Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PAV.EXE on Windows XP home


  • Please log in to reply
11 replies to this topic

#1 griz_fan

griz_fan

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 17 August 2009 - 03:44 PM

Hi,

My daughter's Windows XP Home notebook computer appears to have at least the PAV.EXE malware on it, perhaps more. I've flailed about trying to fix it on my own, but it keeps coming back. I've been using Malwarebytes, but no luck. Also, all links to AV and anti-malware websites are being redirected to sites like stopzilla. there's the random BSOD, too. So, now that I've discovered bleepingcomputer.com, time to stop flailing about in a random fashion and get some expert advice. I have several non-infected Vista computers, flash drives and optical drives at my disposal. What should my next steps be to better identify and describe the problem, etc...

thanks!

BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 17 August 2009 - 03:49 PM

Hi and welcome to BC.

Please do this...

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive.
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
==========

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Please download DrWeb-CureIt and save it to your desktop. DO NOT perform a scan yet.

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on launch.exe to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the Virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All.
  • When complete, click Select All, then choose Cure > Move incurable.
    (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • Now put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and UNcheck "Heuristic analysis" under the "Scanning" tab, then click Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • When the scan is complete, a message will be displayed at the bottom indicating if any viruses were found.
  • Click "Yes to all" if asked to cure or move the file(s) and select "Move incurable".
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)
==========

With your next post please provide:

* RootRepeal log
* DrWeb log
* How is your computer running now?

Kind regards,
~t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 griz_fan

griz_fan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 17 August 2009 - 10:50 PM

Hi,

thanks for all the help. I followed the instructions, but DrWeb-CureIt threw a hard error while running in safe mode. I came back to the PC and it had rebooted, I found this in the event viewer:

Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Date: 8/17/2009
Time: 9:40:05 PM
User: N/A
Computer: ABBY
Description:
Error code 100000d1, parameter1 e1991000, parameter2 00000002, parameter3 00000000, parameter4 f7f910a5.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 53 79 73 74 65 6d 20 45 System E
0008: 72 72 6f 72 20 20 45 72 rror Er
0010: 72 6f 72 20 63 6f 64 65 ror code
0018: 20 31 30 30 30 30 30 64 100000d
0020: 31 20 20 50 61 72 61 6d 1 Param
0028: 65 74 65 72 73 20 65 31 eters e1
0030: 39 39 31 30 30 30 2c 20 991000,
0038: 30 30 30 30 30 30 30 32 00000002
0040: 2c 20 30 30 30 30 30 30 , 000000
0048: 30 30 2c 20 66 37 66 39 00, f7f9
0050: 31 30 61 35 10a5


RootRepeal Log

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/17 20:11
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEDD45000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8A5E000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF80F2000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\WINDOWS\system32\UACawwkspwsqe.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\uacinit.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\UACntikjbnrmm.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\UACpcxkdmrrsi.dat
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\UACsyfwbwulno.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\UACufxbfxyuhj.dll
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\UAC1975.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\UAC1b74.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\UAC6cdc.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\UAC8a33.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\UAC9147.tmp
Status: Invisible to the Windows API!

Path: c:\windows\temp\perflib_perfdata_7cc.dat
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\WINDOWS\Temp\UACd83f.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\system32\drivers\UACqerfoepxev.sys
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Owner\Local Settings\Temp\UAC9ac9.tmp
Status: Invisible to the Windows API!

Path: D:\System Volume Information
Status: Invisible to the Windows API!

Path: D:\Recycled
Status: Invisible to the Windows API!

Path: D:\RCBoot.sys
Status: Invisible to the Windows API!

Path: D:\MiniNT
Status: Invisible to the Windows API!

Path: D:\NTDETECT.COM
Status: Invisible to the Windows API!

Path: D:\NTLDR
Status: Invisible to the Windows API!

Path: D:\stldr
Status: Invisible to the Windows API!

Path: D:\I386
Status: Invisible to the Windows API!

Path: D:\MASTER.LOG
Status: Invisible to the Windows API!

Path: D:\Autorun.inf
Status: Invisible to the Windows API!

Path: D:\GRAPH
Status: Invisible to the Windows API!

Path: D:\GRAPH16
Status: Invisible to the Windows API!

Path: D:\Info.exe
Status: Invisible to the Windows API!

