Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown problems with computer after massive infections


  • This topic is locked This topic is locked
16 replies to this topic

#1 southernthunder75

southernthunder75

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 17 May 2010 - 08:54 PM

Greetings all from a noob!

After using all methods that I know of, I have finally gotten my computer to boot. However, some programs such as Spybot and Hijack will not run saying that I do not have permissions (and upon reinstalling them it tells me that the exe file is READ only and will not allow an attribute change either automatically or manually) along with slow reation times.

I have run Avir scan, spybot scan, cclean scan and malwarebyte scan from flashdrive to remove 60 plus entries, viruses, malwares and still having problems. I'm all out of options and turning to anyone out there who can help. I have inlcuded the DDS logs, GMER log, and Hijack This log. The Malwarebyte log came up with all clear report so it's not posted.

Any assistance on what steps to take next is greatly appreciated! Thanks in advance!!

DDS log:


DDS (Ver_10-03-17.01) - NTFSx86
Run by rhonda at 14:07:27.76 on Mon 05/17/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/?fr=fptb-yie8
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title =
mStart Page = about:blank
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_1_0
uRun: [Yahoo! Pager] 1
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinTSI 27.08.2009; yie8)" -"http://www.net-games.biz/funny-games/Talladega-Nights.html"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [YSearchProtection] "c:\program files\yahoo!\search protection\SearchProtection.exe"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [Motive SmartBridge] c:\progra~1\sbcsel~1\smartb~1\MotiveSB.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\at&tse~1.lnk - c:\program files\sbc self support tool\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dlbcserv.lnk - c:\program files\dell photo printer 720\dlbcserv.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pimoni~1.lnk - c:\program files\arcsoft\photoimpression 5\PI Monitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://zone.msn.com/bingame/popcaploader_v10.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2010-05-17 15:59:32 0 d-----w- c:\docume~1\rhonda\applic~1\Avira
2010-05-17 15:25:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-17 15:25:45 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-17 15:25:45 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-17 14:37:01 0 d-----w- c:\docume~1\alluse~1\applic~1\Eastman Kodak Company
2010-05-17 14:34:32 0 d-----w- c:\windows\system32\kodak
2010-05-17 14:32:20 0 d-----w- c:\program files\MSXML 6.0
2010-05-17 14:26:34 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-05-04 01:14:32 0 d--h--w- C:\$AVG
2010-05-04 00:37:44 0 d-----w- C:\Keyfinder 2.0.8

==================== Find3M ====================

2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\dllcache\vbscript.dll
2010-02-25 16:54:36 11070976 ----a-w- c:\windows\system32\dllcache\ieframe.dll
2010-02-24 13:11:07 455680 ----a-w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-24 09:54:25 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2010-02-17 14:10:28 2189952 ----a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-09-05 23:16:13 56 --sh--r- c:\windows\system32\B5F7878CD4.sys
2009-09-05 23:16:16 3350 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-10-09 00:14:49 16384 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-10-28 18:39:52 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102820081029\index.dat

============= FINISH: 14:08:10.54 ===============


GMER log:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-17 20:51:57
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\rhonda\LOCALS~1\Temp\kxdoapoc.sys


---- System - GMER 1.0.15 ----

SSDT BA76B866 ZwCreateKey
SSDT BA76B85C ZwCreateThread
SSDT BA76B86B ZwDeleteKey
SSDT BA76B875 ZwDeleteValueKey
SSDT BA76B87A ZwLoadKey
SSDT BA76B848 ZwOpenProcess
SSDT BA76B84D ZwOpenThread
SSDT BA76B884 ZwReplaceKey
SSDT BA76B87F ZwRestoreKey
SSDT BA76B870 ZwSetValueKey

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\DRIVERS\mohfilt.sys entry point in "init" section [0xBA41B760]

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[1088] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----






