cfgmgr32.dll, Apphelp.dll,
uxtheme.dll, COMCTL32.dll, SHLWAPI.dll,
comctl32.dll
svchost.exe 1576 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, NTMARTA.DLL, SAMLIB.dll,
WLDAP32.dll, xpsp2res.dll, shsvcs.dll,
WINSTA.dll, NETAPI32.dll, dhcpcsvc.dll,
DNSAPI.dll, WS2_32.dll, WS2HELP.dll,
iphlpapi.dll, mswsock.dll, hnetcfg.dll,
wshtcpip.dll, wzcsvc.dll, rtutils.dll,
WMI.dll, CRYPT32.dll, MSASN1.dll,
EapolQec.dll, ATL.DLL, QUtil.dll,
MSVCP60.dll, dot3api.dll, WTSAPI32.dll,
ESENT.dll, rsaenh.dll, CLBCATQ.DLL,
COMRes.dll, SETUPAPI.DLL, rastls.dll,
CRYPTUI.dll, WININET.dll, Normaliz.dll,
urlmon.dll, iertutil.dll, WINTRUST.dll,
IMAGEHLP.dll, MPRAPI.dll, ACTIVEDS.dll,
adsldpc.dll, RASAPI32.dll, rasman.dll,
TAPI32.dll, SCHANNEL.dll, WinSCard.dll,
PSAPI.DLL, raschap.dll, msv1_0.dll,
cryptdll.dll, schedsvc.dll, NTDSAPI.dll,
MSIDLE.DLL, audiosrv.dll, wkssvc.dll,
cryptsvc.dll, certcli.dll, dmserver.dll,
ersvc.dll, es.dll, pchsvc.dll, hidserv.dll,
HID.DLL, srvsvc.dll, wship6.dll,
winspool.drv, netman.dll, netshell.dll,
credui.dll, dot3dlg.dll, OneX.DLL,
eappcfg.dll, eappprxy.dll, WZCSAPI.DLL,
seclogon.dll, sens.dll, srsvc.dll,
POWRPROF.dll, SXS.DLL, tapisrv.dll,
trkwks.dll, w32time.dll, wmisvc.dll,
VSSAPI.DLL, comsvcs.dll, colbact.DLL,
MTXCLU.DLL, WSOCK32.dll, CLUSAPI.DLL,
RESUTILS.DLL, wscsvc.dll, msi.dll,
wuauserv.dll, wuaueng.dll, WINHTTP.dll,
Cabinet.dll, mspatcha.dll, 6to4svc.dll,
wbemcomn.dll, wbemcore.dll, esscli.dll,
FastProx.dll, browser.dll, wbemsvc.dll,
sfc.dll, sfc_os.dll, wmiutils.dll,
Apphelp.dll, repdrvfs.dll, ipnathlp.dll,
AUTHZ.dll, wmiprvsd.dll, NCObjAPI.DLL,
wbemess.dll, upnp.dll, SSDPAPI.dll,
ncprov.dll, wups2.dll, netcfgx.dll,
rasmans.dll, WINIPSEC.DLL, rasadhlp.dll,
rastapi.dll, unimdm.tsp, uniplat.dll,
kmddsp.tsp, ndptsp.tsp, ipconf.tsp,
h323.tsp, hidphone.tsp, rasppp.dll,
ntlsapi.dll, kerberos.dll, RASQEC.DLL,
RASDLG.dll, dpnhupnp.dll, wbemprox.dll
svchost.exe 1704 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, dnsrslvr.dll, DNSAPI.dll,
WS2_32.dll, WS2HELP.dll, iphlpapi.dll,
rsaenh.dll, mswsock.dll, hnetcfg.dll,
wshtcpip.dll
svchost.exe 1820 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, NTMARTA.DLL, SAMLIB.dll,
WLDAP32.dll, xpsp2res.dll, lmhsvc.dll,
iphlpapi.dll, WS2_32.dll, WS2HELP.dll,
regsvc.dll, ssdpsrv.dll, hnetcfg.dll,
CLBCATQ.DLL, COMRes.dll, mswsock.dll,
wshtcpip.dll
spoolsv.exe 248 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, GDI32.dll,
USER32.dll, msvcrt.dll, ShimEng.dll,
AcGenral.DLL, WINMM.dll, ole32.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, SPOOLSS.DLL, WS2_32.dll,
WS2HELP.dll, DNSAPI.dll, iphlpapi.dll,
rasadhlp.dll, localspl.dll, sfc_os.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, winspool.drv, netapi32.dll,
cnbjmon.dll, hpf3l70v.dll, mdimon.dll,
msi.dll, FXSMON.DLL, FXSEVENT.dll,
pjlmon.dll, tcpmon.dll, usbmon.dll,
hpfpp70v.dll, mdippr.dll,
filterpipelineprintproc.dll, mswsock.dll,
winrnr.dll, WLDAP32.dll, win32spl.dll,
NETRAP.dll, NTDSAPI.dll, CLBCATQ.DLL,
COMRes.dll, xpsp2res.dll, inetpp.dll
LVPrcSrv.exe 340 ntdll.dll, kernel32.dll, VERSION.dll,
PSAPI.DLL, USER32.dll, GDI32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
SHELL32.dll, msvcrt.dll, SHLWAPI.dll,
IMM32.DLL, comctl32.dll, comctl32.dll
WiseTray.exe 428 ntdll.dll, kernel32.dll, oleaut32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
GDI32.dll, USER32.dll, msvcrt.dll,
ole32.dll, msimg32.dll, version.dll,
mpr.dll, comctl32.dll, SHLWAPI.dll,