Path: D:\MOVE
Status: Invisible to the Windows API!

Path: D:\UPDGOI
Status: Invisible to the Windows API!

Path: D:\warning.bmp
Status: Invisible to the Windows API!

Path: D:\WIN51
Status: Invisible to the Windows API!

Path: D:\WIN51.B2
Status: Invisible to the Windows API!

Path: D:\WIN51.RC1
Status: Invisible to the Windows API!

Path: D:\WIN51.RC2
Status: Invisible to the Windows API!

Path: D:\WIN51IC
Status: Invisible to the Windows API!

Path: D:\WIN51IC.B2
Status: Invisible to the Windows API!

Path: D:\WIN51IC.RC1
Status: Invisible to the Windows API!

Path: D:\WIN51IC.RC2
Status: Invisible to the Windows API!

Path: D:\WIN51IP
Status: Invisible to the Windows API!

Path: D:\WIN51IP.B2
Status: Invisible to the Windows API!

Path: D:\WIN51IP.RC2
Status: Invisible to the Windows API!

Path: D:\WIN51IP.SP1
Status: Invisible to the Windows API!

Path: D:\WINBOM.INI
Status: Invisible to the Windows API!

Path: D:\XGA
Status: Invisible to the Windows API!

Path: D:\NTFS
Status: Invisible to the Windows API!

Path: D:\MENUND
Status: Invisible to the Windows API!

Path: D:\Desktop.ini
Status: Invisible to the Windows API!

Path: D:\Folder.htt
Status: Invisible to the Windows API!

Path: D:\protect.ed
Status: Invisible to the Windows API!

Path: D:\BATCH.LOG
Status: Invisible to the Windows API!

Path: D:\MassStorage.log
Status: Invisible to the Windows API!

Path: D:\FULL
Status: Invisible to the Windows API!

Path: D:\System Restore
Status: Invisible to the Windows API!

Path: D:\USER
Status: Invisible to the Windows API!

Path: D:\BATCH.OLD
Status: Invisible to the Windows API!

Path: D:\Preload
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}
Status: Invisible to the Windows API!

Path: D:\Recycled\INFO2
Status: Invisible to the Windows API!

Path: D:\Recycled\DESKTOP.INI
Status: Invisible to the Windows API!

Path: D:\MiniNT\biosinfo.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\bootfix.bin
Status: Invisible to the Windows API!

Path: D:\MiniNT\debug
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\msagent
Status: Invisible to the Windows API!

Path: D:\MiniNT\NTDETECT.COM
Status: Invisible to the Windows API!

Path: D:\MiniNT\Security
Status: Invisible to the Windows API!

Path: D:\MiniNT\setupapi.log
Status: Invisible to the Windows API!

Path: D:\MiniNT\setupldr.bin
Status: Invisible to the Windows API!

Path: D:\MiniNT\setupldr.nor
Status: Invisible to the Windows API!

Path: D:\MiniNT\setupldr.sif
Status: Invisible to the Windows API!

Path: D:\MiniNT\spcmdcon.sys
Status: Invisible to the Windows API!

Path: D:\MiniNT\system32
Status: Invisible to the Windows API!

Path: D:\MiniNT\txtsetup.nor
Status: Invisible to the Windows API!

Path: D:\MiniNT\winbom.ini
Status: Invisible to the Windows API!

Path: D:\MiniNT\WinSxS
Status: Invisible to the Windows API!

Path: D:\MiniNT\boot
Status: Invisible to the Windows API!

Path: D:\MiniNT\txtsetup.sif
Status: Invisible to the Windows API!

Path: D:\MiniNT\Folder.htt
Status: Invisible to the Windows API!

Path: D:\MiniNT\Protect.ed
Status: Invisible to the Windows API!

Path: D:\MiniNT\Desktop.ini
Status: Invisible to the Windows API!

Path: D:\MiniNT\Warning.bmp
Status: Invisible to the Windows API!

Path: D:\I386\DRIVER.CAB
Status: Invisible to the Windows API!

Path: D:\I386\Apps
Status: Invisible to the Windows API!

Path: D:\I386\DRV
Status: Invisible to the Windows API!

Path: D:\I386\Folder.htt
Status: Invisible to the Windows API!

Path: D:\I386\Protect.ed
Status: Invisible to the Windows API!

