Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I have a nasty rootkit... can't run rootrepeal or dds


  • This topic is locked This topic is locked
7 replies to this topic

#1 tigergrrl

tigergrrl

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 21 September 2009 - 11:13 PM

Hi,

I am new to "bleeping" and am extremely grateful for any help anyone can offer me! I think I must have a nasty virus/trojan/rootkit or something of that sort. I am running Vista Ultimate 32 bit. I can basically only get into my computer through safe mode as of last Friday. My computer started to feel a bit sluggish a few days before this, but now will barely load in "standard" mode, and I can only see my desktop when it does. In safe mode, I am getting redirects in my web browser (among other funky things). I tried to run AVG and other antivirus programs, but they shut down when I try to run them. I was able to run Kaspersky Online Scanner for a bit (before it too shut down) and it minimally found Packed.Win32.TDSS.z.

I just followed the Preparation Guide, and I tried to run DDS and RootRepeal, but both of these shut down when I try to run them.

What should I do next?

Thanks for your help!!

Edited to add: When I install RootRepeal, I get the following error:
FOPS - DeviceIoControl Error! Error Code = 0xc0000024
Extended Info (0x00000130)

Edited (again) to add: I was able to run Kaspersky Online Scanner last night (yay, something finally worked!), and I am attaching the report here.

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Tuesday, September 22, 2009
Operating system: Microsoft Windows Vista Ultimate Edition, 32-bit (build 6000)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Tuesday, September 22, 2009 06:04:08
Records in database: 2868285
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Objects scanned: 281918
Threats found: 6
Infected objects found: 8
Suspicious objects found: 2
Scan duration: 03:43:41


File name / Threat / Threats count
globalroot\Device\Ide\IdePort1\yuibtsrr\yuibtsrr\tdlwsp.dll/globalroot\Device\Ide\IdePort1\yuibtsrr\yuibtsrr\tdlwsp.dll Infected: Packed.Win32.TDSS.z 2
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40000\4EF70F48.VBN Suspicious: Packed.Win32.PECompact 1
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40001\4EF70FA8.VBN Infected: Trojan.Win32.TDSS.aoep 1
C:\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40002\4EF70FC5.VBN Infected: Trojan-Downloader.Win32.FraudLoad.wgdu 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40000\4EF70F48.VBN Suspicious: Packed.Win32.PECompact 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40001\4EF70FA8.VBN Infected: Trojan.Win32.TDSS.aoep 1
C:\Users\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0CC40002\4EF70FC5.VBN Infected: Trojan-Downloader.Win32.FraudLoad.wgdu 1
C:\Users\rwhite2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYV69C6B\hitin[1].htm Infected: Trojan.HTML.Fraud.d 1
C:\Users\rwhite2\AppData\Roaming\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmseria.jar-136cbaca-4ce4bae5.zip Infected: Trojan-Downloader.Java.OpenConnection.at 1

Selected area has been scanned.

Edited by tigergrrl, 22 September 2009 - 08:28 AM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:01:24 AM

Posted 22 September 2009 - 11:19 AM

Right-click on rootrepeal.exe and rename it to tatertot.scr
Also just select Drivers when scanning

Lastly. you can Click Settings - Options. Set the Disk Access slider to High

post back with the results

Edited by garmanma, 22 September 2009 - 06:51 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 tigergrrl

tigergrrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 22 September 2009 - 12:05 PM

Thanks so much for your help, Garmanma!

So, I downloaded rootrepeal onto my desktop again and renamed it, and I changed the disk access level to high... but when I tried to scan the drivers, I get an error message that reads:

DeviceIoControl Error! Error Code = 0x0

and here is all I get:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/22 12:12
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP0
==================================================

==EOF==

Edited by tigergrrl, 22 September 2009 - 12:15 PM.


#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:01:24 AM

Posted 22 September 2009 - 06:52 PM

1. Download Win32kDiag from any of the following locations and save it to your Desktop

http://ad13.geekstogo.com/Win32kDiag.exe

http://download.bleepingcomputer.com/rootr.../Win32kDiag.exe

2. Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
3. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
4. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 tigergrrl

tigergrrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 22 September 2009 - 09:44 PM

Let me know if this is what you need... Thanks!


Running from: C:\Users\rwhite2\Desktop\Win32kDiag.exe

Log file at : C:\Users\rwhite2\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Found mount point : C:\Windows\AppPatch\Custom\Custom

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CA0.tmp\ZAP5CA0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAD9C.tmp\ZAPAD9C.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD078.tmp\ZAPD078.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED1C.tmp\ZAPED1C.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\CSC\v2.0.6\namespace\namespace

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\CSC\v2.0.6\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\biolsp patch\biolsp patch

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\Preboot Manager\Preboot Manager

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\tsp patch\tsp patch

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\upekmsi\upekmsi

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\Wave Infrastructure\Wave Infrastructure

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ehome\CreateDisc\style\style

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Globalization\Globalization

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Corporate\Corporate

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\mail\mail

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\OEM\OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\SBSI\Training\WXPPRO\Cbz\Cbz

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\SBSI\Training\WXPPRO\Lib\Lib

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\SBSI\Training\WXPPRO\Wave\Wave

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\htmlTour\htmlTour

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\mmTour\mmTour

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Audio\Wav\Wav

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Cnt\Cnt

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Css\Css

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Img\Btn\Btn

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Img\WMarks\WMarks

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Scr\Scr

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Help\Tours\WindowsMediaPlayer\Video\Video

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\IME\shared\res\res

Mount point destination : \Device\__max++>\^

Cannot access: C:\Windows\inf\drvindex.dat

[1] 2009-02-16 17:04:19 665600 C:\Windows\inf\drvindex.dat ()



Found mount point : C:\Windows\inf\en-US\en-US

Mount point destination : \Device\__max++>\^

Cannot access: C:\Windows\inf\INFCACHE.1

[1] 2009-07-22 11:54:45 1707464 C:\Windows\inf\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\chs\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\cht\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\deu\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\enu\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\esp\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\fra\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\ita\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\jpn\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\kor\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\hdmi\ptb\INFCACHE.1 ()

[1] 2007-10-24 18:02:04 4128 C:\Windows\System32\Lang\INFCACHE.1 ()

[1] 2008-05-12 16:31:47 1423568 C:\i386\INFCACHE.1 ()



Cannot access: C:\Windows\inf\infpub.dat

[1] 2009-07-22 11:54:43 51200 C:\Windows\inf\infpub.dat ()



Cannot access: C:\Windows\inf\infstor.dat

[1] 2009-07-22 11:54:42 86016 C:\Windows\inf\infstor.dat ()



Cannot access: C:\Windows\inf\infstrng.dat

[1] 2009-07-22 11:54:42 86016 C:\Windows\inf\infstrng.dat ()



Found mount point : C:\Windows\Installer\$PatchCache$\Managed\000021091A0090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109411090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109440090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109510090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109711090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109910090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109A10090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\17400AB28230347339DBAF1833357A38\3.1.21022\3.1.21022

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\1F3B805BA42A0C233B0158879691FE82\2.1.21022\2.1.21022