shell32.dll, comdlg32.dll, IMM32.DLL,
uxtheme.dll, msctfime.ime, SETUPAPI.dll,
USERENV.dll, MSCTF.dll
jusched.exe 972 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, GDI32.dll,
USER32.dll, WININET.dll, msvcrt.dll,
SHLWAPI.dll, Normaliz.dll, urlmon.dll,
ole32.dll, OLEAUT32.dll, iertutil.dll,
SHELL32.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, uxtheme.dll
PDVDServ.exe 980 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, SHELL32.dll, msvcrt.dll,
SHLWAPI.dll, ole32.dll, IMM32.DLL,
comctl32.dll, comctl32.dll, uxtheme.dll,
CLBCATQ.DLL, COMRes.dll, OLEAUT32.dll,
VERSION.dll, CLRCEngine2.dll, msctfime.ime,
xpsp2res.dll, MSCTF.dll
PRONoMgr.exe 992 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, SHELL32.dll, msvcrt.dll,
SHLWAPI.dll, ole32.dll, OLEAUT32.dll,
IMM32.DLL, comctl32.dll, comctl32.dll,
ENUPGUIR.dll, uxtheme.dll, CLBCATQ.DLL,
COMRes.dll, VERSION.dll, xpsp2res.dll,
msctfime.ime, PNC802_3.dll, ENUPCMRs.dll,
MSCTF.dll
msseces.exe 1004 ntdll.dll, kernel32.dll, msvcrt.dll,
mpclient.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, ole32.dll, GDI32.dll,
USER32.dll, OLEAUT32.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, IMAGEHLP.dll,
USERENV.dll, VERSION.dll, COMCTL32.dll,
SHLWAPI.dll, gdiplus.dll, WININET.dll,
Normaliz.dll, urlmon.dll, iertutil.dll,
WTSAPI32.dll, WINSTA.dll, NETAPI32.dll,
SHELL32.dll, COMDLG32.dll, PSAPI.DLL,
IMM32.DLL, uxtheme.dll, rsaenh.dll,
xpsp2res.dll, EppManifest.dll, CLBCATQ.DLL,
COMRes.dll, msxml3.dll, MSFTEDIT.DLL,
MSCTF.dll, msctfime.ime, SqmApi.dll,
WINHTTP.dll, ws2_32.dll, WS2HELP.dll,
mswsock.dll, hnetcfg.dll, wshtcpip.dll,
wship6.dll, schannel.dll, RASAPI32.DLL,
rasman.dll, TAPI32.dll, rtutils.dll,
WINMM.dll, DNSAPI.dll, iphlpapi.dll,
winrnr.dll, WLDAP32.dll, rasadhlp.dll,
DHCPCSVC.DLL
mmtask.exe 1016 ntdll.dll, kernel32.dll, SHLWAPI.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
GDI32.dll, USER32.dll, msvcrt.dll,
ole32.dll, OLEAUT32.dll, MMVCP70.dll,
MMVCR70.dll, IMM32.DLL, uxtheme.dll,
xpsp2res.dll, CLBCATQ.DLL, COMRes.dll,
VERSION.dll, MSCTF.dll
QuickCam10.exe 1160 ntdll.dll, kernel32.dll, WINMM.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
GDI32.dll, USER32.dll, VERSION.dll,
MSVCR80.dll, msvcrt.dll, MFC80U.DLL,
SHLWAPI.dll, SHELL32.dll, COMCTL32.dll,
ole32.dll, OLEAUT32.dll, ATL80.DLL,
gdiplus.dll, MSVCP80.dll, IMM32.DLL,
MFC80ENU.DLL, Wtsapi32.dll, WINSTA.dll,
NETAPI32.dll, LAppRes.dll, uxtheme.dll,
msctfime.ime, CLBCATQ.DLL, COMRes.dll,
msi.dll, LogiMail.dll, hmmapi.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
iertutil.dll, msmapi32.dll, msoe.dll,
ATL.DLL, MSOERT2.dll, MSOEACCT.dll,
INETCOMM.dll, acctres.dll, inetres.dll,
msoeres.dll, xpsp2res.dll, smapi.dll,
MSCTF.dll, DevMngr.dll, SETUPAPI.dll,
LVMaEnum.dll, CFGMGR32.dll, HID.DLL,
MSVCP71.dll, MSVCR71.dll, LVComCX.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, wdmaud.drv, msacm32.drv,
MSACM32.dll, midimap.dll, EFVal.dll,
WINSPOOL.DRV, msxml3.dll, LCMServerPS.dll,
SXS.DLL, COCIManagerPS.dll, mslbui.dll,
LVPrcInj.dll
SUPERAntiSpyware.exe 1208 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, SHELL32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, msvcrt.dll,
SHLWAPI.dll, ole32.dll, OLEAUT32.dll,
WINMM.dll, PSAPI.DLL, COMCTL32.dll,
MSIMG32.dll, IPHLPAPI.DLL, WS2_32.dll,
WS2HELP.dll, WSOCK32.dll, WININET.dll,
Normaliz.dll, urlmon.dll, iertutil.dll,
VERSION.dll, NETAPI32.dll, IMM32.DLL,
uxtheme.dll, msctfime.ime, NTMARTA.DLL,