Path: D:\I386\Desktop.ini
Status: Invisible to the Windows API!

Path: D:\I386\Warning.bmp
Status: Invisible to the Windows API!

Path: D:\I386\Boot.img
Status: Invisible to the Windows API!

Path: D:\UPDGOI\RP
Status: Invisible to the Windows API!

Path: D:\UPDGOI\CREATOR
Status: Invisible to the Windows API!

Path: D:\UPDGOI\OPTIONS
Status: Invisible to the Windows API!

Path: D:\UPDGOI\PRDSMIMG
Status: Invisible to the Windows API!

Path: D:\UPDGOI\SMINST
Status: Invisible to the Windows API!

Path: D:\UPDGOI\SYSPREP.INF
Status: Invisible to the Windows API!

Path: D:\UPDGOI\TEMP
Status: Invisible to the Windows API!

Path: D:\UPDGOI\Folder.htt
Status: Invisible to the Windows API!

Path: D:\UPDGOI\Protect.ed
Status: Invisible to the Windows API!

Path: D:\UPDGOI\Desktop.ini
Status: Invisible to the Windows API!

Path: D:\UPDGOI\Warning.bmp
Status: Invisible to the Windows API!

Path: D:\System Restore\Folder.htt
Status: Invisible to the Windows API!

Path: D:\System Restore\Desktop.ini
Status: Invisible to the Windows API!

Path: D:\System Restore\Warning.bmp
Status: Invisible to the Windows API!

Path: D:\System Restore\Protect.ed
Status: Invisible to the Windows API!

Path: D:\Preload\CD
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1028
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1011
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1000
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1014
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP993
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1012
Status: Invisible to the Windows API!

Path: D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1013
Status: Invisible to the Windows API!

Path: D:\MiniNT\debug\NetSetup.LOG
Status: Invisible to the Windows API!

Path: D:\MiniNT\debug\PASSWD.LOG
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\arial.ttf
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\arialbd.ttf
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\ariali.ttf
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\marlett.ttf
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\sserife.fon
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\tahomabd.ttf
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\vgaoem.fon
Status: Invisible to the Windows API!

Path: D:\MiniNT\Fonts\vgasys.fon
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\yk51x86.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\b57win32.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\iastor.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\iaahci.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\akspccard.cat
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\akspccard.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\akspccard.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\aksusb.cat
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\aksusb.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\aksusb.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\aks_mf.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\aks_mf.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e1000325.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e1000nt5.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e100a325.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e100ant5.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e100b325.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\e100bnt5.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\FONT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\FONT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\hlntcard.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\hlntcard.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\hsntcard.inf
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\hsntcard.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\INTL.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\INTL.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\LAYOUT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\LAYOUT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET10.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET10.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET1394.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET1394.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET21X4.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET21X4.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C556.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C556.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C589.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C589.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C985.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3C985.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3SR.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET3SR.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET5515N.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET5515N.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET557.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET557.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET559IB.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET559IB.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET575NT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET575NT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET650D.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET650D.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET656C5.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET656C5.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET656N5.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET656N5.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET713.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET713.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET83820.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET83820.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET8511.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NET8511.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAC300.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAC300.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETALI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETALI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMBI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMBI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMD.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMD.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMD2.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMD2.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMDHL.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAMDHL.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAN983.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAN983.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETANA.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETANA.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETASP2K.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETASP2K.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAUNI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETAUNI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETB57XP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETB57XP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4E.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4E.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4P.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4P.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4U.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBCM4U.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBEAC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBEAC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRDGM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRDGM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRDGS.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRDGS.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRZW.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETBRZW.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCB102.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCB102.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCB325.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCB325.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCBE.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCBE.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCE2.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCE2.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCE3.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCE3.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM28.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM28.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM33.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM33.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM56.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCEM56.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCICAP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCICAP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCIS.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCIS.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCLASS.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCLASS.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQG.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQG.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQMT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCPQMT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCTMRK.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETCTMRK.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDAV.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDAV.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDEFXA.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDEFXA.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDF650.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDF650.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDGDXB.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDGDXB.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDLH5X.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDLH5X.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETDM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETE1000.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETE1000.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETE100I.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETE100I.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEJXMP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEJXMP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL515.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL515.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL574.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL574.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL5X9.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL5X9.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL90A.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL90A.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL90B.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL90B.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL980.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL980.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL99X.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEL99X.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPICN.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPICN.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPRO.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPRO.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPVCM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPVCM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPVCP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEPVCP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEX10.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETEX10.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETF56N5.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETF56N5.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFA312.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFA312.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFA410.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFA410.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFJVI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFJVI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFJVJ.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFJVJ.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFORE.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFORE.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFOREH.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFOREH.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFXOCM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETFXOCM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETGPC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETGPC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIAS.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIAS.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIBM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIBM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIBM2.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIBM2.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIP6.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIP6.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIPRIP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIPRIP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIRDA.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIRDA.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIRSIR.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETIRSIR.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETKLSI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETKLSI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETKTC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETKTC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLANEM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLANEM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLANEP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLANEP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLM56.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLM56.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLNEV2.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLNEV2.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLOOP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLOOP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLPD.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETLPD.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMADGE.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMADGE.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMHZN5.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMHZN5.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMSCLI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETMSCLI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNB.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNB.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNF3.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNF3.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNGR.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNGR.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNM.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNM.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNOVEL.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNOVEL.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNWCLI.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNWCLI.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNWLNK.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETNWLNK.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOSI2C.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOSI2C.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOSI5.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETOSI5.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPC100.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPC100.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPNIC.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPNIC.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPSA.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPSA.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPSCHD.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPSCHD.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPWR2.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETPWR2.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRASA.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRASA.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRASS.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRASS.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRAST.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRAST.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRLW2K.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRLW2K.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRSVP.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRSVP.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRTPNT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRTPNT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRTSNT.INF
Status: Invisible to the Windows API!

