Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus affected my AVG antivirus [Solved]


  • This topic is locked This topic is locked

#1
goved

goved

    Member

  • Member
  • PipPip
  • 26 posts

Hi,after  scan performed with Live CD,noticed many password protected files in AVG folder.I can't do anything -deleting nor opening these files.The AVG antivirus is permanent updating itself,all the browsers I have are almost useless-a few pages can be run and opened.One of my user accounts is bloked and can't sign in.I use Windows XP Home Edition Service Pack 3.Th eses are scans made by FRST,I'll paste only Addition.text and will attach FRST.text,becouse can't post the topic if i paste both files.

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015
Ran by HQ at 2001-01-01 03:59:25
Running from D:\Documents and Settings\RVS\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2025429265-651377827-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-2025429265-651377827-839522115-1006 - Limited - Enabled)
Guest (S-1-5-21-2025429265-651377827-839522115-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-2025429265-651377827-839522115-1000 - Limited - Disabled)
HQ (S-1-5-21-2025429265-651377827-839522115-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\HQ
RVS (S-1-5-21-2025429265-651377827-839522115-1010 - Administrator - Enabled) => D:\Documents and Settings\RVS
SUPPORT_388945a0 (S-1-5-21-2025429265-651377827-839522115-1002 - Limited - Disabled)
User (S-1-5-21-2025429265-651377827-839522115-1011 - Limited - Enabled) => %SystemDrive%\Documents and Settings\User.LAPTOP.000
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
470_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
470_Readme (Version: 1.00.0000 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.233 - Adobe Systems Incorporated)
Adobe Reader 9.5.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.1 - Adobe Systems Incorporated)
AMD Driver Support for HP 3D DriverGuard (HKLM\...\{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}) (Version: 5.1.0000.0066 - Advanced Micro Devices, Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0910.2156 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.513.1.3-080910a-069672C-HP - )
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2250 - AVG Technologies)
AVG 2012 (Version: 12.0.4311 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2250 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Bulgarian Phonetic for WinXP (HKLM\...\{43B03B63-F445-46E1-8EB5-AB801427159D}) (Version: 1.2.0 - ZONG's House)
ccc-core-preinstall (Version: 2008.0910.2157.37406 - ATI) Hidden
ccc-core-static (Version: 2008.0910.2157.37406 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.2.4.1255 - CDBurnerXP)
Cisco Systems VPN Client 5.0.05.0290 (HKLM\...\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}) (Version: 5.0.5 - Cisco Systems, Inc.)
Cisco WAAS Mobile (HKLM\...\{A875F9FE-3A6E-47C6-AA83-A75ABF3F59FE}) (Version: 3.4.1.1601 - Cisco Systems, Inc.)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 16.1.1.0 - COMODO)
COMODO System-Cleaner (HKLM\...\{C4039DC0-905D-4372-8B20-120F0B6CF283}) (Version: 3.0.172695.53 - COMODO)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.01 - Piriform)
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Google Земя (HKLM\...\{D2CA31E1-EE00-11DD-B5A6-005056806466}) (Version: 5.0.11337.1968 - Google)
H470 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{E5C1C126-1687-4868-A3DD-B807176E4970}) (Version: 1.10 A8 - Hewlett-Packard)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.1.0.4803 - HP)
HP Officejet H470 Series (HKLM\...\{5A15F754-086E-4185-96F4-0BC31F1A2382}) (Version: 1.0 - HP)
HP Quick Launch Buttons 6.40 L2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 L2 - Hewlett-Packard)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM\...\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}) (Version: 4.000.006.003 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
Java™ 6 Update 12 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216012FF}) (Version: 6.0.120 - Sun Microsystems, Inc.)
K-Lite Codec Pack 4.6.2 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 4.6.2 - )
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox (3.0.7) (HKLM\...\Mozilla Firefox (3.0.7)) (Version: 3.0.7 (bg) - Mozilla)
MPM (HKLM\...\{00772F8B-37FF-4704-A47D-72B30BFAF126}) (Version: 1.00.0000 - Hewlett-Packard)
OpenOffice.org 3.0 (HKLM\...\{643A39FD-DF63-4D4C-B594-DEF7ED42155F}) (Version: 3.0.9379 - OpenOffice.org)
Opera 10.51 (HKLM\...\{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}) (Version: 10.51 - Opera Software ASA)
Opera 11.61 (HKLM\...\Opera 11.61.1250) (Version: 11.61.1250 - Opera Software ASA)
Oracle JInitiator 1.3.1.22 (HKLM\...\{CAFECAFE-0013-0001-0122-ABCDEFABCDEF}) (Version:  - )
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
SA Dictionary 2008 Beta 4 (HKLM\...\{055A5AF0-9FEB-440D-B00A-18935C7C171C}) (Version: 6.6.12 - Stefan Angelov)
SCR3xxx Smart Card Reader (HKLM\...\{9A154D6D-13D6-4CA1-BB3A-E792C18DACBF}) (Version: 8.33 - SCM Microsystems)
Skins (Version: 2008.0910.2157.37406 - ATI) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.5820 - Analog Devices)