SAMLIB.dll, WLDAP32.dll, MSCTF.dll,
SETUPAPI.dll, CLBCATQ.DLL, COMRes.dll,
hhctrl.ocx, mstask.dll, comdlg32.dll,
MPR.dll, NTDSAPI.dll, DNSAPI.dll,
USERENV.dll, WINTRUST.DLL, CRYPT32.dll,
MSASN1.dll, IMAGEHLP.dll, appHelp.dll,
MpShHook.dll, MSVCR80.dll, MSVCP80.dll,
rsaenh.dll, SASSEH.DLL
YAHOOM~1.EXE 1292 ntdll.dll, kernel32.dll, Secur32.dll,
ADVAPI32.dll, RPCRT4.dll, VERSION.dll,
COMCTL32.dll, msvcrt.dll, GDI32.dll,
USER32.dll, SHLWAPI.dll, WINMM.dll,
WSOCK32.dll, WS2_32.dll, WS2HELP.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
ole32.dll, OLEAUT32.dll, iertutil.dll,
YImage.dll, MSVCR80.dll, gdiplus.dll,
ylog.dll, MSVCP80.dll, IMM32.dll,
RICHED20.dll, YCPFoundation.dll, nspr4.dll,
COMDLG32.dll, SHELL32.dll, yui.dll,
MSIMG32.dll, YMSGLite.dll, YHTTP.dll,
RGX.dll, YCPSSL.dll, YAlertCenterM.DLL,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, ymdm_audio.dll, rmc_audio.dll,
ymdm_video.dll, core_video.dll, DDRAW.dll,
DCIMAN32.dll, d3d9.dll, d3d8thk.dll,
pcre.dll, XmlLite.dll, IPHLPAPI.DLL,
ConnectionWizard.dll, SETUPAPI.dll,
uxtheme.dll, MSCTF.dll, msctfime.ime,
mswsock.dll, hnetcfg.dll, wshtcpip.dll,
PSAPI.DLL, pdh.dll, ODBC32.dll, odbcbcp.dll,
odbcint.dll, perfproc.dll, perfos.dll,
xpsp2res.dll, CLBCATQ.DLL, COMRes.dll,
wbemprox.dll, wbemcomn.dll, wbemsvc.dll,
fastprox.dll, MSVCP60.dll, NTDSAPI.dll,
DNSAPI.dll, NETAPI32.dll, WLDAP32.dll,
res_msgr.dll, Flash32_11_5_502_146.ocx,
DSOUND.dll, mscms.dll, WINSPOOL.DRV,
ieframe.dll, SXS.DLL, wdmaud.drv,
msacm32.drv, MSACM32.dll, midimap.dll,
schannel.dll, USERENV.dll, wship6.dll,
shdocvw.dll, CRYPTUI.dll, es.dll,
wtsapi32.dll, WINSTA.dll, rasadhlp.dll,
ypagerps.dll, Apphelp.dll, mslbui.dll,
RASAPI32.dll, rasman.dll, TAPI32.dll,
rtutils.dll, msv1_0.dll, cryptdll.dll,
sensapi.dll, rsaenh.dll, dssenh.dll,
ft60.dll, MLANG.dll, mshtml.dll, msls31.dll,
YPluginRegistry.dll, YML.dll, msimtf.dll,
jscript.dll, ImgUtil.dll, pngfilt.dll,
sptip.dll, OLEACC.dll, SPGRMR.DLL, msi.dll,
SKCHUI.DLL, cscui.dll, CSCDLL.dll,
YIniDom.dll, MSOXMLMF.DLL, MpShHook.dll,
SASSEH.DLL, ymsdk.dll, WINHTTP.dll,
rmc_video.dll, cryptnet.dll, D3DIM.DLL,
quartz.dll, devenum.dll, msdmo.dll,
winrnr.dll, msxml6.dll, Dxtrans.dll,
ATL.DLL, ddrawex.dll, Dxtmsft.dll
ctfmon.exe 1320 ntdll.dll, kernel32.dll, msvcrt.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
USER32.dll, GDI32.dll, MSCTF.dll, MSUTB.dll,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
ole32.dll, OLEAUT32.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
comctl32.dll, msctfime.ime
LogitechDesktopMessenger. 1412 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, IMM32.DLL, backWeb.dll,
bwsec.dll, MSVCRT.dll, clntutil.dll,
ole32.dll, OLEAUT32.dll, snmpapi.dll,
WS2_32.dll, WS2HELP.dll, VERSION.dll,
WININET.dll, SHLWAPI.dll, Normaliz.dll,
urlmon.dll, iertutil.dll, WINMM.dll,
MFC42.DLL, SHELL32.dll, WSOCK32.dll,
comctl32.dll, comctl32.dll, ClientRC.dll,
uxtheme.dll, MSCTF.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll, feclient.dll,
MPR.dll, USERENV.dll, CRYPT32.dll,
MSASN1.dll, BWfiles-8876480.dll,
BWfiles.dll, msctfime.ime, wtsapi32.dll,
WINSTA.dll, NETAPI32.dll, psapi.dll,
mslbui.dll, SyncExt.dll, SETUPAPI.dll,
inetmib1.dll, iphlpapi.dll, MPRAPI.dll,
ACTIVEDS.dll, adsldpc.dll, WLDAP32.dll,
ATL.DLL, rtutils.dll, SAMLIB.dll,
mswsock.dll, hnetcfg.dll, wshtcpip.dll,
DNSAPI.dll, winrnr.dll, rasadhlp.dll,
WINTRUST.dll, IMAGEHLP.dll, wdmaud.drv,
msacm32.drv, MSACM32.dll, midimap.dll,
msi.dll, SXS.DLL