Path: D:\MiniNT\inf\NETRTSNT.PNF
Status: Invisible to the Windows API!

Path: D:\MiniNT\Stealth Objects
-------------------
Object: Hidden Module [Name: UACsyfwbwulno.dll]
Process: svchost.exe (PID: 1764) Address: 0x00700000 Size: 73728

Object: Hidden Module [Name: UAC1b74.tmpfxyuhj.dll]
Process: svchost.exe (PID: 1764) Address: 0x10000000 Size: 217088

Hidden Services
-------------------
Service Name: UACd.sys
Image Path: C:\WINDOWS\system32\drivers\UACqerfoepxev.sys

==EOF==

RootRepeal error Log

20:21:14: Could not enumerate files in dir \'\\?\D:\*\' with the Windows API! Error code - 0x00000570
20:21:14: Could not enumerate files in dir \'\\?\D:\System Volume Information\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\Recycled\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\I386\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\UPDGOI\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\System Restore\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\Preload\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\debug\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\Fonts\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\inf\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\msagent\*\' with the Windows API! Error code - 0x000003ed
20:21:14: Could not enumerate files in dir \'\\?\D:\MiniNT\Security\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\DRV\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\RP\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\CREATOR\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\OPTIONS\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\PRDSMIMG\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\SMINST\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\UPDGOI\TEMP\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1028\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1011\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1000\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1014\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP993\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1012\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP1013\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\msagent\intl\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\Security\intl\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\CatRoot\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\CatRoot2\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\config\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\drivers\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\RES256\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\DBLENV\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\Manifests\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.TOOLS.VISUALCPLUSPLUS.RUNTIME-LIBRARIES_6595B64144CCF1DF_6.0.0.0_X-WW_FF9986D7\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_F7FB5805\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.WINDOWS.CPLUSPLUSRUNTIME_6595B64144CCF1DF_7.0.0.0_X-WW_2726E76A\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.WINDOWS.CPLUSPLUSRUNTIME_6595B64144CCF1DF_7.0.10.0_X-WW_D8862BA3\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.0.0_X-WW_8D353F13\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.10.0_X-WW_712BEFD8\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_POLICY.1.0.MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.10.0_X-WW_7EF38638\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_POLICY.6.0.MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.10.0_X-WW_3B30EA6A\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\MiniNT\WinSxS\X86_POLICY.7.0.MICROSOFT.WINDOWS.CPLUSPLUSRUNTIME_6595B64144CCF1DF_7.0.10.0_X-WW_F586DE6B\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\Dta\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App00831\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01496\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01980\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App02237\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App02771\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App02892\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App03011\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App03040\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App04924\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App05550\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App05551\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App06651\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App06821\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07033\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07865\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App08572\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App08615\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App08760\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10224\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10402\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App12072\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App14093\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App14484\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App14562\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App15472\*\' with the Windows API! Error code - 0x000003ed
20:21:15: Could not enumerate files in dir \'\\?\D:\I386\Apps\App17400\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App18467\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App19176\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App20047\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App20164\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App20460\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App21287\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22216\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App23117\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25291\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25908\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App26719\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App27338\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28709\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28864\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28956\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App29008\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30984\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App31728\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32136\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32554\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01175\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07888\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09143\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09366\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09446\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10571\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App12833\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13338\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App16100\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App17155\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App17485\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App17871\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App18426\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App18648\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App20648\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App21772\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App24078\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25361\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25433\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App26163\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App29910\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\DRV\NET\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\DRV\MOD\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\DRV\SND\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\UPDGOI\RP\MININT\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\drivers\etc\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\DBLENV\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\MANUAL\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\VIRUSDEF\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01496\MSC\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01496\RGW\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App02892\WINDOWS\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10224\IE\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10224\MONEY\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App10224\PSS\*\' with the Windows API! Error code - 0x000003ed