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\62287FAB00234BD4EB33D429A2978904\3.0.6920\3.0.6920

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\LiveKernelReports\LiveKernelReports

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Microsoft.NET\authman\authman

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\nap\configuration\configuration

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Panther\ReassembledDrivers\ReassembledDrivers

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Panther\setup.exe\setup.exe

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\PCHEALTH\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Performance\WinSAT\DataStore\DataStore

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\PLA\Templates\Templates

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Resources\Themes\Luna\Shell\Homestead\Homestead

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Resources\Themes\Luna\Shell\Metallic\Metallic

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Resources\Themes\Luna\Shell\NormalColor\NormalColor

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Temporary Internet Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\Tfs_DAV

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Media Center Programs\Media Center Programs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\Description Documents\Description Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\Cookies

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Documents\Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Downloads\Downloads

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Links\Links

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Music\Music

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Pictures\Pictures

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Saved Games\Saved Games

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\LocalService\Videos\Videos

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Temporary Internet Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Media Center Programs\Media Center Programs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\Cookies

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Documents\Documents

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Downloads\Downloads

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Links\Links

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Music\Music

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Pictures\Pictures

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Saved Games\Saved Games

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Videos\Videos

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\SoftwareDistribution\PostRebootEventCache\PostRebootEventCache

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\SxsCaPendDel\SxsCaPendDel

Mount point destination : \Device\__max++>\^

Cannot access: C:\Windows\System32\cngaudit.dll

[2] 2006-11-02 04:46:03 11776 C:\Windows\System32\cngaudit(570).dll (Microsoft Corporation)

[1] 2006-11-02 04:46:03 61952 C:\Windows\System32\cngaudit.dll ()

[2] 2006-11-02 04:46:03 11776 C:\Windows\System32\logevent.dll (Microsoft Corporation)

[2] 2006-11-02 04:46:03 11776 C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit(362).dll (Microsoft Corporation)

[1] 2006-11-02 04:46:03 11776 C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\1394bus.sys

[1] 2006-11-02 03:55:12 53376 C:\Windows\System32\drivers\1394bus.sys ()

[1] 2006-11-02 03:55:12 53376 C:\Windows\System32\DriverStore\FileRepository\1394.inf_1c635995\1394bus.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:28 53376 C:\Windows\Temp\SPI2138.tmp\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\1394bus.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:28 53376 C:\Windows\Temp\SPIF7C1.tmp\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\1394bus.sys (Microsoft Corporation)

[1] 2004-08-03 23:10:08 53248 C:\i386\1394bus.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\acpi.sys

[1] 2006-11-02 04:51:30 255592 C:\Windows\System32\drivers\acpi.sys ()

[1] 2006-11-02 04:51:30 255592 C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\acpi.sys (Microsoft Corporation)

[1] 2008-01-19 00:43:04 266808 C:\Windows\Temp\SPI2138.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys (Microsoft Corporation)

[1] 2008-01-19 00:43:04 266808 C:\Windows\Temp\SPIF7C1.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 187776 C:\i386\acpi.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\atapi(569).sys

[1] 2006-11-02 04:49:36 19048 C:\Windows\System32\drivers\atapi(569).sys ()



Cannot access: C:\Windows\System32\drivers\atapi.sys

[1] 2006-11-02 04:49:36 19048 C:\Windows\System32\drivers\atapi.sys ()

[1] 2006-11-02 04:49:36 19048 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:32 21560 C:\Windows\Temp\SPI2138.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:32 21560 C:\Windows\Temp\SPIF7C1.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys (Microsoft Corporation)

[1] 2004-08-03 22:59:44 95360 C:\i386\atapi.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\ataport.sys

[1] 2006-11-02 04:50:41 107112 C:\Windows\System32\drivers\ataport.sys ()

[1] 2006-11-02 04:50:41 107112 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\ataport.sys (Microsoft Corporation)

[1] 2008-01-19 00:43:08 110136 C:\Windows\Temp\SPI2138.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\ataport.sys (Microsoft Corporation)

[1] 2008-01-19 00:43:08 110136 C:\Windows\Temp\SPIF7C1.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\ataport.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\battc.sys

[1] 2006-11-02 04:49:47 25192 C:\Windows\System32\drivers\battc.sys ()

[1] 2006-11-02 04:49:47 25192 C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\battc.sys (Microsoft Corporation)

[1] 2006-11-02 04:49:47 25192 C:\Windows\System32\DriverStore\FileRepository\battery.inf_f4c53ba5\battc.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:40 28216 C:\Windows\Temp\SPI2138.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\battc.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:40 28216 C:\Windows\Temp\SPI2138.tmp\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\battc.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:40 28216 C:\Windows\Temp\SPIF7C1.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\battc.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:40 28216 C:\Windows\Temp\SPIF7C1.tmp\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\battc.sys (Microsoft Corporation)

[1] 2001-08-17 13:57:54 14080 C:\i386\battc.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\cdrom.sys

[1] 2006-11-02 03:51:44 67072 C:\Windows\System32\drivers\cdrom.sys ()

[1] 2006-11-02 03:51:44 67072 C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:52 67072 C:\Windows\Temp\SPI2138.tmp\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:52 67072 C:\Windows\Temp\SPIF7C1.tmp\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 49536 C:\i386\cdrom.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\CmBatt.sys

[1] 2006-11-02 03:35:03 14208 C:\Windows\System32\drivers\CmBatt.sys ()

[1] 2006-11-02 03:35:03 14208 C:\Windows\System32\DriverStore\FileRepository\battery.inf_f4c53ba5\CmBatt.sys (Microsoft Corporation)

[1] 2008-01-18 22:32:48 14208 C:\Windows\Temp\SPI2138.tmp\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\cmbatt.sys (Microsoft Corporation)

[1] 2008-01-18 22:32:48 14208 C:\Windows\Temp\SPIF7C1.tmp\x86_battery.inf_31bf3856ad364e35_6.0.6001.18000_none_162792ec53d025b0\cmbatt.sys (Microsoft Corporation)

[1] 2004-08-03 23:07:40 14080 C:\i386\CmBatt.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\disk.sys

[1] 2006-11-02 04:49:51 52840 C:\Windows\System32\drivers\disk.sys ()

[1] 2006-11-02 04:49:51 52840 C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:22 55352 C:\Windows\Temp\SPI2138.tmp\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:22 55352 C:\Windows\Temp\SPIF7C1.tmp\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 36352 C:\i386\disk.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\Dot4.sys

[1] 2006-11-02 03:51:04 131584 C:\Windows\System32\drivers\Dot4.sys ()

[1] 2006-11-02 03:51:04 131584 C:\Windows\System32\DriverStore\FileRepository\dot4.inf_024c3483\Dot4.sys (Microsoft Corporation)

[2] 2005-10-21 20:58:52 49920 C:\Windows\System32\DRVSTORE\hpzid413_639F44A9178C7A20A614BAD0D95ED0F717C1CAE9\drivers\dot4\Win2000\HPZid412.sys (HP)

[2] 2005-10-21 20:58:52 49920 C:\Windows\System32\DRVSTORE\hpzipa13_4E25546121E63B9D66B7252BF9079CA9374E33DA\drivers\dot4\Win2000\HPZid412.sys (HP)

[2] 2005-10-21 20:58:52 49920 C:\Windows\System32\DRVSTORE\hpzius13_3FE30AA926D072AD94378092FA3E1C6C873EFC9F\drivers\dot4\Win2000\hpzid412.sys (HP)

[1] 2008-01-18 22:49:14 131584 C:\Windows\Temp\SPI2138.tmp\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\dot4.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:14 131584 C:\Windows\Temp\SPIF7C1.tmp\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\dot4.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\Dot4Prt.sys

[1] 2006-11-02 03:51:02 16384 C:\Windows\System32\drivers\Dot4Prt.sys ()

[1] 2006-11-02 03:51:02 16384 C:\Windows\System32\DriverStore\FileRepository\dot4prt.inf_7ef448bf\Dot4Prt.sys (Microsoft Corporation)

[2] 2005-10-21 20:58:58 16496 C:\Windows\System32\DRVSTORE\hpzipa13_4E25546121E63B9D66B7252BF9079CA9374E33DA\drivers\dot4\Win2000\HPzipr12.sys (HP)

[2] 2005-10-21 20:58:58 16496 C:\Windows\System32\DRVSTORE\hpzipr13_B6E7260393C4003917E417E5D9BD7A1F1D498C63\drivers\dot4\Win2000\HPZipr12.sys (HP)

[2] 2005-10-21 20:58:58 16496 C:\Windows\System32\DRVSTORE\hpzius13_3FE30AA926D072AD94378092FA3E1C6C873EFC9F\drivers\dot4\Win2000\hpzipr12.sys (HP)

[1] 2008-01-18 22:49:10 16384 C:\Windows\Temp\SPI2138.tmp\x86_dot4prt.inf_31bf3856ad364e35_6.0.6001.18000_none_6d3b23766cb698be\dot4prt.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:10 16384 C:\Windows\Temp\SPIF7C1.tmp\x86_dot4prt.inf_31bf3856ad364e35_6.0.6001.18000_none_6d3b23766cb698be\dot4prt.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\Dot4usb.sys

[1] 2006-11-02 03:51:03 36864 C:\Windows\System32\drivers\Dot4usb.sys ()

[1] 2006-11-02 03:51:03 36864 C:\Windows\System32\DriverStore\FileRepository\dot4.inf_024c3483\Dot4usb.sys (Microsoft Corporation)

[2] 2005-10-21 20:52:48 21568 C:\Windows\System32\DRVSTORE\hpzipa13_4E25546121E63B9D66B7252BF9079CA9374E33DA\drivers\dot4\Win2000\HPZius12.sys (HP)

[2] 2005-10-21 20:52:48 21568 C:\Windows\System32\DRVSTORE\hpzius13_3FE30AA926D072AD94378092FA3E1C6C873EFC9F\drivers\dot4\Win2000\HPZius12.sys (HP)

[2] 2005-10-21 20:52:52 16800 C:\Windows\System32\DRVSTORE\hpzius13_3FE30AA926D072AD94378092FA3E1C6C873EFC9F\drivers\dot4\WinxP\Hppaufd0.sys (HP)

[1] 2008-01-18 22:49:12 36864 C:\Windows\Temp\SPI2138.tmp\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\dot4usb.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:12 36864 C:\Windows\Temp\SPIF7C1.tmp\x86_dot4.inf_31bf3856ad364e35_6.0.6001.18000_none_dc7405a5dc041870\dot4usb.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\drmk.sys

[1] 2006-11-02 04:20:50 130048 C:\Windows\System32\drivers\drmk.sys ()

[1] 2006-11-02 04:20:50 130048 C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1493ef6e\drmk.sys (Microsoft Corporation)

[1] 2008-01-18 23:53:04 130048 C:\Windows\Temp\SPI2138.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\drmk.sys (Microsoft Corporation)

[1] 2008-01-18 23:53:04 130048 C:\Windows\Temp\SPIF7C1.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\drmk.sys (Microsoft Corporation)

[1] 2004-08-03 23:08:00 60288 C:\i386\drmk.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\drmkaud.sys

[1] 2006-11-02 03:54:59 5632 C:\Windows\System32\drivers\drmkaud.sys ()

[1] 2006-11-02 03:54:59 5632 C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1493ef6e\drmkaud.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 5632 C:\Windows\Temp\SPI2138.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\drmkaud.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 5632 C:\Windows\Temp\SPIF7C1.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\drmkaud.sys (Microsoft Corporation)

[1] 2004-08-03 23:07:58 2944 C:\i386\drmkaud.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\hdaudbus.sys

[1] 2006-11-02 02:36:49 53248 C:\Windows\System32\drivers\hdaudbus.sys ()

[1] 2006-11-02 02:36:49 53248 C:\Windows\System32\DriverStore\FileRepository\hdaudbus.inf_55037da4\hdaudbus.sys (Microsoft Corporation)

[1] 2008-01-18 21:30:50 53760 C:\Windows\Temp\SPI2138.tmp\x86_hdaudbus.inf_31bf3856ad364e35_6.0.6001.18000_none_772192e1868720e9\hdaudbus.sys (Microsoft Corporation)

[1] 2008-01-18 21:30:50 53760 C:\Windows\Temp\SPIF7C1.tmp\x86_hdaudbus.inf_31bf3856ad364e35_6.0.6001.18000_none_772192e1868720e9\hdaudbus.sys (Microsoft Corporation)

[1] 2004-08-12 17:45:54 137728 C:\i386\Hdaudbus.sys (Windows Server 2003 DDK provider)



Cannot access: C:\Windows\System32\drivers\HdAudio.sys

[1] 2006-11-02 02:36:49 235520 C:\Windows\System32\drivers\HdAudio.sys ()

[1] 2006-11-02 02:36:49 235520 C:\Windows\System32\DriverStore\FileRepository\hdaudio.inf_2e4e0e52\HdAudio.sys (Microsoft Corporation)

[1] 2004-08-12 17:45:52 113664 C:\i386\Hdaudio.sys (Windows Server 2003 DDK provider)



Cannot access: C:\Windows\System32\drivers\hidclass.sys

[1] 2006-11-02 03:55:01 38912 C:\Windows\System32\drivers\hidclass.sys ()

[1] 2006-11-02 03:55:01 38912 C:\Windows\System32\DriverStore\FileRepository\input.inf_53578522\hidclass.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 38912 C:\Windows\Temp\SPI2138.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidclass.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 38912 C:\Windows\Temp\SPIF7C1.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidclass.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 36224 C:\i386\hidclass.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\hidparse.sys

[1] 2006-11-02 03:55:00 25472 C:\Windows\System32\drivers\hidparse.sys ()

[1] 2006-11-02 03:55:00 25472 C:\Windows\System32\DriverStore\FileRepository\input.inf_53578522\hidparse.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 25472 C:\Windows\Temp\SPI2138.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidparse.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 25472 C:\Windows\Temp\SPIF7C1.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidparse.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 24960 C:\i386\hidparse.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\hidusb.sys

[1] 2006-11-02 03:55:01 12288 C:\Windows\System32\drivers\hidusb.sys ()

[1] 2006-11-02 03:55:01 12288 C:\Windows\System32\DriverStore\FileRepository\input.inf_53578522\hidusb.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 12288 C:\Windows\Temp\SPI2138.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidusb.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 12288 C:\Windows\Temp\SPIF7C1.tmp\x86_input.inf_31bf3856ad364e35_6.0.6001.18000_none_206f99c7201dafdb\hidusb.sys (Microsoft Corporation)

[1] 2001-08-17 15:02:20 9600 C:\i386\hidusb.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\i8042prt.sys

[1] 2006-11-02 03:51:13 54784 C:\Windows\System32\drivers\i8042prt.sys ()

[1] 2006-11-02 03:51:13 54784 C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys (Microsoft Corporation)

[1] 2006-11-02 03:51:13 54784 C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:20 54784 C:\Windows\Temp\SPI2138.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:20 54784 C:\Windows\Temp\SPI2138.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:20 54784 C:\Windows\Temp\SPIF7C1.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:20 54784 C:\Windows\Temp\SPIF7C1.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys (Microsoft Corporation)

[1] 2007-12-05 21:18:29 54784 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys (Microsoft Corporation)

[1] 2007-12-05 21:25:39 54784 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys (Microsoft Corporation)

[1] 2007-12-05 21:18:29 54784 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys (Microsoft Corporation)

[1] 2007-12-05 21:25:39 54784 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys (Microsoft Corporation)

[1] 2004-08-03 23:14:38 52736 C:\i386\i8042prt.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\kbdclass.sys

[1] 2006-11-02 04:49:57 32872 C:\Windows\System32\drivers\kbdclass.sys ()

[1] 2006-11-02 04:49:57 32872 C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdclass.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:54 35384 C:\Windows\Temp\SPI2138.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:54 35384 C:\Windows\Temp\SPIF7C1.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdclass.sys (Microsoft Corporation)

[1] 2007-12-05 23:22:14 35384 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdclass.sys (Microsoft Corporation)

[1] 2007-12-05 23:14:53 35384 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdclass.sys (Microsoft Corporation)

[1] 2004-08-03 22:58:34 24576 C:\i386\kbdclass.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\kbdhid.sys

[1] 2006-11-02 03:51:12 15872 C:\Windows\System32\drivers\kbdhid.sys ()

[1] 2006-11-02 03:51:12 15872 C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\kbdhid.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 15872 C:\Windows\Temp\SPI2138.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdhid.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 15872 C:\Windows\Temp\SPIF7C1.tmp\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\kbdhid.sys (Microsoft Corporation)

[1] 2007-12-05 21:18:27 15872 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\kbdhid.sys (Microsoft Corporation)

[1] 2007-12-05 21:25:37 15872 C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\kbdhid.sys (Microsoft Corporation)

[1] 2004-08-03 23:58:36 14848 C:\i386\kbdhid.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\mouclass.sys

[1] 2006-11-02 04:49:54 31848 C:\Windows\System32\drivers\mouclass.sys ()

[1] 2006-11-02 04:49:54 31848 C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\mouclass.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:54 34360 C:\Windows\Temp\SPI2138.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouclass.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:54 34360 C:\Windows\Temp\SPIF7C1.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouclass.sys (Microsoft Corporation)

[1] 2007-12-05 23:22:13 34360 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\mouclass.sys (Microsoft Corporation)

[1] 2007-12-05 23:14:51 34360 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\mouclass.sys (Microsoft Corporation)

[1] 2004-08-03 22:58:34 23040 C:\i386\mouclass.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\mouhid.sys

[1] 2006-11-02 03:51:12 15872 C:\Windows\System32\drivers\mouhid.sys ()

[1] 2006-11-02 03:51:12 15872 C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\mouhid.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 15872 C:\Windows\Temp\SPI2138.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouhid.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 15872 C:\Windows\Temp\SPIF7C1.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\mouhid.sys (Microsoft Corporation)

[1] 2007-12-05 21:18:26 15872 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\mouhid.sys (Microsoft Corporation)

[1] 2007-12-05 21:25:36 15872 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\mouhid.sys (Microsoft Corporation)

[1] 2001-08-17 14:48:00 12160 C:\i386\mouhid.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\msisadrv.sys

[1] 2006-11-02 04:49:20 13928 C:\Windows\System32\drivers\msisadrv.sys ()

[1] 2006-11-02 04:49:20 13928 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\msisadrv.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:16 16440 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\msisadrv.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:16 16440 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\msisadrv.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\msiscsi.sys

[1] 2006-11-02 04:51:12 168552 C:\Windows\System32\drivers\msiscsi.sys ()

[1] 2006-11-02 04:51:12 168552 C:\Windows\System32\DriverStore\FileRepository\iscsi.inf_ea5644c7\msiscsi.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:36 181304 C:\Windows\Temp\SPI2138.tmp\x86_iscsi.inf_31bf3856ad364e35_6.0.6001.18000_none_3cc3c5b3f3a6b22e\msiscsi.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:36 181304 C:\Windows\Temp\SPIF7C1.tmp\x86_iscsi.inf_31bf3856ad364e35_6.0.6001.18000_none_3cc3c5b3f3a6b22e\msiscsi.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\mssmbios.sys

[1] 2006-11-02 04:49:54 28776 C:\Windows\System32\drivers\mssmbios.sys ()

[1] 2006-11-02 04:49:54 28776 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\mssmbios.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:50 31288 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\mssmbios.sys (Microsoft Corporation)

[1] 2008-01-19 00:41:50 31288 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\mssmbios.sys (Microsoft Corporation)

[1] 2004-08-03 23:07:48 15488 C:\i386\mssmbios.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\ohci1394.sys

[1] 2006-11-02 03:55:16 62080 C:\Windows\System32\drivers\ohci1394.sys ()

[1] 2006-11-02 03:55:16 62080 C:\Windows\System32\DriverStore\FileRepository\1394.inf_1c635995\ohci1394.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:34 61952 C:\Windows\Temp\SPI2138.tmp\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\ohci1394.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:34 61952 C:\Windows\Temp\SPIF7C1.tmp\x86_1394.inf_31bf3856ad364e35_6.0.6001.18000_none_fb2f569f05e7f212\ohci1394.sys (Microsoft Corporation)

[1] 2004-08-03 23:10:10 61056 C:\i386\ohci1394.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\parport.sys

[1] 2006-11-02 03:51:30 79360 C:\Windows\System32\drivers\parport.sys ()

[1] 2006-11-02 03:51:30 79360 C:\Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\parport.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:34 79360 C:\Windows\Temp\SPI2138.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\parport.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:34 79360 C:\Windows\Temp\SPIF7C1.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\parport.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 80128 C:\i386\parport.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\parvdm.sys

[1] 2006-11-02 03:51:23 8704 C:\Windows\System32\drivers\parvdm.sys ()

[1] 2006-11-02 03:51:23 8704 C:\Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\parvdm.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:30 8704 C:\Windows\Temp\SPI2138.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\parvdm.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:30 8704 C:\Windows\Temp\SPIF7C1.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\parvdm.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 6784 C:\i386\parvdm.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\pci.sys

[1] 2006-11-02 04:50:57 140392 C:\Windows\System32\drivers\pci.sys ()

[1] 2006-11-02 04:50:57 140392 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\pci.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:22 151096 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\pci.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:22 151096 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\pci.sys (Microsoft Corporation)

[1] 2004-08-03 23:07:48 68224 C:\i386\pci.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\pciide.sys

[1] 2006-11-02 04:49:20 13416 C:\Windows\System32\drivers\pciide.sys ()

[2] 2006-11-02 04:49:30 17512 C:\Windows\System32\drivers\viaide.sys (VIA Technologies, Inc.)

[1] 2006-11-02 04:49:20 13416 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\pciide.sys (Microsoft Corporation)

[2] 2006-11-02 04:49:30 17512 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\viaide.sys (VIA Technologies, Inc.)

[1] 2008-01-19 00:41:14 16440 C:\Windows\Temp\SPI2138.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciide.sys (Microsoft Corporation)

[2] 2008-01-19 00:41:26 20024 C:\Windows\Temp\SPI2138.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\viaide.sys (VIA Technologies, Inc.)

[1] 2008-01-19 00:41:14 16440 C:\Windows\Temp\SPIF7C1.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciide.sys (Microsoft Corporation)

[2] 2008-01-19 00:41:26 20024 C:\Windows\Temp\SPIF7C1.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\viaide.sys (VIA Technologies, Inc.)

[1] 2001-08-17 13:51:52 3328 C:\i386\pciide.sys (Microsoft Corporation)

[2] 2004-08-03 22:59:44 5376 C:\i386\viaide.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\pciidex.sys

[1] 2006-11-02 04:50:18 42600 C:\Windows\System32\drivers\pciidex.sys ()

[1] 2006-11-02 04:50:18 42600 C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\pciidex.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:12 45112 C:\Windows\Temp\SPI2138.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciidex.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:12 45112 C:\Windows\Temp\SPIF7C1.tmp\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\pciidex.sys (Microsoft Corporation)

[1] 2004-08-03 22:59:42 25088 C:\i386\pciidex.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\pcmcia.sys

[1] 2006-11-02 04:51:12 167528 C:\Windows\System32\drivers\pcmcia.sys ()

[1] 2006-11-02 04:51:12 167528 C:\Windows\System32\DriverStore\FileRepository\pcmcia.inf_1259a379\pcmcia.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:36 179256 C:\Windows\Temp\SPI2138.tmp\x86_pcmcia.inf_31bf3856ad364e35_6.0.6001.18000_none_85cbd1df9b464e00\pcmcia.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:36 179256 C:\Windows\Temp\SPIF7C1.tmp\x86_pcmcia.inf_31bf3856ad364e35_6.0.6001.18000_none_85cbd1df9b464e00\pcmcia.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 119936 C:\i386\pcmcia.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\portcls.sys

[1] 2006-11-02 03:55:04 167424 C:\Windows\System32\drivers\portcls.sys ()

[1] 2006-11-02 03:55:04 167424 C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1493ef6e\portcls.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:20 167936 C:\Windows\Temp\SPI2138.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\portcls.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:20 167936 C:\Windows\Temp\SPIF7C1.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\portcls.sys (Microsoft Corporation)

[1] 2004-03-16 11:58:20 136960 C:\i386\portcls.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\rdpdr.sys

[1] 2006-11-02 04:03:00 242688 C:\Windows\System32\drivers\rdpdr.sys ()

[1] 2006-11-02 04:03:00 242688 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\rdpdr.sys (Microsoft Corporation)

[1] 2008-01-18 23:02:30 248832 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\rdpdr.sys (Microsoft Corporation)

[1] 2008-01-18 23:02:30 248832 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\rdpdr.sys (Microsoft Corporation)

[1] 2004-08-03 23:01:16 196864 C:\i386\rdpdr.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\serenum.sys

[1] 2006-11-02 03:51:25 17920 C:\Windows\System32\drivers\serenum.sys ()

[1] 2006-11-02 03:51:25 17920 C:\Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serenum.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:30 17920 C:\Windows\Temp\SPI2138.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serenum.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:30 17920 C:\Windows\Temp\SPIF7C1.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serenum.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 15488 C:\i386\serenum.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\serial.sys

[1] 2006-11-02 03:51:30 83456 C:\Windows\System32\drivers\serial.sys ()

[1] 2006-11-02 03:51:30 83456 C:\Windows\System32\DriverStore\FileRepository\hiddigi.inf_9d4661e2\serial.sys (Microsoft Corporation)

[1] 2006-11-02 03:51:30 83456 C:\Windows\System32\DriverStore\FileRepository\msports.inf_ac874de4\serial.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:36 83456 C:\Windows\Temp\SPI2138.tmp\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:36 83456 C:\Windows\Temp\SPI2138.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:36 83456 C:\Windows\Temp\SPIF7C1.tmp\x86_hiddigi.inf_31bf3856ad364e35_6.0.6001.18000_none_955c449145dbf667\serial.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:36 83456 C:\Windows\Temp\SPIF7C1.tmp\x86_msports.inf_31bf3856ad364e35_6.0.6001.18000_none_f897b0b1b85e4433\serial.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 64896 C:\i386\serial.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\sermouse.sys

[1] 2006-11-02 03:51:11 19968 C:\Windows\System32\drivers\sermouse.sys ()

[1] 2006-11-02 03:51:11 19968 C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\sermouse.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 19968 C:\Windows\Temp\SPI2138.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\sermouse.sys (Microsoft Corporation)

[1] 2008-01-18 22:49:18 19968 C:\Windows\Temp\SPIF7C1.tmp\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\sermouse.sys (Microsoft Corporation)

[1] 2007-12-05 21:18:26 19968 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\sermouse.sys (Microsoft Corporation)

[1] 2007-12-05 21:25:37 19968 C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\sermouse.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\termdd.sys

[1] 2006-11-02 04:50:28 50792 C:\Windows\System32\drivers\termdd.sys ()

[1] 2006-11-02 04:50:28 50792 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\termdd.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:20 54328 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:20 54328 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys (Microsoft Corporation)

[1] 2004-08-04 01:01:08 40840 C:\i386\termdd.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\umbus.sys

[1] 2006-11-02 03:55:24 34816 C:\Windows\System32\drivers\umbus.sys ()

[1] 2006-11-02 03:55:24 34816 C:\Windows\System32\DriverStore\FileRepository\umbus.inf_6d285360\umbus.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:42 34816 C:\Windows\Temp\SPI2138.tmp\x86_umbus.inf_31bf3856ad364e35_6.0.6001.18000_none_0bdbc8d7c49fa65d\umbus.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:42 34816 C:\Windows\Temp\SPIF7C1.tmp\x86_umbus.inf_31bf3856ad364e35_6.0.6001.18000_none_0bdbc8d7c49fa65d\umbus.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\UMDF\WpdFs.dll

[1] 2006-11-02 04:46:14 219648 C:\Windows\System32\drivers\UMDF\WpdFs.dll ()

[1] 2006-11-02 04:46:14 219648 C:\Windows\System32\DriverStore\FileRepository\wpdfs.inf_96a77ef0\WpdFs.dll (Microsoft Corporation)

[1] 2008-01-19 00:37:10 220160 C:\Windows\Temp\SPI2138.tmp\x86_wpdfs.inf_31bf3856ad364e35_6.0.6001.18000_none_25ecd581d29bc201\wpdfs.dll (Microsoft Corporation)

[1] 2008-01-19 00:37:10 220160 C:\Windows\Temp\SPIF7C1.tmp\x86_wpdfs.inf_31bf3856ad364e35_6.0.6001.18000_none_25ecd581d29bc201\wpdfs.dll (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbccgp.sys

[1] 2006-11-02 03:55:11 73216 C:\Windows\System32\drivers\usbccgp.sys ()

[1] 2006-11-02 03:55:11 73216 C:\Windows\System32\DriverStore\FileRepository\usb.inf_c89fac9c\usbccgp.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:30 73216 C:\Windows\Temp\SPI2138.tmp\x86_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_caf866f60e72536f\usbccgp.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:30 73216 C:\Windows\Temp\SPIF7C1.tmp\x86_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_caf866f60e72536f\usbccgp.sys (Microsoft Corporation)

[1] 2004-08-04 00:08:48 31616 C:\i386\usbccgp.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbd.sys

[1] 2006-11-02 03:55:00 5888 C:\Windows\System32\drivers\usbd.sys ()

[1] 2006-11-02 03:55:00 5888 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\usbd.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 5888 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbd.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:18 5888 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbd.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 4736 C:\i386\usbd.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbehci.sys

[1] 2006-11-02 03:55:04 38400 C:\Windows\System32\drivers\usbehci.sys ()

[1] 2006-11-02 03:55:04 38400 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\usbehci.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:22 39424 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbehci.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:22 39424 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbehci.sys (Microsoft Corporation)

[1] 2005-10-25 18:39:41 27264 C:\i386\usbehci.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbhub.sys

[1] 2006-11-02 03:55:21 191488 C:\Windows\System32\drivers\usbhub.sys ()

[1] 2006-11-02 03:55:21 191488 C:\Windows\System32\DriverStore\FileRepository\usb.inf_c89fac9c\usbhub.sys (Microsoft Corporation)

[1] 2006-11-02 03:55:21 191488 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\usbhub.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:44 194560 C:\Windows\Temp\SPI2138.tmp\x86_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_caf866f60e72536f\usbhub.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:44 194560 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbhub.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:44 194560 C:\Windows\Temp\SPIF7C1.tmp\x86_usb.inf_31bf3856ad364e35_6.0.6001.18000_none_caf866f60e72536f\usbhub.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:44 194560 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbhub.sys (Microsoft Corporation)

[1] 2004-08-03 23:08:44 57600 C:\i386\usbhub.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbport.sys

[1] 2006-11-02 03:55:11 223744 C:\Windows\System32\drivers\usbport.sys ()

[1] 2006-11-02 03:55:11 223744 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\usbport.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:26 226304 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbport.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:26 226304 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbport.sys (Microsoft Corporation)

[1] 2005-10-25 18:39:41 143104 C:\i386\usbport.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\USBSTOR.SYS

[1] 2006-11-02 03:55:05 54784 C:\Windows\System32\drivers\USBSTOR.SYS ()

[1] 2006-11-02 03:55:05 54784 C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS (Microsoft Corporation)

[1] 2008-01-18 22:53:24 55296 C:\Windows\Temp\SPI2138.tmp\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\usbstor.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:24 55296 C:\Windows\Temp\SPIF7C1.tmp\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\usbstor.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\usbuhci.sys

[1] 2006-11-02 03:55:05 22528 C:\Windows\System32\drivers\usbuhci.sys ()

[1] 2006-11-02 03:55:05 22528 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\usbuhci.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:22 23552 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbuhci.sys (Microsoft Corporation)

[1] 2008-01-18 22:53:22 23552 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\usbuhci.sys (Microsoft Corporation)

[1] 2004-08-03 23:08:38 20480 C:\i386\usbuhci.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\vgapnp.sys

[1] 2006-11-02 03:53:56 26112 C:\Windows\System32\drivers\vgapnp.sys ()

[1] 2006-11-02 03:53:56 26112 C:\Windows\System32\DriverStore\FileRepository\display.inf_30c9fefa\vgapnp.sys (Microsoft Corporation)

[1] 2008-01-18 22:52:08 26112 C:\Windows\Temp\SPI2138.tmp\x86_display.inf_31bf3856ad364e35_6.0.6001.18000_none_80554009ce4ef485\vgapnp.sys (Microsoft Corporation)

[1] 2008-01-18 22:52:08 26112 C:\Windows\Temp\SPIF7C1.tmp\x86_display.inf_31bf3856ad364e35_6.0.6001.18000_none_80554009ce4ef485\vgapnp.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\volmgr.sys

[1] 2006-11-02 04:50:24 50280 C:\Windows\System32\drivers\volmgr.sys ()

[1] 2006-11-02 04:50:24 50280 C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\volmgr.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:20 52792 C:\Windows\Temp\SPI2138.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\volmgr.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:20 52792 C:\Windows\Temp\SPIF7C1.tmp\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\volmgr.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\volsnap.sys

[1] 2006-11-02 04:51:18 208488 C:\Windows\System32\drivers\volsnap.sys ()

[1] 2006-11-02 04:51:18 208488 C:\Windows\System32\DriverStore\FileRepository\volume.inf_9320b452\volsnap.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:50 227896 C:\Windows\Temp\SPI2138.tmp\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys (Microsoft Corporation)

[1] 2008-01-19 00:42:50 227896 C:\Windows\Temp\SPIF7C1.tmp\x86_volume.inf_31bf3856ad364e35_6.0.6001.18000_none_15b6b780fc14facd\volsnap.sys (Microsoft Corporation)

[1] 2004-08-04 05:00:00 52352 C:\i386\volsnap.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\drivers\wmiacpi.sys

[1] 2006-11-02 03:35:03 11264 C:\Windows\System32\drivers\wmiacpi.sys ()

[1] 2006-11-02 03:35:03 11264 C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\wmiacpi.sys (Microsoft Corporation)

[1] 2008-01-18 22:32:48 11264 C:\Windows\Temp\SPI2138.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\wmiacpi.sys (Microsoft Corporation)

[1] 2008-01-18 22:32:48 11264 C:\Windows\Temp\SPIF7C1.tmp\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\wmiacpi.sys (Microsoft Corporation)

[1] 2004-08-03 23:07:42 8832 C:\i386\wmiacpi.sys (Microsoft Corporation)



Cannot access: C:\Windows\System32\hal.dll

[1] 2006-11-02 04:51:12 160872 C:\Windows\System32\hal.dll ()