Report •

#189
January 20, 2013 at 11:51:43

Part 2

svchost.exe 1660 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, NTMARTA.DLL, SAMLIB.dll,
WLDAP32.dll, xpsp2res.dll, webclnt.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
iertutil.dll, WS2_32.dll, WS2HELP.dll
LVComSX.exe 1848 ntdll.dll, kernel32.dll, WINMM.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
GDI32.dll, USER32.dll, VERSION.dll,
CFGMGR32.dll, setupapi.dll, msvcrt.dll,
SHELL32.dll, SHLWAPI.dll, ole32.dll,
OLEAUT32.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, CLBCATQ.DLL, COMRes.dll,
msi.dll, xpsp2res.dll, uxtheme.dll,
MSCTF.dll, LVMaEnum.dll, HID.DLL,
MSVCP71.dll, MSVCR71.dll, msctfime.ime,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, LVComCX.dll
msdtc.exe 1864 ntdll.dll, kernel32.dll, msvcrt.dll,
MSDTCTM.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, DNSAPI.dll, WS2_32.dll,
WS2HELP.dll, GDI32.dll, USER32.dll,
MSDTCLOG.dll, ole32.dll, MSDTCPRX.dll,
MSVCP60.dll, MTXCLU.DLL, COMRes.dll,
VERSION.dll, WSOCK32.dll, NETAPI32.dll,
WINMM.dll, MSWSOCK.dll, XOLEHLP.dll,
ShimEng.dll, AcGenral.DLL, OLEAUT32.dll,
MSACM32.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
CLUSAPI.DLL, RESUTILS.DLL, comctl32.dll,
comctl32.dll, MTxOCI.Dll, CLBCATQ.DLL
SASCore.exe 1928 ntdll.dll, kernel32.dll, VERSION.dll,
USER32.dll, GDI32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, SHELL32.dll,
msvcrt.dll, SHLWAPI.dll, OLEAUT32.dll,
ole32.dll, IMM32.DLL, comctl32.dll,
comctl32.dll
schedul2.exe 676 ntdll.dll, kernel32.dll, RPCRT4.dll,
ADVAPI32.dll, Secur32.dll, USER32.dll,
GDI32.dll, SHELL32.dll, msvcrt.dll,
SHLWAPI.dll, comdlg32.dll, COMCTL32.dll,
MPR.dll, ole32.dll, VERSION.dll, IMM32.DLL,
comctl32.dll, NTMARTA.DLL, SAMLIB.dll,
WLDAP32.dll
svchost.exe 2104 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, hpqddsvc.dll, hpqddcmn.dll,
SETUPAPI.dll, WINSPOOL.DRV, MSVCP90.dll,
MSVCR90.dll, xpsp2res.dll, CLBCATQ.DLL,
COMRes.dll, hpqcxs08.dll, SHFOLDER.dll,
msi.dll, SXS.DLL, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, IMAGEHLP.dll
jqs.exe 2132 ntdll.dll, kernel32.dll, WS2_32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
msvcrt.dll, WS2HELP.dll, MSVCR100.dll,
OLEAUT32.dll, GDI32.dll, USER32.dll,
ole32.dll, IMM32.DLL, psapi.dll, pdh.dll,
comdlg32.dll, COMCTL32.dll, SHELL32.dll,
SHLWAPI.dll, CRYPT32.dll, MSASN1.dll,
ODBC32.dll, odbcbcp.dll, VERSION.dll,
comctl32.dll, odbcint.dll, mswsock.dll,
hnetcfg.dll, wshtcpip.dll, perfos.dll,
perfdisk.dll
Communications_Helper.exe 2176 ntdll.dll, kernel32.dll, WINMM.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
GDI32.dll, USER32.dll, SHELL32.dll,
msvcrt.dll, SHLWAPI.dll, ole32.dll,
OLEAUT32.dll, ATL80.DLL, MSVCR80.dll,
MSVCP80.dll, SensApi.dll, IMM32.DLL,
comctl32.dll, comctl32.dll, uxtheme.dll,
MSCTF.dll, CLBCATQ.DLL, COMRes.dll,
VERSION.dll, msi.dll, xpsp2res.dll,
DevMngr.dll, SETUPAPI.dll, msctfime.ime,
LVMaEnum.dll, CFGMGR32.dll, HID.DLL,
MSVCP71.dll, MSVCR71.dll, LVComCX.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, wdmaud.drv, msacm32.drv,
MSACM32.dll, midimap.dll, EFVal.dll,
WINSPOOL.DRV, BRSkypePlugin.dll,
AolPlugin.dll, YahooPlugin.dll,
LCMServerPS.dll, SXS.DLL, ypagerps.dll
McciCMService.exe 2232 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, SHELL32.dll, msvcrt.dll,
SHLWAPI.dll, ole32.dll, OLEAUT32.dll,
USERENV.dll, CRYPT32.dll, MSASN1.dll,