20:21:16: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\common files\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero burnrights\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\utilities\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\BP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\DK\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\FI\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\FR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\GR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\IT\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\JP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\KR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\LS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\NL\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\NO\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\SC\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\SE\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\TC\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\TH\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25297\US\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\WIN2000\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\WIN2000\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\WIN2003\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\WIN98SE\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\WINME\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App32744\XP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\ERROR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\IMAGES\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\ISPERROR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\REGERROR\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07888\LUSETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09446\HTML\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\MEDIA\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\WINDOWS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\UPDGOI\RP\MININT\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TempDir\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\MiniNT\system32\DBLENV\SYSTEM32\RES256\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ADBLCK\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\FIREWALL\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\PCONTROL\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\PRIVACY\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SYMLT\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\CCCOMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\DCOM98\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\FRE\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\HELPMSI\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\LIVEREG\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\LUPDATE\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\MSI\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\NISTOOLS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\PROXY\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SCRBLOCK\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SEVINST\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SPAMDEFS\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SPBBC\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMLNCH\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMSC\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01496\MSC\SHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App02892\WINDOWS\TIINST\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\common files\audioplugins\*\' with the Windows API! Error code - 0x000003ed
20:21:17: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\common files\dsfilters\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\common files\LIB\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\I386\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\INCD\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\sharedi386\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd 4\W9X\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\I386\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\INCD\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\sharedi386\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\incd reader\W9X\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\copy cd or dvd\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\create disc image\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\data cd\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\MUSIC\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\MANUALS\VIDEO\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero burnrights\neroburnrights\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\coverdesigner\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\NERO\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero backitup\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero soundtrax\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero startsmart\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero toolkit\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero wave editor\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\SYSTEM\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\WMPBURN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ARA\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ARB\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\CHS\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\CHT\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\CSY\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\DAN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\DEU\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ELL\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ENG\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ENU\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ESP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\FIN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\FRA\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\FRC\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\HEB\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\HUN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\ITA\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\JPN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\KOR\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\NLD\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\NOR\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\PLK\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\PTB\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\PTG\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\RUS\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\SVE\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\THA\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App28582\LANG\TRK\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\DSLMAIN\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\ISPSGNUP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\OEMCUST\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\OEMHW\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App07158\HTML\OEMREG\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09446\HTML\OEMCUST\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\ACS\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\AOL\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\ART\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\ASP\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\COACH\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\DESKBAR\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\FLASH\*\' with the Windows API! Error code - 0x000003ed
20:21:18: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\FW\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\OCP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\PORT\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\QT\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\RP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\SYSINFO\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\TB\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\TOOLBAR\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\TPSPD\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App13914\COMPS\VWPT\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PLUG_INS\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\TUTORIAL\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\REDIST\DIRECTX\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\REDIST\IE6\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\SYSTEM32\REDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\OWC10\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\OWC11\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\SETUP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\WINDOWS\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\COMMONFI\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\NORTON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\SYMANTEC\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ADBLCK\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\FIREWALL\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\PCONTROL\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\PCONTROL\SYMANTEC\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\PRIVACY\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SETUP\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SETUP\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SYMLT\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SYMLT\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\CCCOMMON\CCCOMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\HELPMSI\EXTERNAL\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\PROXY\CCPXYCRE\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\PROXY\CCPXYEXT\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\REDIST\MSREDIST\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SPBBC\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMSC\SYMWMIAV\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMSC\SYMWMIIS\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\common files\audioplugins\MSA7\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\coverdesigner\templates\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\NERO\CDI\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\NERO\MANUALS\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\NERO\uninstall\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\nero oem\nero wave editor\PRESETS\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\BCKG\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\INFO\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\LOGO\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App09446\HTML\OEMCUST\aoldialers\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\DAO\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\PI\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\PROOF\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\WKSHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\1033\MOVIES\*\' with the Windows API! Error code - 0x000003ed
20:21:19: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\BORDER\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\BRUSHES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\EDGES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\EMPHASIS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PREVIEWS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\SHAPES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\TEXTEFF\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\TEXTURES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\WARPS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\MSSHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\DMCONTNT\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\PROFILES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\SHRMUSIC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\SYSTEM32\REDIST\MS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\MSOFFICE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\WINDOWS\INF\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\COMMONFI\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\NORTON\APP\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\SYMANTEC\NORTON\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ADBLCK\COMMON\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\COMMON\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\APP\IDSDEFS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\SYMSHARE\ADBLCK\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\SYMSHARE\OPTIONS\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ISCOMMON\SYMSHARE\SPBBC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SETUP\SYMSHARE\ADBLCK\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\SETUP\SYMSHARE\ANTISPAM\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\HELPMSI\EXTERNAL\COMMON\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\REDIST\MSREDIST\ANSI\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SPBBC\COMMON\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\SYSTEM\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\SYSTEM32\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMSC\SYMWMIAV\SYMSC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMSC\SYMWMIIS\SYMSC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\LOGO\DEFAULT\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App22320\REDIST\IMAGES\LOGO\NERO\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\COMMON\MSSHARED\PI\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\EDGES\BYOP\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\EDGES\DESIGNER\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\EDGES\PHRASES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\SHAPES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\TEXTURES\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\TEXTEFF\ARTISTIC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\TEXTEFF\EXOTIC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\TEXTEFF\TRADITN\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\MSSHARED\PI\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\MSSHARED\PSDMUSTL\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\MSSHARED\WKSHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\PI\PROFILES\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\SYSTEM32\REDIST\MS\SYSTEM\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\COMMON\MSSHARED\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\MSOFFICE\OFFICE11\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\COMMONFI\SYMSHARE\SPBBC\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\NORTON\APP\WIN98NT\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\NORTON\APP\WINME\*\' with the Windows API! Error code - 0x000003ed
20:21:20: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\NORTON\APP\WINXP\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\NAV\EXTERNAL\SYMANTEC\NORTON\TASKS\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ADBLCK\COMMON\SYMSHARE\ADBLCK\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ADBLCK\COMMON\SYMSHARE\OPTIONS\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\COMMON\SYMSHARE\ANTISPAM\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SETUP\ASCORE\COMMON\SYMSHARE\OPTIONS\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\HELPMSI\EXTERNAL\COMMON\SYMSHARE\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SPBBC\COMMON\SYMSHARE\SPBBC\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\SYMSHARE\IDS\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\SYMNET\SYMNET\SYSTEM32\DRIVERS\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\ARTSTROK\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\CLREDGE\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\CREATIVE\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\DISTORT\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\PHOSTROK\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\PI\PIFILES\PAINT\BRUSHES\STMPEDGE\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App25667\POD\COMMON\MSSHARED\PI\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\COMMON\MSSHARED\DW\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\MSOFFICE\OFFICE11\1033\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App01317\SUPPORT\HELPMSI\EXTERNAL\COMMON\SYMSHARE\HELP\*\' with the Windows API! Error code - 0x000003ed
20:21:21: Could not enumerate files in dir \'\\?\D:\I386\Apps\App30227\FILES\PFILES\COMMON\MSSHARED\DW\1033\*\' with the Windows API! Error code - 0x000003ed


I'll give Dr.Web CureIt another try...

Thanks!

#4 griz_fan

griz_fan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 17 August 2009 - 11:52 PM

Set XP not to reboot on BSOD so I could catch the error while running the full scan in Dr.Web Cure in safe mode. The express scan ran with no errors, but about 1/3 into the full scan, Windows throws a BSOD, DRIVER_IRQL_NOT_LESS_OR_EQUAL, with a STOP: 0x000000D1 error. Any ideas or next steps?

#5 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:05:12 PM

Posted 18 August 2009 - 12:06 AM

Use Rootrepeal to do just a file scan of C drive

Path: C:\WINDOWS\system32\drivers\UACqerfoepxev.sys
Status: Invisible to the Windows API!


Highlight this line and choose Wipe File

Immediately reboot and then update MBAM and run a quick scan

Back to you THC.....
Chewy

No. Try not. Do... or do not. There is no try.

#6 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 18 August 2009 - 07:02 AM

Thanks Chewy! :thumbsup:

Post the MBAM Quick Scan results when ready.
Thanks,
~t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#7 griz_fan

griz_fan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 18 August 2009 - 11:45 AM

Thanks for all the help, I seem to be making some good progress. Per instructions, I fired up RootRepeal again and wiped C:\WINDOWS\system32\drivers\UACqerfoepxev.sys, rebooted and started MBAM. While MBAM was scanning, Avast started its own scan and found several viruses, which I had Avast deleted. Unfortunately, I had to leave for work this morning before MBAM could finish, but it had found 7 infections already. When I get home from work tonight, I'll verify that MBAM had completed its run and post the results. Is there anything else, such as an Avast log, that might help?

again, thank you so much for the help!

#8 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 18 August 2009 - 12:50 PM

Good!
Yes. Please post the Avast log along with the MBAM results.
Thanks,
~t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#9 griz_fan

griz_fan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 18 August 2009 - 08:45 PM

HI,

Things seem a lot better now that I've ran MBAM again. First, here's the Avast log:

8/18/2009 7:32:51 PM SYSTEM 916 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
8/18/2009 7:40:49 AM SYSTEM 916 Sign of "Win32:Fasec [Trj]" has been found in "C:\WINDOWS\Temp\UACd83f.tmp" file.
8/18/2009 7:39:44 AM SYSTEM 916 Sign of "Win32:Fasec [Trj]" has been found in "C:\WINDOWS\system32\UACntikjbnrmm.dll" file.
8/18/2009 7:20:33 AM SYSTEM 916 Sign of "Win32:Fasec [Trj]" has been found in "C:\WINDOWS\system32\UACawwkspwsqe.dll" file.
8/18/2009 7:10:15 AM SYSTEM 916 Sign of "Win32:Fasec [Trj]" has been found in "C:\WINDOWS\SYSTEM32\UACSYFWBWULNO.DLL" file.
8/16/2009 10:09:12 AM SYSTEM 952 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
8/12/2009 5:33:43 PM SYSTEM 952 Sign of "JS:Pdfka-MQ [Trj]" has been found in "http://scepical.com/4/doctor/p15.php" file.
8/12/2009 5:31:50 PM SYSTEM 952 Sign of "JS:Pdfka-MQ [Trj]" has been found in "http://scepical.com/4/doctor/p15.php" file.
8/12/2009 5:30:42 PM SYSTEM 952 Sign of "JS:Pdfka-MQ [Trj]" has been found in "http://scepical.com/4/doctor/p15.php" file.
8/12/2009 5:30:11 PM SYSTEM 952 Sign of "JS:Pdfka-MQ [Trj]" has been found in "http://scepical.com/4/doctor/p15.php" file.
8/12/2009 5:29:36 PM SYSTEM 952 Sign of "JS:Obfuscated-CV [Trj]" has been found in "http://ikh.yueiotr.info/dwk/in.php" file.
8/12/2009 5:12:25 AM SYSTEM 1208 Function setifaceUpdatePackages() has failed. Return code is 0x20000004, dwRes is 20000004.
8/11/2009 5:08:25 PM SYSTEM 1208 Sign of "JS:Pdfka-MQ [Trj]" has been found in "http://nguyenup.com/nnnn/wwww-1/p14.php" file.
8/11/2009 3:24:13 AM SYSTEM 1208 Sign of "JS:Obfuscated-CV [Trj]" has been found in "http://irw.yueiotr.info/yvx/in.php" file.