Hijack This log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:54:12 PM, on 5/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
E:\Programs\Trend Micro\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinTSI 27.08.2009; yie8)" -"http://www.net-games.biz/funny-games/Talladega-Nights.html"
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0 (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [Yahoo! Pager] 1 (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-3987078197-456683979-229190831-1007\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinTSI 27.08.2009; yie8)" -"http://www.net-games.biz/funny-games/Talladega-Nights.html" (User '?')
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
O24 - Desktop Component 0: tets - C:\WINDOWS\system32\onhelp.htm

--
End of file - 12331 bytes



Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 19 May 2010 - 02:44 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 19 May 2010 - 10:46 PM

OTL logfile created on: 5/19/2010 10:36:54 PM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\rhonda\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 4977 4977 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.82 Gb Total Space | 48.95 Gb Free Space | 70.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 957.22 Mb Total Space | 595.36 Mb Free Space | 62.20% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D23PSX81
Current User Name: rhonda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/19 22:28:52 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\rhonda\Desktop\OTL.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/02/11 15:36:12 | 000,300,400 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/02/03 08:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/13 18:32:40 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 16:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/09/18 14:46:30 | 000,481,792 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2006/09/18 14:46:30 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2006/09/18 14:46:30 | 000,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2005/08/31 12:06:18 | 000,106,496 | ---- | M] (Corel, Inc.) -- C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
PRC - [2005/08/24 08:51:18 | 000,442,455 | ---- | M] (Motive, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe
PRC - [2005/03/23 01:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/01/06 13:55:16 | 000,086,016 | ---- | M] (Arcsoft, Inc.) -- C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe


========== Modules (SafeList) ==========

MOD - [2010/05/19 22:28:52 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\rhonda\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2005/06/03 10:23:28 | 000,122,880 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\SBC Self Support Tool\SmartBridge\SBHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/11 15:36:12 | 000,300,400 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/12 14:42:34 | 000,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/11/30 15:50:53 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/06/14 23:40:08 | 000,180,864 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/12/06 02:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 02:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 02:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 02:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 02:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 02:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 02:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 02:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 02:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 04:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 03:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 12:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 12:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/16 04:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/06 05:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fptb-yie8
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/12 14:45:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/12 17:50:06 | 000,000,000 | ---D | M]

[2009/09/12 17:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/05/17 12:07:49 | 000,395,194 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13648 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Conime] C:\WINDOWS\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe (Corel, Inc.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [Motive SmartBridge] C:\Program Files\SBC Self Support Tool\SmartBridge\MotiveSB.exe (Motive, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Yahoo! Pager] File not found
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident\4.0; File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe (Motive Communications, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe (Arcsoft, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16658
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} http://a516.g.akamai.net/f/516/25175/7d/ru...cat-no-eula.cab (Citrix ICA Client)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...ro.cab53083.cab (ZoneIntro Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (tets) - C:\WINDOWS\system32\onhelp.htm
O24 - Desktop WallPaper: C:\Documents and Settings\rhonda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\rhonda\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2909db1a-9e63-11de-b885-00123fa55821}\Shell\AutoRun\command - "" = E:\StartPortableApps.exe -- File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{97921338-2c70-11dd-b7da-00038a000015}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*



ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{19FB76C6-DBEF-44B5-A053-ECDF5F855A07} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.SP54 - SP5X_32.DLL File not found
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/08/16 05:22:48 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/05/19 22:36:31 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\rhonda\Desktop\OTL.exe
[2010/05/17 14:09:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\rhonda\Desktop\gmer
[2010/05/17 12:36:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\rhonda\Recent
[2010/05/17 11:16:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/05/17 10:59:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\rhonda\Application Data\Avira
[2010/05/17 10:25:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/17 10:25:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/17 10:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/17 09:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
[2010/05/17 09:36:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\rhonda\Local Settings\Application Data\Eastman_Kodak_Company
[2010/05/17 09:36:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\rhonda\Local Settings\Application Data\Microsoft Corporation
[2010/05/17 09:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kodak
[2010/05/17 09:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010/05/17 09:26:34 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/05/03 20:14:32 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/05/03 19:37:44 | 000,000,000 | ---D | C] -- C:\Keyfinder 2.0.8
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/19 22:37:26 | 000,557,242 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/19 22:37:26 | 000,466,414 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/19 22:37:26 | 000,079,630 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/19 22:36:20 | 008,126,464 | ---- | M] () -- C:\Documents and Settings\rhonda\NTUSER.DAT
[2010/05/19 22:33:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/19 22:33:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/19 22:33:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/19 22:33:10 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/19 22:28:52 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\rhonda\Desktop\OTL.exe
[2010/05/17 14:06:40 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\rhonda\Desktop\gmer.zip
[2010/05/17 14:04:34 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\rhonda\Desktop\dds.scr
[2010/05/17 13:53:30 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\rhonda\Desktop\HijackThis.lnk
[2010/05/17 12:54:46 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\rhonda\ntuser.ini
[2010/05/17 12:34:14 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\rhonda\My Documents\cc_20100517_123335.reg
[2010/05/17 12:32:09 | 000,306,000 | ---- | M] () -- C:\Documents and Settings\rhonda\My Documents\cc_20100517_123140.reg
[2010/05/17 12:29:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\rhonda\Desktop\CCleaner.lnk
[2010/05/17 12:21:50 | 000,000,439 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/17 12:18:09 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\rhonda\Desktop\Spybot - Search & Destroy.lnk
[2010/05/17 12:07:49 | 000,395,194 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/05/17 10:28:47 | 000,189,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/17 10:25:51 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/17 09:36:40 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Center.lnk
[2010/05/17 09:30:15 | 000,000,890 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/17 14:07:22 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\rhonda\Desktop\gmer.zip
[2010/05/17 14:07:12 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\rhonda\Desktop\dds.scr
[2010/05/17 12:33:37 | 000,001,294 | ---- | C] () -- C:\Documents and Settings\rhonda\My Documents\cc_20100517_123335.reg
[2010/05/17 12:31:44 | 000,306,000 | ---- | C] () -- C:\Documents and Settings\rhonda\My Documents\cc_20100517_123140.reg
[2010/05/17 12:18:09 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\rhonda\Desktop\Spybot - Search & Destroy.lnk
[2010/05/17 10:25:51 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/17 09:36:40 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KODAK AiO Home Center.lnk
[2009/09/12 15:19:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\7B1CE332.x86.dll
[2009/09/12 14:49:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\76621BF4.x86.dll
[2009/09/12 13:38:48 | 000,000,090 | ---- | C] () -- C:\WINDOWS\OB1.INI
[2009/01/19 04:02:30 | 000,000,197 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/01/09 09:24:41 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/23 15:55:36 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI5_SETUP.ini
[2007/10/23 15:53:37 | 000,000,679 | ---- | C] () -- C:\WINDOWS\Remove.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/02/27 09:11:00 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/02/27 09:11:00 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\B5F7878CD4.sys
[2006/01/26 17:02:09 | 000,000,437 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/01/26 17:01:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2006/01/26 17:01:43 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2005/12/26 13:46:13 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/30 16:02:40 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/30 15:52:58 | 000,004,171 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/11/30 15:47:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/30 15:21:52 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 05:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/05 15:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/28 10:40:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/28 10:40:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/28 10:40:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/28 10:40:00 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\i386\eventlog.dll
[2004/08/10 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: LOGEVENT.DLL >
[2008/04/13 19:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\logevent.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\i386\scecli.dll
[2004/08/10 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 19:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2005/08/16 05:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 05:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 05:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\system32\drivers\avipbb.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010/02/24 08:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\$hf_mig$\KB904706\KB904706] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB912812\KB912812] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB916281\KB916281] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB918899\KB918899] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB920213\KB920213] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB922760\KB922760] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB924496\KB924496] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB925454\KB925454] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB928090\KB928090] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB931768\KB931768] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB932168\KB932168] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB933566\KB933566] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB937143\KB937143] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB939653\KB939653] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB941568\KB941568] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB943460\KB943460] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB956844\KB956844] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\$hf_mig$\KB973874-IE8\KB973874-IE8] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D4.tmp\ZAP1D4.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BB.tmp\ZAP2BB.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D6.tmp\ZAP2D6.