imagehlp.dll, WINTRUST.dll, IMM32.DLL,
comctl32.dll, comctl32.dll, SETUPAPI.dll,
uxtheme.dll, xpsp2res.dll, CLBCATQ.DLL,
COMRes.dll, VERSION.dll
MDM.EXE 2440 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ole32.dll,
GDI32.dll, USER32.dll, msvcrt.dll,
OLEAUT32.dll, SHELL32.dll, SHLWAPI.dll,
VERSION.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, psapi.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll
svchost.exe 2488 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, hpzinw12.dll, WSOCK32.dll,
WS2_32.dll, WS2HELP.dll, NTMARTA.DLL,
SAMLIB.dll, WLDAP32.dll
nvsvc32.exe 2520 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, USERENV.dll, msvcrt.dll,
POWRPROF.dll, IMM32.DLL, wtsapi32.dll,
WINSTA.dll, NETAPI32.dll, SHELL32.dll,
SHLWAPI.dll, ole32.dll, COMCTL32.dll,
OLEAUT32.dll, comctl32.dll, nvapi.dll,
SETUPAPI.dll, uxtheme.dll, msctfime.ime,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, msv1_0.dll, cryptdll.dll,
iphlpapi.dll, WS2_32.dll, WS2HELP.dll,
Apphelp.dll, VERSION.dll, NTMARTA.DLL,
SAMLIB.dll, WLDAP32.dll
svchost.exe 2612 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, hpzipm12.dll, WSOCK32.dll,
WS2_32.dll, WS2HELP.dll, NTMARTA.DLL,
SAMLIB.dll, WLDAP32.dll
PRISMXL.SYS 2824 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, IMM32.DLL
svchost.exe 3036 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, ShimEng.dll,
AcGenral.DLL, USER32.dll, GDI32.dll,
WINMM.dll, ole32.dll, msvcrt.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, wiaservc.dll, CFGMGR32.dll,
setupapi.DLL, mscms.dll, WINSPOOL.DRV,
WINSTA.dll, NETAPI32.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll, WINTRUST.dll,
CRYPT32.dll, MSASN1.dll, IMAGEHLP.dll,
actxprxy.dll
TrueImageTryStartService. 3076 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, USER32.dll,
GDI32.dll, SHELL32.dll, msvcrt.dll,
SHLWAPI.dll, comdlg32.dll, COMCTL32.dll,
VERSION.dll, MSVCP71.dll, MSVCR71.dll,
acrotls.dll, MPR.dll, ole32.dll, IMM32.DLL,
comctl32.dll, resource.dll, gc.dll,
icu34.dll, icudt34.dll, uxtheme.dll,
SETUPAPI.dll, shfolder.dll
mqsvc.exe 3348 ntdll.dll, kernel32.dll, msvcrt.dll,
MQQM.dll, MSVCP60.dll, ACTIVEDS.dll,
adsldpc.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, NETAPI32.dll, USER32.dll,
GDI32.dll, WLDAP32.dll, ATL.DLL, ole32.dll,
OLEAUT32.dll, AUTHZ.dll, WSOCK32.dll,
WS2_32.dll, WS2HELP.dll, MSWSOCK.DLL,
mqutil.dll, CRYPT32.dll, MSASN1.dll,
mqsec.dll, Security.dll, ShimEng.dll,
AcGenral.DLL, WINMM.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
rsaenh.dll, comctl32.dll, comctl32.dll,
schannel.dll, MqLogMgr.dll, xolehlp.dll,
MSDTCPRX.dll, MTXCLU.DLL, COMRes.dll,
CLUSAPI.DLL, RESUTILS.DLL, DNSAPI.dll,
iphlpapi.dll, winrnr.dll, rasadhlp.dll,
hnetcfg.dll, wshtcpip.dll, wship6.dll
mqtgsvc.exe 3944 ntdll.dll, kernel32.dll, msvcrt.dll,
MSVCP60.dll, ATL.DLL, USER32.dll, GDI32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
OLEAUT32.dll, ole32.dll, mqrt.dll,
CRYPT32.dll, MSASN1.dll, mqsec.dll,
mqutil.dll, NETAPI32.dll, Security.dll,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
MSACM32.dll, VERSION.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, comctl32.dll, comctl32.dll,
CLBCATQ.DLL, COMRes.dll, MQTRIG.DLL,
clusapi.dll
COCIManager.exe 4008 ntdll.dll, kernel32.dll, MFC80.DLL,
MSVCR80.dll, msvcrt.dll, GDI32.dll,
USER32.dll, SHLWAPI.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, COMCTL32.dll,