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.0 beta 23 - Ghisler Software GmbH)
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows SteadyState (HKLM\...\{D3880A64-6112-47b7-8BFE-70EEA07B43E0}) (Version: 2.5 - Microsoft Corporation)
WinRAR 4.11 (32-битова версия) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2025429265-651377827-839522115-1010_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
27-03-2014 12:11:13 Software Distribution Service 3.0
09-04-2014 11:05:43 Software Distribution Service 3.0
16-04-2014 11:05:14 Software Distribution Service 3.0
22-04-2014 16:04:17 System Checkpoint
02-09-2014 18:51:51 System Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-02-28 13:00 - 2006-02-28 13:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\WINDOWS\TEMP\{5DD8E2A0-1294-4111-A688-E5B3E4DFAC0A}.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{51CD7222-DEF0-419D-BA18-090FA6D256BE}.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfd524bf17ffd6.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-651377827-839522115-1004.job => C:\Documents and Settings\NVMS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-651377827-839522115-1005.job => D:\Documents and Settings\$!\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-12-09 14:08 - 2010-12-09 14:08 - 00305600 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
2010-12-09 14:08 - 2010-12-09 14:08 - 00797632 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\CSCDll.dll
2010-12-09 14:09 - 2010-12-09 14:09 - 00537536 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\UtilsDll.dll
2009-01-13 11:29 - 2009-01-13 11:29 - 00197408 _____ () C:\WINDOWS\system32\vpnapi.dll
2009-03-13 00:22 - 2008-10-20 21:18 - 00071096 _____ () C:\Program Files\CDBurnerXP\NMSAccessU.exe
2008-05-12 14:49 - 2008-05-12 14:49 - 00040960 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-05-12 14:51 - 2008-05-12 14:51 - 02842624 _____ () C:\WINDOWS\system32\btwicons.dll
2012-03-23 16:20 - 2012-02-17 20:55 - 00166912 _____ () d:\Program Files\WinRAR\rarext.dll
2012-03-23 16:27 - 2014-07-04 13:55 - 02571288 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-07-04 13:56 - 2014-07-04 13:55 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2009-02-18 11:48 - 2009-02-18 11:48 - 00014848 _____ () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windows SteadyState => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Windows SteadyState => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2025429265-651377827-839522115-1010\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
DNS Servers: 46.40.72.25 - 46.40.72.13
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
StandardProfile\AuthorizedApplications: [D:\EA GAMES\Battlefield 1942\BF1942.exe] => Enabled:BF1942
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\User\Desktop\utorrent.exe] => Disabled:µTorrent
StandardProfile\AuthorizedApplications: [D:\Documents and Settings\opera.exe] => Disabled:Opera Internet Browser
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Disabled:Firefox
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\client\googleearth.exe] => Disabled:Google Earth
StandardProfile\AuthorizedApplications: [F:\skype_portable\13\SKYPE\SKYPE.EXE] => Disabled:Skype. Take a deep breath 
StandardProfile\AuthorizedApplications: [C:\Program Files\Opera\opera.exe] => Enabled:Opera Internet Browser
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG10\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [G:\Halite.0_3_1_dev638.x86\Halite.exe] => Disabled:Halite BitTorrent Client
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG10\avgdiagex.exe] => Enabled:AVG Diagnostics 2011
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG10\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG10\avgemcx.exe] => Enabled:Personal E-mail Scanner
StandardProfile\AuthorizedApplications: [D:\Program Files\AVG\AVG2012\avgmfapx.exe] => Enabled:AVG Installer
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [D:\Program Files\AVG\AVG2012\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [D:\Program Files\AVG\AVG2012\avgdiagex.exe] => Enabled:AVG Diagnostics 2012
StandardProfile\AuthorizedApplications: [D:\Program Files\AVG\AVG2012\avgemcx.exe] => Enabled:Personal E-mail Scanner
StandardProfile\GloballyOpenPorts: [5800:TCP] => Enabled:VNC-WEB
StandardProfile\GloballyOpenPorts: [5900:TCP] => Enabled:VNC
StandardProfile\GloballyOpenPorts: [3389:TCP] => Enabled:@xpsp2res.dll,-22009
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/01/2001 03:37:52 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:51 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:51 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:49 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:49 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:35:47 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
System errors:
=============
Error: (01/01/2001 03:30:53 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.1.104 for the Network Card with network address 002100A66FD0 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (01/01/2001 03:30:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.5.0 service failed to start due to the following error: 
%%2
 