and now, the MBAM results:

Malwarebytes' Anti-Malware 1.40
Database version: 2635
Windows 5.1.2600 Service Pack 3

8/18/2009 7:32:01 PM
mbam-log-2009-08-18 (19-32-01).txt

Scan type: Quick Scan
Objects scanned: 95131
Time elapsed: 36 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\legacy_windev-4a1f-3ef8 (Rootkit.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\UACawwkspwsqe.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACntikjbnrmm.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACufxbfxyuhj.dll (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC1975.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC6cdc.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UAC8a33.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\UACb958.tmp (Rogue.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACpcxkdmrrsi.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\UACqerfoepxev.sys (Trojan.Agent) -> Quarantined and deleted successfully.


Any additional steps?

thanks again for your help, too!

#10 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 18 August 2009 - 09:18 PM

Well done!
Looks good.

Lets clean up the temp files and make sure there are not any other leftovers.

==========

Please do this....

Please download Posted Image by OldTimer to your desktop from here.
  • Open the file and close any other windows.
  • It will close all programs itself when run; make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job.
  • After it is finished, it should reboot your machine, if not, do this yourself to ensure a complete clean.
==========

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
==========

Please rerun an MBAM quickscan. Do not forget to click on the Update tab 1st!! Post a log for my review.

==========

With your next post please provide:

* ESET log
* MBAM log
* How is your computer running now?

Kind regards,
~t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#11 griz_fan

griz_fan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 19 August 2009 - 12:07 AM

Hi,

ESET reported no threats found. I ran the non-IE version, and I didn't have an option to save the log file, just uninstall application on close. TFC ran fine, the computer seems back to normal, and the MBAM log is below:


Malwarebytes' Anti-Malware 1.40
Database version: 2635
Windows 5.1.2600 Service Pack 3

8/18/2009 11:07:12 PM
mbam-log-2009-08-18 (23-07-12).txt

Scan type: Quick Scan
Objects scanned: 91999
Time elapsed: 14 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Thanks!!!

#12 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 PM

Posted 19 August 2009 - 06:56 AM

Well done.
Congratulations! You now appear clean! :thumbsup:

**********

Please pay particularly close attention to the instructions that follow. Especially resetting a new restore point. To neglect these steps risk needless reinfection!!

**********

Are things running okay? Do you have any more questions?

**********

Reset System Restore <--- Important
You should disable and enable system restore to make sure there are no infected files found in a restore point. You can find instructions here:
Windows ME
Window XP
Windows Vista

Note: You should only do this once, not on a regular basis!
You will not be able to restore computer to any earlier than today!

**********

Recommendations
Below are some recommendations to lower your chances of (re)infection.
  • Install and maintain an outbound firewall
  • Install Spyware Blaster and update it regularly
    If you wish, the commercial version provides automatic updating.
  • Install the MVPs hosts file, and update it regularly
    You can use the HostMan host file manager to do this automaticly if you wish.
    For more information on the hosts file, and what it can do for you, you can view the Tutorial on the Hosts file
  • Install an Anti-Spyware program, and update it regularly
    Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
    SUPERAntiSpyware is another good scanner with high detection and removal rates.
    Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

    If you are using Windows XP or earlier
    Visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

    If you are using Windows Vista
    • Click the "Start Menu" (or Windows Orb)
    • Click "All Programs"
    • Click "Windows Update"
    • On the left, choose "Change Settings"
    • Ensure that the checkbox "Use Microsoft Update" at the bottom of the window is checked.
    • Press OK and accept the UAC prompt.
      Note: You shouldn't need to check this checkbox every single time you update, only the first time.
    • Click "Check for Updates" in the upper left corner.
    • Follow the instructions to install the latest updates.
    • Reboot and repeat the "Check for Updates" until there are no more critical updates to install
  • Keep your other software up to date as well. Software does not need to be made by Microsoft to be insecure. Download Secunia Software Inspector to keep all your software up to date.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing :flowers:.
**********

System Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

**********

Good luck & safe surfing,
Regards,
t
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users