ole32.dll, OLEAUT32.dll, IMM32.DLL,
MFC80ENU.DLL, uxtheme.dll, MSCTF.dll,
CLBCATQ.DLL, COMRes.dll, VERSION.dll,
msi.dll, xpsp2res.dll, msctfime.ime,
DevMngr.dll, WINMM.dll, SETUPAPI.dll,
SHELL32.dll, ATL80.DLL, MSVCP80.dll,
comctl32.dll, COCIManagerPS.dll,
LVMaEnum.dll, CFGMGR32.dll, HID.DLL,
MSVCP71.dll, MSVCR71.dll, LVComCX.dll,
SXS.DLL, WINTRUST.dll, CRYPT32.dll,
MSASN1.dll, IMAGEHLP.dll, wdmaud.drv,
msacm32.drv, MSACM32.dll, midimap.dll,
EFVal.dll, WINSPOOL.DRV
wmiprvse.exe 1596 ntdll.dll, kernel32.dll, msvcrt.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
USER32.dll, GDI32.dll, wbemcomn.dll,
ole32.dll, OLEAUT32.dll, FastProx.dll,
MSVCP60.dll, NTDSAPI.dll, DNSAPI.dll,
WS2_32.dll, WS2HELP.dll, NETAPI32.dll,
WLDAP32.dll, NCObjAPI.DLL, ShimEng.dll,
AcGenral.DLL, WINMM.dll, MSACM32.dll,
VERSION.dll, SHELL32.dll, SHLWAPI.dll,
USERENV.dll, UxTheme.dll, IMM32.DLL,
comctl32.dll, comctl32.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll, wbemsvc.dll,
wmiutils.dll, cimwin32.dll, framedyn.dll,
SETUPAPI.dll, WTSAPI32.dll, WINSTA.dll,
CRYPT32.dll, MSASN1.dll, rsaenh.dll,
SECURITY.DLL, schannel.dll, PSAPI.DLL,
CFGMGR32.DLL
alg.exe 3128 ntdll.dll, kernel32.dll, msvcrt.dll,
ATL.DLL, USER32.dll, GDI32.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
ole32.dll, OLEAUT32.dll, WSOCK32.dll,
WS2_32.dll, WS2HELP.dll, MSWSOCK.DLL,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
MSACM32.dll, VERSION.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, comctl32.dll, comctl32.dll,
CLBCATQ.DLL, COMRes.dll, xpsp2res.dll,
hnetcfg.dll, wshtcpip.dll
YAHOOM~1.EXE 3552 ntdll.dll, kernel32.dll, Secur32.dll,
ADVAPI32.dll, RPCRT4.dll, VERSION.dll,
COMCTL32.dll, msvcrt.dll, GDI32.dll,
USER32.dll, SHLWAPI.dll, WINMM.dll,
WSOCK32.dll, WS2_32.dll, WS2HELP.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
ole32.dll, OLEAUT32.dll, iertutil.dll,
YImage.dll, MSVCR80.dll, gdiplus.dll,
ylog.dll, MSVCP80.dll, IMM32.dll,
RICHED20.dll, YCPFoundation.dll, nspr4.dll,
COMDLG32.dll, SHELL32.dll, yui.dll,
MSIMG32.dll, YMSGLite.dll, YHTTP.dll,
RGX.dll, YCPSSL.dll, YAlertCenterM.DLL,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, ymdm_audio.dll, rmc_audio.dll,
ymdm_video.dll, core_video.dll, DDRAW.dll,
DCIMAN32.dll, d3d9.dll, d3d8thk.dll,
pcre.dll, XmlLite.dll, IPHLPAPI.DLL,
ConnectionWizard.dll, SETUPAPI.dll,
LVPrcInj.dll, uxtheme.dll, MSCTF.dll,
msctfime.ime, mswsock.dll, hnetcfg.dll,
wshtcpip.dll, RASAPI32.dll, rasman.dll,
NETAPI32.dll, TAPI32.dll, rtutils.dll,
USERENV.dll, msv1_0.dll, cryptdll.dll,
sensapi.dll
explorer.exe 4064 ntdll.dll, kernel32.dll, ADVAPI32.dll,
RPCRT4.dll, Secur32.dll, BROWSEUI.dll,
GDI32.dll, USER32.dll, msvcrt.dll,
ole32.dll, SHLWAPI.dll, OLEAUT32.dll,
SHDOCVW.dll, CRYPT32.dll, MSASN1.dll,
CRYPTUI.dll, NETAPI32.dll, VERSION.dll,
WININET.dll, Normaliz.dll, urlmon.dll,
iertutil.dll, WINTRUST.dll, IMAGEHLP.dll,
WLDAP32.dll, SHELL32.dll, UxTheme.dll,
ShimEng.dll, AcGenral.DLL, WINMM.dll,
MSACM32.dll, USERENV.dll, IMM32.DLL,
comctl32.dll, comctl32.dll, LVPrcInj.dll,
MSCTF.dll, msctfime.ime, appHelp.dll,
CLBCATQ.DLL, COMRes.dll, cscui.dll,
CSCDLL.dll, themeui.dll, MSIMG32.dll,
xpsp2res.dll, actxprxy.dll, msutb.dll,
LINKINFO.dll, ntshrui.dll, ATL.DLL,
SAMLIB.dll, msi.dll, SETUPAPI.dll,
ieframe.dll, NETSHELL.dll, credui.dll,
dot3api.dll, rtutils.dll, dot3dlg.dll,
OneX.DLL, WTSAPI32.dll, WINSTA.dll,