[1] 2005-06-22 19:05:52 134272 C:\i386\HAL.DLL (Microsoft Corporation)



Cannot access: C:\Windows\System32\halacpi.dll

[1] 2006-11-02 04:50:56 134760 C:\Windows\System32\DriverStore\FileRepository\hal.inf_59c500ab\halacpi.dll (Microsoft Corporation)

[1] 2006-11-02 04:50:56 134760 C:\Windows\System32\halacpi.dll ()

[1] 2008-01-19 00:42:14 141880 C:\Windows\Temp\SPI2138.tmp\x86_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_031c102b07ef6390\halacpi.dll (Microsoft Corporation)

[1] 2008-01-19 00:42:14 141880 C:\Windows\Temp\SPIF7C1.tmp\x86_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_031c102b07ef6390\halacpi.dll (Microsoft Corporation)

[1] 2004-08-03 20:59:08 81280 C:\i386\HALACPI.DLL (Microsoft Corporation)



Cannot access: C:\Windows\System32\halmacpi.dll

[1] 2006-11-02 04:51:12 160872 C:\Windows\System32\DriverStore\FileRepository\hal.inf_59c500ab\halmacpi.dll (Microsoft Corporation)

[1] 2006-11-02 04:51:12 160872 C:\Windows\System32\halmacpi.dll ()

[1] 2008-01-19 00:42:36 177208 C:\Windows\Temp\SPI2138.tmp\x86_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_031c102b07ef6390\halmacpi.dll (Microsoft Corporation)

[1] 2008-01-19 00:42:36 177208 C:\Windows\Temp\SPIF7C1.tmp\x86_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_031c102b07ef6390\halmacpi.dll (Microsoft Corporation)

[2] 2005-06-22 19:05:52 134272 C:\i386\HAL.DLL (Microsoft Corporation)



Cannot access: C:\Windows\System32\hccoin.dll

[1] 2006-11-02 04:46:05 8704 C:\Windows\System32\DriverStore\FileRepository\usbport.inf_4d107f9d\hccoin.dll (Microsoft Corporation)

[1] 2006-11-02 04:46:05 8704 C:\Windows\System32\hccoin.dll ()

[1] 2006-11-02 02:46:06 8704 C:\Windows\Temp\SPI2138.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\hccoin.dll (Microsoft Corporation)

[1] 2006-11-02 02:46:06 8704 C:\Windows\Temp\SPIF7C1.tmp\x86_usbport.inf_31bf3856ad364e35_6.0.6001.18000_none_bdc25f73038da156\hccoin.dll (Microsoft Corporation)

[1] 2004-08-04 05:00:00 7168 C:\i386\hccoin.dll (Microsoft Corporation)



Cannot access: C:\Windows\System32\iscsilog.dll

[1] 2006-11-02 02:31:53 14848 C:\Windows\System32\DriverStore\FileRepository\iscsi.inf_ea5644c7\iscsilog.dll (Microsoft Corporation)

[1] 2006-11-02 02:31:53 14848 C:\Windows\System32\iscsilog.dll ()

[1] 2008-01-18 22:50:36 14848 C:\Windows\Temp\SPI2138.tmp\x86_iscsi.inf_31bf3856ad364e35_6.0.6001.18000_none_3cc3c5b3f3a6b22e\iscsilog.dll (Microsoft Corporation)

[1] 2008-01-18 22:50:36 14848 C:\Windows\Temp\SPIF7C1.tmp\x86_iscsi.inf_31bf3856ad364e35_6.0.6001.18000_none_3cc3c5b3f3a6b22e\iscsilog.dll (Microsoft Corporation)



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

[1] 2009-09-22 18:45:39 31320 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl

[1] 2009-09-22 20:06:15 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

[1] 2009-09-22 20:06:15 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl

[1] 2009-09-22 20:06:57 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl

[1] 2009-09-22 11:30:43 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl ()



Cannot access: C:\Windows\System32\SysFxUI.dll

[1] 2006-11-02 04:46:13 338944 C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1493ef6e\SysFxUI.dll (Microsoft Corporation)

[1] 2006-11-02 04:46:13 338944 C:\Windows\System32\SysFxUI.dll ()

[1] 2008-01-19 00:36:40 338944 C:\Windows\Temp\SPI2138.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\sysfxui.dll (Microsoft Corporation)

[1] 2008-01-19 00:36:40 338944 C:\Windows\Temp\SPIF7C1.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\sysfxui.dll (Microsoft Corporation)



Cannot access: C:\Windows\System32\WMALFXGFXDSP.dll

[1] 2006-11-02 04:46:14 1312256 C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_1493ef6e\WMALFXGFXDSP.dll (Microsoft Corporation)

[1] 2006-11-02 04:46:14 1312256 C:\Windows\System32\WMALFXGFXDSP.dll ()

[1] 2008-01-19 00:37:00 1312256 C:\Windows\Temp\SPI2138.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\wmalfxgfxdsp.dll (Microsoft Corporation)

[1] 2008-01-19 00:37:00 1312256 C:\Windows\Temp\SPIF7C1.tmp\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6001.18000_none_606759131a25a8c1\wmalfxgfxdsp.dll (Microsoft Corporation)



Found mount point : C:\Windows\Temp\cmi{211FA835-C8CC-47DF-9B38-06DB153190C1}\cmi{211FA835-C8CC-47DF-9B38-06DB153190C1}

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf10e6.tmp\mdf10e6.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf10f.tmp\mdf10f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf150c.tmp\mdf150c.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf165f.tmp\mdf165f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1863.tmp\mdf1863.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1884.tmp\mdf1884.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf18ad.tmp\mdf18ad.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf18ec.tmp\mdf18ec.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1a70.tmp\mdf1a70.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1ac0.tmp\mdf1ac0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1add.tmp\mdf1add.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1cc9.tmp\mdf1cc9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1d0d.tmp\mdf1d0d.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1d18.tmp\mdf1d18.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1d98.tmp\mdf1d98.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1e48.tmp\mdf1e48.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1e7.tmp\mdf1e7.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf1f7c.tmp\mdf1f7c.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf207b.tmp\mdf207b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf20a5.tmp\mdf20a5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2198.tmp\mdf2198.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf23a5.tmp\mdf23a5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf23d1.tmp\mdf23d1.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf24d5.tmp\mdf24d5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf24f9.tmp\mdf24f9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2548.tmp\mdf2548.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf28eb.tmp\mdf28eb.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf28f4.tmp\mdf28f4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2912.tmp\mdf2912.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf29f0.tmp\mdf29f0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2a4e.tmp\mdf2a4e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2a5.tmp\mdf2a5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2a68.tmp\mdf2a68.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2ac1.tmp\mdf2ac1.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2d1c.tmp\mdf2d1c.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2d81.tmp\mdf2d81.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2dc7.tmp\mdf2dc7.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2ed9.tmp\mdf2ed9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf2efd.tmp\mdf2efd.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf30.tmp\mdf30.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf31a0.tmp\mdf31a0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf31c9.tmp\mdf31c9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3275.tmp\mdf3275.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3297.tmp\mdf3297.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf32f3.tmp\mdf32f3.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3379.tmp\mdf3379.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3446.tmp\mdf3446.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3474.tmp\mdf3474.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf347d.tmp\mdf347d.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3510.tmp\mdf3510.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3631.tmp\mdf3631.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf36e0.tmp\mdf36e0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3718.tmp\mdf3718.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf37bd.tmp\mdf37bd.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3a06.tmp\mdf3a06.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3b0f.tmp\mdf3b0f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3bd8.tmp\mdf3bd8.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3d3a.tmp\mdf3d3a.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3d9f.tmp\mdf3d9f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3db5.tmp\mdf3db5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3dfd.tmp\mdf3dfd.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3e89.tmp\mdf3e89.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3f23.tmp\mdf3f23.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3f5d.tmp\mdf3f5d.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf3f84.tmp\mdf3f84.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4034.tmp\mdf4034.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4059.tmp\mdf4059.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4084.tmp\mdf4084.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4172.tmp\mdf4172.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4304.tmp\mdf4304.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4335.tmp\mdf4335.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4393.tmp\mdf4393.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4487.tmp\mdf4487.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4512.tmp\mdf4512.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4526.tmp\mdf4526.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4560.tmp\mdf4560.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf45a.tmp\mdf45a.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf45be.tmp\mdf45be.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf46ab.tmp\mdf46ab.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4704.tmp\mdf4704.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4876.tmp\mdf4876.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf48be.tmp\mdf48be.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf49ab.tmp\mdf49ab.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4ae.tmp\mdf4ae.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4b34.tmp\mdf4b34.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4b5b.tmp\mdf4b5b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4c5f.tmp\mdf4c5f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4cf6.tmp\mdf4cf6.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4e19.tmp\mdf4e19.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4e56.tmp\mdf4e56.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4e68.tmp\mdf4e68.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4e8a.tmp\mdf4e8a.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4f1e.tmp\mdf4f1e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf4f41.tmp\mdf4f41.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf50a7.tmp\mdf50a7.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf50e4.tmp\mdf50e4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf525f.tmp\mdf525f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf52c4.tmp\mdf52c4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf52cc.tmp\mdf52cc.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf52e0.tmp\mdf52e0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf52e7.tmp\mdf52e7.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf52ed.tmp\mdf52ed.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5328.tmp\mdf5328.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5352.tmp\mdf5352.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf53b4.tmp\mdf53b4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf550.tmp\mdf550.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf56b6.tmp\mdf56b6.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf56c4.tmp\mdf56c4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5705.tmp\mdf5705.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf57c2.tmp\mdf57c2.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf585b.tmp\mdf585b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5a06.tmp\mdf5a06.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5b0.tmp\mdf5b0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5b18.tmp\mdf5b18.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5b84.tmp\mdf5b84.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5c0b.tmp\mdf5c0b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5c8.tmp\mdf5c8.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5daf.tmp\mdf5daf.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5dea.tmp\mdf5dea.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5e79.tmp\mdf5e79.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5e87.tmp\mdf5e87.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5eb3.tmp\mdf5eb3.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5edd.tmp\mdf5edd.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5f14.tmp\mdf5f14.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5f9e.tmp\mdf5f9e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf5fd7.tmp\mdf5fd7.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf601.tmp\mdf601.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf601e.tmp\mdf601e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf603.tmp\mdf603.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf609a.tmp\mdf609a.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf60b8.tmp\mdf60b8.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf60ba.tmp\mdf60ba.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf60d0.tmp\mdf60d0.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf60ec.tmp\mdf60ec.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6116.tmp\mdf6116.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6135.tmp\mdf6135.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6256.tmp\mdf6256.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6270.tmp\mdf6270.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf63e.tmp\mdf63e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf67.tmp\mdf67.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6766.tmp\mdf6766.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf676d.tmp\mdf676d.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6798.tmp\mdf6798.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf67e9.tmp\mdf67e9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf68fe.tmp\mdf68fe.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6968.tmp\mdf6968.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6a03.tmp\mdf6a03.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6a27.tmp\mdf6a27.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6a62.tmp\mdf6a62.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6a86.tmp\mdf6a86.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6ac3.tmp\mdf6ac3.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6af1.tmp\mdf6af1.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6c41.tmp\mdf6c41.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6c46.tmp\mdf6c46.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6dde.tmp\mdf6dde.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6dfb.tmp\mdf6dfb.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6e36.tmp\mdf6e36.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6e65.tmp\mdf6e65.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6ef2.tmp\mdf6ef2.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf6f23.tmp\mdf6f23.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7003.tmp\mdf7003.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7030.tmp\mdf7030.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf703f.tmp\mdf703f.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf70c.tmp\mdf70c.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf71bd.tmp\mdf71bd.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf72.tmp\mdf72.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf726b.tmp\mdf726b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7292.tmp\mdf7292.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf72b6.tmp\mdf72b6.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf72bc.tmp\mdf72bc.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf733c.tmp\mdf733c.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7370.tmp\mdf7370.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf73ab.tmp\mdf73ab.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf746a.tmp\mdf746a.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf753e.tmp\mdf753e.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7553.tmp\mdf7553.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7558.tmp\mdf7558.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf75f9.tmp\mdf75f9.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7650.tmp\mdf7650.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf76e2.tmp\mdf76e2.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7732.tmp\mdf7732.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7750.tmp\mdf7750.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7828.tmp\mdf7828.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf78c5.tmp\mdf78c5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf79b4.tmp\mdf79b4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf79df.tmp\mdf79df.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7a44.tmp\mdf7a44.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7a70.tmp\mdf7a70.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7e5b.tmp\mdf7e5b.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf7ed5.tmp\mdf7ed5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf85.tmp\mdf85.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf8d5.tmp\mdf8d5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdf8f5.tmp\mdf8f5.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfa22.tmp\mdfa22.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfbc1.tmp\mdfbc1.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfc94.tmp\mdfc94.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfcbf.tmp\mdfcbf.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfd8d.tmp\mdfd8d.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfda3.tmp\mdfda3.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\mdfff3.tmp\mdfff3.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\SPIF7C1.tmp\$dpx$.tmp\$dpx$.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\SxsTemp\SxsTemp

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Temp\~msdt\tools\tools

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\tracing\tracing

Mount point destination : \Device\__max++>\^

Found mount point : C:\Windows\Web\printers\images\images

Mount point destination : \Device\__max++>\^



Finished!

Edited by tigergrrl, 22 September 2009 - 09:47 PM.


#6 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:01:24 AM

Posted 23 September 2009 - 04:21 PM

Now that you were successful in creating a log you need to post it in our HJT forum:
http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/
Give a brief description and tell them that this log was all you could get to run successfully
The HJT team is extremely busy, so be patient and good luck
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#7 tigergrrl

tigergrrl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:12:24 AM

Posted 23 September 2009 - 04:36 PM

Thanks for your help, Garmanma!

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:24 AM

Posted 23 September 2009 - 10:42 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/259787/yet-another-lovely-bundle-of-virusestrojansspywaremalware-or-something/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users