Error: (01/01/2001 03:30:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга Google Update (gupdate1c9a48216e53596) service failed to start due to the following error: 
%%1053
 
Error: (01/01/2001 03:30:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Услуга Google Update (gupdate1c9a48216e53596) service to connect.
 
Error: (01/01/2001 02:09:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.5.0 service failed to start due to the following error: 
%%2
 
Error: (01/01/2001 02:09:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга Google Update (gupdate1c9a48216e53596) service failed to start due to the following error: 
%%1053
 
Error: (01/01/2001 02:09:23 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Услуга Google Update (gupdate1c9a48216e53596) service to connect.
 
Error: (01/01/2001 01:33:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater18.5.0 service failed to start due to the following error: 
%%2
 
Error: (01/01/2001 01:33:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга Google Update (gupdate1c9a48216e53596) service failed to start due to the following error: 
%%1053
 
Error: (01/01/2001 01:33:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Услуга Google Update (gupdate1c9a48216e53596) service to connect.
 
 
Microsoft Office:
=========================
Error: (01/01/2001 03:37:52 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:51 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:51 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:50 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:49 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:37:49 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (01/01/2001 03:35:47 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download....uthrootstl.cabArequired certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
==================== Memory info =========================== 
 
Processor: AMD Turion™X2 Dual Core Mobile RM-72
Percentage of memory in use: 62%
Total physical RAM: 764.79 MB
Available physical RAM: 288.56 MB
Total Pagefile: 1858.81 MB
Available Pagefile: 1108.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.08 MB
 
==================== Drives ================================
 
Drive c: (SYSTEM) (Fixed) (Total:20.22 GB) (Free:5.29 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DATA) (Fixed) (Total:91.57 GB) (Free:68.79 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=91.6 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=20.2 GB) - (Type=07 NTFS)
 
==================== End of log ============================

Attached Files

  • Attached File  FRST.txt   458.29KB   74 downloads

  • 0

Advertisements


#2
goved

goved

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Hi,would like to say that already received help about my problem and when that topic has been read by admin or member of malware removel team,please close it as solved.Thank you for your attention.

Best wishes to all 


Edited by goved, 07 June 2015 - 09:17 AM.

  • 0

#3
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP