Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log pc constantly freezing HELP


  • This topic is locked This topic is locked
19 replies to this topic

#1 fylter_2000

fylter_2000

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 31 December 2008 - 10:50 AM

hello. i have vista and an hp slimline pc. recently got a dsl modem and i think thats when the problem began. pc is just CONSTANTLY freezing. program not responding, over and over. heres my log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:16 AM, on 12/31/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\coreyg\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: *.netzero.com
O15 - Trusted Zone: *.netzero.net
O15 - Trusted Zone: www.runescape.com
O15 - Trusted Zone: http://client.silabsoft.org
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.0.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: TVTonic RSS (WXRSS) - Wavexpress, Inc. - C:\Program Files\Wavexpress\TVTonic\WXRSS.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7864 bytes

BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 10 January 2009 - 05:25 PM

Howdy, my name is Hoov, and I will be helping you with your dilemma.

Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread.

Here is what I am asking you to do during the repair of your computer

*Tell me everything that you have done, if anything, to try and fix this problem.

*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it.

*Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

*Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.

Now onto trying to fix your computer. I am looking over your log, and I will be back in a bit with some instructions.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 10 January 2009 - 05:45 PM

First I have found evidence that AVG was at one time installed. Did you remove it intentionally?

First please perform a scan with Panda ActiveScan - ActiveScan does not remove adware/spyware but will autoclean for viruses & worms.
http://www.pandasoftware.com/products/activescan.htm

1. Click "Scan Your PC".
2. A new window will open. Click "Check Now!".
3. Fill in your registration and click "Scan Now!".
4. You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.
5. A new window will appear asking "Do you want to install this software?" Name: asinst.cab.
6. Select "Install" to download the ActiveX controls that allows ActiveScan to run.
7. If running MSAS beta you may receive an alert that an IE ActiveX program requires your approval. Click "Allow".
8. Select a device to scan: Click on "Local Disks" [allow it to Auto Clean].
9. When the scan completes, if anything malicious is detected, click the "See Report button", then "Save Report" to your desktop.
10. Post back the results of your scan and any infected files that are found but not deleted.



Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#4 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 04:31 AM

thank you for your reply. here is the results of the panda activescan:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-01-16 04:30:17
PROTECTIONS: 1
MALWARE: 17
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.4205.0 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00003428 adware/memorywatcher Adware No 0 Yes No hkey_classes_root\vbrad.trayicon
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Local\Temp\Cookies\coreyg@trafficmp[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Local\Temp\Cookies\coreyg@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Local\Temp\Cookies\coreyg@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@atdmt[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@fastclick[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Local\Temp\Cookies\coreyg@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@burstnet[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@bs.serving-sys[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@www.burstbeacon[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@advertising[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@ads.pointroll[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@questionmarket[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@adrevolver[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Cookies\Low\coreyg@target[1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location ����� C5
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description ����� C5
;===================================================================================================================================================================================
;===================================================================================================================================================================================

#5 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 10:22 AM

and here is my malwarebytes scan results:

Malwarebytes' Anti-Malware 1.33
Database version: 1656
Windows 6.0.6001 Service Pack 1

1/16/2009 8:00:53 AM
mbam-log-2009-01-16 (08-00-53).txt

Scan type: Quick Scan
Objects scanned: 49034
Time elapsed: 8 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 26
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 16 January 2009 - 10:54 AM

If your computer is reacting faster, do a full scan with your antivirus. If not let me know. Also run hijackthis again and give me a new log. Also do you have a firewall installed and running? Are you behind a router or just the DSL modem?
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#7 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 11:15 AM

new log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:27 AM, on 1/16/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\coreyg\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\coreyg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: *.netzero.com
O15 - Trusted Zone: *.netzero.net
O15 - Trusted Zone: www.runescape.com
O15 - Trusted Zone: http://client.silabsoft.org
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\Windows\system32\CTsvcCDA.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
O23 - Service: lxcy_device - - C:\Windows\system32\lxcycoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: TVTonic RSS (WXRSS) - Wavexpress, Inc. - C:\Program Files\Wavexpress\TVTonic\WXRSS.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7623 bytes


no router just dsl, and i have windows firewall running at all times.

#8 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 16 January 2009 - 12:07 PM

Could you go to C:\Windows\SMINST\launcher.exe and rightclick launcher.exe,then select properties.What does it say on the Details tab? If it says soft thinks launcher for product name, then we can ignore it.


Download and scan with CCleaner
1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:
  • Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
  • Clean all the entries in the "Windows Explorer" section.
  • Clean all entries in the "System" section.
  • Clean all entries in the "Advanced" section.
  • Clean any others that you choose.

In the Applications Tab:
  • Clean all except cookies in the Firefox/Mozilla section if you use it.
  • Clean all in the Opera section if you use it.
  • Clean Sun Java in the Internet Section.
  • Clean any others that you choose.
4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.


Let me know about Launcher.exe and also did you uninstall AVG?
How is your computer running? Does the computer act the same all the time? What happens if you disconnect it from the internet?

Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#9 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 12:43 PM

it did say soft thinks launcher. yes i did remove avg. it was not compatable with many programs on vista for some reason. should i post a new log? i ran the ccleaner

#10 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 12:48 PM

am i using hijack this correctly? i seem to recall having to check or uncheck hidden files or something?

#11 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 16 January 2009 - 01:41 PM

You are using it right. How is your computer running? Does the computer act the same all the time? What happens if you disconnect it from the internet? If its still running poorly then we need to dig deeper. If its running fine, then we do some cleanup and are done. The hijackthis log is clean. There is some updating to do and minor tweaks.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#12 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:02:55 PM

Posted 16 January 2009 - 01:46 PM

Get the AVG Removal Tool and use it to clean up the last traces of AVG. Out of curiosity, were you using Version 8? That is what I have running on my Vista system and it works fine. Its what I am typing on right now.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#13 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 02:10 PM

not sure of the version...used the removal tool..........so far so good. any loose ends to tie up?

#14 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 02:13 PM

results of the avg removal: many not removed?

2009-01-16 19:11:54,839 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2009-01-16 19:11:54,839 WARN AvgDir param empty.
2009-01-16 19:11:54,839 WARN AvgDataDir param empty.
2009-01-16 19:11:56,555 INFO AvgRemover runs in attempt number 1
2009-01-16 19:11:56,555 INFO ***** Services *****
2009-01-16 19:11:56,555 INFO Processing service avg8emc
2009-01-16 19:11:56,633 INFO Service avg8emc is not installed
2009-01-16 19:11:56,633 DEBUG Service avg8emc RegCleanup
2009-01-16 19:11:56,633 DEBUG Registry keys for service avg8emc are not present
2009-01-16 19:11:56,633 INFO Processing service avgfws8
2009-01-16 19:11:56,665 INFO Service avgfws8 is not installed
2009-01-16 19:11:56,665 DEBUG Service avgfws8 RegCleanup
2009-01-16 19:11:56,665 DEBUG Registry keys for service avgfws8 are not present
2009-01-16 19:11:56,665 INFO Processing service avg8wd
2009-01-16 19:11:56,680 INFO Service avg8wd is not installed
2009-01-16 19:11:56,680 DEBUG Service avg8wd RegCleanup
2009-01-16 19:11:56,711 DEBUG Registry keys for service avg8wd are not present
2009-01-16 19:11:56,711 INFO Processing service AvgMfx86
2009-01-16 19:11:56,914 INFO Service AvgMfx86 is not installed
2009-01-16 19:11:56,914 DEBUG Service AvgMfx86 RegCleanup
2009-01-16 19:11:56,914 DEBUG Registry keys for service AvgMfx86 are not present
2009-01-16 19:11:56,914 INFO Processing service AvgMfx64
2009-01-16 19:11:56,914 INFO Service AvgMfx64 is not installed
2009-01-16 19:11:56,914 DEBUG Service AvgMfx64 RegCleanup
2009-01-16 19:11:56,914 DEBUG Registry keys for service AvgMfx64 are not present
2009-01-16 19:11:56,914 INFO Processing service AvgLdx86
2009-01-16 19:11:56,914 INFO Service AvgLdx86 is not installed
2009-01-16 19:11:56,914 DEBUG Service AvgLdx86 RegCleanup
2009-01-16 19:11:56,914 DEBUG Registry keys for service AvgLdx86 are not present
2009-01-16 19:11:56,914 INFO Processing service AvgLdx64
2009-01-16 19:11:56,945 INFO Service AvgLdx64 is not installed
2009-01-16 19:11:56,945 DEBUG Service AvgLdx64 RegCleanup
2009-01-16 19:11:56,945 DEBUG Registry keys for service AvgLdx64 are not present
2009-01-16 19:11:56,945 INFO Processing service AvgTdiX
2009-01-16 19:11:56,945 INFO Service AvgTdiX is not installed
2009-01-16 19:11:56,945 DEBUG Service AvgTdiX RegCleanup
2009-01-16 19:11:56,945 DEBUG Registry keys for service AvgTdiX are not present
2009-01-16 19:11:56,961 INFO Processing service AvgTdiA
2009-01-16 19:11:56,961 INFO Service AvgTdiA is not installed
2009-01-16 19:11:56,961 DEBUG Service AvgTdiA RegCleanup
2009-01-16 19:11:56,961 DEBUG Registry keys for service AvgTdiA are not present
2009-01-16 19:11:56,961 INFO Processing service AvgWFPx
2009-01-16 19:11:56,961 INFO Service AvgWFPx is not installed
2009-01-16 19:11:56,961 DEBUG Service AvgWFPx RegCleanup
2009-01-16 19:11:56,961 DEBUG Registry keys for service AvgWFPx are not present
2009-01-16 19:11:56,961 INFO Processing service AvgWFPa
2009-01-16 19:11:56,961 INFO Service AvgWFPa is not installed
2009-01-16 19:11:56,961 DEBUG Service AvgWFPa RegCleanup
2009-01-16 19:11:56,961 DEBUG Registry keys for service AvgWFPa are not present
2009-01-16 19:11:56,961 INFO Processing service AvgRkx86
2009-01-16 19:11:56,961 INFO Service AvgRkx86 is not installed
2009-01-16 19:11:56,977 DEBUG Service AvgRkx86 RegCleanup
2009-01-16 19:11:56,977 DEBUG Registry keys for service AvgRkx86 are not present
2009-01-16 19:11:56,977 INFO ***** Registry keys and values *****
2009-01-16 19:11:56,977 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2009-01-16 19:11:56,977 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2009-01-16 19:11:56,977 WARN Deleting value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} failed (error e0010058)
2009-01-16 19:11:56,992 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2009-01-16 19:11:56,992 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2009-01-16 19:11:56,992 WARN Deleting value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} failed (error e0010058)
2009-01-16 19:11:56,992 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2009-01-16 19:11:57,008 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2009-01-16 19:11:57,008 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2009-01-16 19:11:57,008 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2009-01-16 19:11:57,008 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2009-01-16 19:11:57,023 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2009-01-16 19:11:57,023 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2009-01-16 19:11:57,023 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2009-01-16 19:11:57,023 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2009-01-16 19:11:57,023 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2009-01-16 19:11:57,023 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2009-01-16 19:11:57,039 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2009-01-16 19:11:57,039 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension not present - Key not found
2009-01-16 19:11:57,039 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2009-01-16 19:11:57,039 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2009-01-16 19:11:57,039 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension not present - Key not found
2009-01-16 19:11:57,055 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2009-01-16 19:11:57,055 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2009-01-16 19:11:57,055 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs doesn't need to be modified
2009-01-16 19:11:57,055 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-01-16 19:11:57,055 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2009-01-16 19:11:57,055 WARN Deleting value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} failed (error e0010058)
2009-01-16 19:11:57,070 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-01-16 19:11:57,070 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2009-01-16 19:11:57,070 WARN Deleting value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} failed (error e0010058)
2009-01-16 19:11:57,086 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-01-16 19:11:57,086 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2009-01-16 19:11:57,086 WARN Deleting value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} failed (error e0010058)
2009-01-16 19:11:57,101 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2009-01-16 19:11:57,101 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2009-01-16 19:11:57,101 WARN Deleting value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} failed (error e0010058)
2009-01-16 19:11:57,117 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2009-01-16 19:11:57,117 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2009-01-16 19:11:57,117 WARN Deleting value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY failed (error e0010058)
2009-01-16 19:11:57,117 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2009-01-16 19:11:57,133 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2009-01-16 19:11:57,133 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2009-01-16 19:11:57,133 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2009-01-16 19:11:57,148 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2009-01-16 19:11:57,148 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2009-01-16 19:11:57,148 INFO Processing registry SOFTWARE\Classes\.avgdi
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\.avgdi not found
2009-01-16 19:11:57,148 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-01-16 19:11:57,148 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-01-16 19:11:57,164 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-01-16 19:11:57,164 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2009-01-16 19:11:57,164 INFO Processing registry SOFTWARE\AVG\Clients
2009-01-16 19:11:57,164 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2009-01-16 19:11:57,179 DEBUG Key SOFTWARE\AVG\Clients not found
2009-01-16 19:11:57,179 INFO Processing registry SOFTWARE\AVG\AVG8
2009-01-16 19:11:57,179 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2009-01-16 19:11:57,179 WARN Deleting key SOFTWARE\AVG\AVG8 failed (error e0010058)
2009-01-16 19:11:57,195 INFO Processing registry SOFTWARE\AVG
2009-01-16 19:11:57,195 DEBUG Value SOFTWARE\AVG:DumpType Remove
2009-01-16 19:11:57,195 WARN Deleting value SOFTWARE\AVG:DumpType failed (error e0010058)
2009-01-16 19:11:57,211 INFO Processing registry SOFTWARE\AVG
2009-01-16 19:11:57,211 DEBUG Key SOFTWARE\AVG Remove
2009-01-16 19:11:57,211 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2009-01-16 19:11:57,211 INFO Processing registry SOFTWARE\AVG\AVG8
2009-01-16 19:11:57,211 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2009-01-16 19:11:57,211 DEBUG Key SOFTWARE\AVG\AVG8 not found
2009-01-16 19:11:57,211 INFO Processing registry SOFTWARE\AVG
2009-01-16 19:11:57,226 DEBUG Key SOFTWARE\AVG Remove
2009-01-16 19:11:57,226 DEBUG Key SOFTWARE\AVG not found
2009-01-16 19:11:57,226 INFO Processing registry aAvgAPI.AvgBro
2009-01-16 19:11:57,226 DEBUG Key aAvgAPI.AvgBro ForceRemove
2009-01-16 19:11:57,226 DEBUG Key aAvgAPI.AvgBro not found
2009-01-16 19:11:57,226 INFO Processing registry AVG.Office
2009-01-16 19:11:57,242 DEBUG Key AVG.Office ForceRemove
2009-01-16 19:11:57,242 DEBUG Key AVG.Office not found
2009-01-16 19:11:57,242 INFO Processing registry AVG.Office.8
2009-01-16 19:11:57,242 DEBUG Key AVG.Office.8 ForceRemove
2009-01-16 19:11:57,242 DEBUG Key AVG.Office.8 not found
2009-01-16 19:11:57,242 INFO Processing registry avgtoolbar.AVGTOOLBAR
2009-01-16 19:11:57,257 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2009-01-16 19:11:57,257 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2009-01-16 19:11:57,257 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2009-01-16 19:11:57,257 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2009-01-16 19:11:57,257 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2009-01-16 19:11:57,257 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2009-01-16 19:11:57,273 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2009-01-16 19:11:57,273 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2009-01-16 19:11:57,273 INFO Processing registry LinkScannerIE.NavFilter
2009-01-16 19:11:57,289 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2009-01-16 19:11:57,289 WARN Deleting key LinkScannerIE.NavFilter failed (error e0010058)
2009-01-16 19:11:57,289 INFO Processing registry LinkScannerIE.NavFilter.1
2009-01-16 19:11:57,304 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2009-01-16 19:11:57,304 WARN Deleting key LinkScannerIE.NavFilter.1 failed (error e0010058)
2009-01-16 19:11:57,304 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2009-01-16 19:11:57,304 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2009-01-16 19:11:57,304 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2009-01-16 19:11:57,304 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2009-01-16 19:11:57,320 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2009-01-16 19:11:57,320 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2009-01-16 19:11:57,320 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2009-01-16 19:11:57,320 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2009-01-16 19:11:57,320 WARN Deleting key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} failed (error e0010058)
2009-01-16 19:11:57,335 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2009-01-16 19:11:57,335 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2009-01-16 19:11:57,335 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2009-01-16 19:11:57,335 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2009-01-16 19:11:57,335 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2009-01-16 19:11:57,335 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2009-01-16 19:11:57,335 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2009-01-16 19:11:57,351 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2009-01-16 19:11:57,351 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2009-01-16 19:11:57,351 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2009-01-16 19:11:57,351 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2009-01-16 19:11:57,351 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2009-01-16 19:11:57,351 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2009-01-16 19:11:57,367 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2009-01-16 19:11:57,367 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2009-01-16 19:11:57,367 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2009-01-16 19:11:57,367 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2009-01-16 19:11:57,367 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2009-01-16 19:11:57,367 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2009-01-16 19:11:57,382 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2009-01-16 19:11:57,382 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2009-01-16 19:11:57,382 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2009-01-16 19:11:57,382 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2009-01-16 19:11:57,382 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2009-01-16 19:11:57,382 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2009-01-16 19:11:57,382 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2009-01-16 19:11:57,382 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2009-01-16 19:11:57,382 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2009-01-16 19:11:57,398 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2009-01-16 19:11:57,398 WARN Deleting key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} failed (error e0010058)
2009-01-16 19:11:57,398 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2009-01-16 19:11:57,398 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2009-01-16 19:11:57,398 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2009-01-16 19:11:57,398 INFO ***** Files and folders *****
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 0
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 1
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 2
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 3
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 4
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 5
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 6
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 7
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 8
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 9
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 10
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 11
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 12
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 13
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 14
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 15
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 16
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 17
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 18
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 19
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 20
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 21
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 22
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 23
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 24
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 25
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 26
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 27
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 28
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 29
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 30
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 31
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 32
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 33
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 34
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 35
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 36
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 37
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 38
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 39
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 40
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 41
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 42
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 43
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 44
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 45
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 46
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 47
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 48
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 49
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 50
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 51
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 52
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 53
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 54
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 55
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 56
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 57
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 58
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 59
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 60
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 61
2009-01-16 19:11:57,413 DEBUG Missing ParentDir path for fileItem number 62
2009-01-16 19:11:57,413 DEBUG Processing item C:\Users\coreyg\AppData\Roaming\AVGTOOLBAR
2009-01-16 19:11:57,413 INFO Directory C:\Users\coreyg\AppData\Roaming\AVGTOOLBAR not found
2009-01-16 19:11:57,413 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,413 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32\Drivers
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32\Drivers\avg
2009-01-16 19:11:57,429 INFO Directory C:\Windows\System32\Drivers\avg not found
2009-01-16 19:11:57,429 DEBUG Processing item C:\Windows\System32
2009-01-16 19:11:57,429 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0
2009-01-16 19:11:57,429 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg 8.0 not found
2009-01-16 19:11:57,429 DEBUG Processing item C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0
2009-01-16 19:11:57,429 INFO Directory C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avg free 8.0 not found
2009-01-16 19:11:57,445 DEBUG Processing item C:\Users\Public\Desktop\avg 8.0.lnk
2009-01-16 19:11:57,445 INFO File C:\Users\Public\Desktop\avg 8.0.lnk not found
2009-01-16 19:11:57,445 DEBUG Processing item C:\Users\Public\Desktop\avg free 8.0.lnk
2009-01-16 19:11:57,445 INFO File C:\Users\Public\Desktop\avg free 8.0.lnk not found
2009-01-16 19:11:57,445 DEBUG Processing item C:\Program Files\AVG
2009-01-16 19:11:57,445 DEBUG Directory C:\Program Files\AVG not deleted (error e0010058)
2009-01-16 19:11:57,445 INFO ***** Avg Fw NDIS driver *****
2009-01-16 19:11:57,975 INFO FW NDIS driver not present

#15 fylter_2000

fylter_2000
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 16 January 2009 - 02:36 PM

also my event viewer is loaded with events(1,588 under operationa)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users