eappcfg.dll, MSVCP60.dll, eappprxy.dll,
iphlpapi.dll, WS2_32.dll, WS2HELP.dll,
mslbui.dll, webcheck.dll, MLANG.dll,
stobject.dll, BatMeter.dll, POWRPROF.dll,
WPDShServiceObj.dll, WINHTTP.dll,
mydocs.dll, VPCShExH.DLL,
PortableDeviceTypes.dll,
PortableDeviceApi.dll, fxsst.dll,
WINSPOOL.DRV, FXSAPI.dll, NTMARTA.DLL,
MpShHook.dll, MSVCR80.dll, MSVCP80.dll,
rsaenh.dll, SASSEH.DLL, SXS.DLL
firefox.exe 49648 ntdll.dll, kernel32.dll, USER32.dll,
GDI32.dll, MSVCR100.dll, IMM32.DLL,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
LVPrcInj.dll, mozglue.dll, nspr4.dll,
WSOCK32.dll, WS2_32.dll, msvcrt.dll,
WS2HELP.dll, WINMM.dll, MSVCP100.dll,
mozjs.dll, PSAPI.DLL, plc4.dll, plds4.dll,
nssutil3.dll, nss3.dll, smime3.dll,
ssl3.dll, mozsqlite3.dll, mozalloc.dll,
gkmedias.dll, USP10.dll, ole32.dll,
MSIMG32.dll, xul.dll, IPHLPAPI.DLL,
msdmo.dll, SHELL32.dll, SHLWAPI.dll,
VERSION.dll, UxTheme.dll, SETUPAPI.dll,
OLEAUT32.dll, comctl32.dll, xpcom.dll,
dbghelp.dll, MSCTF.dll, msctfime.ime,
CLBCATQ.DLL, COMRes.dll, mswsock.dll,
hnetcfg.dll, wshtcpip.dll, browsercomps.dll,
WINTRUST.dll, CRYPT32.dll, MSASN1.dll,
IMAGEHLP.dll, t2embed.dll, LZ32.dll,
xpsp2res.dll, feclient.dll, MPR.dll,
USERENV.dll, wship6.dll, DNSAPI.dll,
winrnr.dll, WLDAP32.dll, mscms.dll,
WINSPOOL.DRV, WININET.dll, Normaliz.dll,
urlmon.dll, iertutil.dll, RASAPI32.dll,
rasman.dll, NETAPI32.dll, TAPI32.dll,
rtutils.dll, msv1_0.dll, cryptdll.dll,
sensapi.dll, softokn3.dll, nssdbm3.dll,
rasadhlp.dll, freebl3.dll, nssckbi.dll,
mslbui.dll, shdocvw.dll, CRYPTUI.dll,
rsaenh.dll, icm32.dll, wdmaud.drv,
msacm32.drv, MSACM32.dll, midimap.dll
plugin-container.exe 51108 ntdll.dll, kernel32.dll, xul.dll, mozjs.dll,
nspr4.dll, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, WSOCK32.dll, WS2_32.dll,
msvcrt.dll, WS2HELP.dll, WINMM.dll,
GDI32.dll, USER32.dll, MSVCR100.dll,
mozglue.dll, PSAPI.DLL, MSVCP100.dll,
smime3.dll, nss3.dll, nssutil3.dll,
plc4.dll, plds4.dll, ssl3.dll,
mozsqlite3.dll, gkmedias.dll, mozalloc.dll,
USP10.dll, ole32.dll, MSIMG32.dll,
IPHLPAPI.DLL, msdmo.dll, SHELL32.dll,
SHLWAPI.dll, VERSION.dll, IMM32.dll,
UxTheme.dll, SETUPAPI.dll, OLEAUT32.dll,
comctl32.dll, LVPrcInj.dll, MSCTF.dll,
NPSWF32_11_5_502_146.dll, WININET.dll,
Normaliz.dll, urlmon.dll, iertutil.dll,
CRYPT32.dll, MSASN1.dll, DSOUND.dll,
COMDLG32.dll, mscms.dll, WINSPOOL.DRV,
CLBCATQ.DLL, COMRes.dll, mlang.dll,
schannel.dll, NETAPI32.dll, USERENV.dll,
msctfime.ime, icm32.dll, wdmaud.drv,
WINTRUST.dll, IMAGEHLP.dll, msacm32.drv,
MSACM32.dll, midimap.dll
cmd.exe 50464 ntdll.dll, kernel32.dll, msvcrt.dll,
USER32.dll, GDI32.dll, ShimEng.dll,
AcGenral.DLL, ADVAPI32.dll, RPCRT4.dll,
Secur32.dll, WINMM.dll, ole32.dll,
OLEAUT32.dll, MSACM32.dll, VERSION.dll,
SHELL32.dll, SHLWAPI.dll, USERENV.dll,
UxTheme.dll, IMM32.DLL, comctl32.dll,
comctl32.dll, LVPrcInj.dll, Apphelp.dll
tasklist.exe 50636 ntdll.dll, kernel32.dll, msvcrt.dll,
ADVAPI32.dll, RPCRT4.dll, Secur32.dll,
USER32.dll, GDI32.dll, MPR.dll, ole32.dll,
OLEAUT32.dll, WS2_32.dll, WS2HELP.dll,
framedyn.dll, NETAPI32.dll, DBGHELP.dll,
VERSION.dll, ShimEng.dll, AcGenral.DLL,
WINMM.dll, MSACM32.dll, SHELL32.dll,
SHLWAPI.dll, USERENV.dll, UxTheme.dll,
IMM32.DLL, comctl32.dll, comctl32.dll,
LVPrcInj.dll, MSCTF.dll, xpsp2res.dll,
CLBCATQ.DLL, COMRes.dll, wbemprox.dll,
wbemcomn.dll, Winsta.dll, wbemsvc.dll,
fastprox.dll, MSVCP60.dll, NTDSAPI.dll,
DNSAPI.dll, WLDAP32.dll


Report •

#190
January 20, 2013 at 12:15:40

Have sent the Module log of to Thisisu, and it shouldn't be to long before he reply's :)

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#191
January 21, 2013 at 03:35:53

Thisisu hows found the cause of the Bad Module warning and it was a false positive and it has been added to the whitelist for future JRT versions.
Here is the cause: DevMngr.dll where "Mngr.dll" string was matched.

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#192
January 21, 2013 at 04:04:04

Thanks for doing that MrGoodguy & welcome & thanks to Thisisu.

Report •

#193
January 21, 2013 at 04:09:58

Yes big thanks to Thisisu :)

Please reply and let us know if our help worked. Your feedback helps others. Maybe you?


Report •

#194
January 21, 2013 at 04:23:43

Thanks now I know it was a false positive. I was scared it was still something hidden. I went and got my e-mails out of outlook deleted a bunch of them because they were just junk I thought I may have to reload Windows XP. But now I should be OK. Thanks to all.

Report •

#195
January 21, 2013 at 04:56:38

ChristopherTGarrett said.
"Thanks to all"
YW, have fun.

Report •

#196
January 21, 2013 at 08:36:06

Good news. False positive - just one of those things I guess. Still, it was better to be safe than sorry.

Always pop back and let us know the outcome - thanks


Report •


Ask Question