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\ehCIR] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\EhCM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\ehcommon] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\ehepg] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\ehepgdat] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtCOM\ehiExtCOM] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtens\ehiExtens] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiMsgr\ehiMsgr] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiPlay\ehiPlay] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\ehiProxy] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiUserXp\ehiUserXp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiVidCtl\ehiVidCtl] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiwmp\ehiwmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\ehRecObj] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehshell\ehshell] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Config\Config] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Connection Wizard\Connection Wizard] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\chsime\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\CHTIME\Applets\Applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imejp98\imejp98] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imjp8_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\applets\applets] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\imkr6_1\dicts\dicts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\ime\shared\res\res] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\java\trustlib\trustlib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msapps\msinfo\msinfo] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\msdownld.tmp\msdownld.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\batch\batch] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Config\News\News] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\System\DFS\DFS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\pchealth\helpctr\Temp\Temp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\PIF\PIF] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\security\logs\logs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\c36c7f4b6082ffbd96a80985adcf3ca0\update\update] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\5a0d771158cfd69be5ddd26d8f58c73b] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7d49753b93ffa6844bcba39df0e9b771\7d49753b93ffa6844bcba39df0e9b771] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1025\1025] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1028\1028] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1031\1031] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1037\1037] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1041\1041] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1042\1042] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\1054\1054] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\2052\2052] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\3076\3076] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\3com_dmi\3com_dmi] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\appmgmt\S-1-5-21-3987078197-456683979-229190831-1007\S-1-5-21-3987078197-456683979-229190831-1007] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\{4E3254D7-522A-412A-9296-3F4767B3A2CB}] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\MMC] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\javaws\cache\cache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Musicmatch\Jukebox\Cache\Cache] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.MSO\Content.MSO] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\dhcp\dhcp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\drivers\disdn\disdn] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\export\export] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\FxsTmp\FxsTmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\GroupPolicy\Machine\Machine] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\GroupPolicy\User\User] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\Macromed\update\update] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\mui\dispspec\dispspec] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\oobe\html\oemcust\oemcust] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\oobe\html\oemhw\oemhw] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\oobe\html\oemreg\oemreg] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\oobe\sample\sample] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\ShellExt\ShellExt] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\spool\PRINTERS\PRINTERS] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\wbem\mof\bad\bad] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\wbem\mof\good\good] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\wbem\snmp\snmp] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\wins\wins] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\system32\xircom\xircom] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\options\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\tellafriend\offline\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\buttons\buttons] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dialogs\dialogs] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dropdowns\dropdowns] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\htmldialog\htmldialog] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\list\list] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\listMenu\listMenu] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\notification\notification] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\options_menu_button\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\preview\preview] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\scrollbar\scrollbar] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\searchWidget\searchWidget] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\selectors\selectors] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\shared_graphics\shared_graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\tray_scroller\tray_scroller] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\AdvancedOptions\AdvancedOptions] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\alerts\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\bookmarks\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\GeneralOptions\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\options\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frame_template\frame_template] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Autumn\Autumn] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Birthday\Birthday] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Chanukah\Chanukah] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Christmas\Christmas] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Halloween\Halloween] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Baby\New Baby] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Years\New Years] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Sports\Sports] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\offline\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\html\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\tests\tests] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview2\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\core\core] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\includes\includes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\popups\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\search\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SelectorEditor\SelectorEditor] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SkinChooser\SkinChooser] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\ThemeTemplates\Default\Default] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Runtime\ProgFiles\ProgFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\colorSchemes\backgrounds\backgrounds] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\graphics\tellafriend_offline\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\core\core] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\includes\includes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\ThemeCustomizer\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\production\automationScripts\automationScripts] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\colorSchemes\backgrounds\backgrounds] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\barintro_images\barintro_images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\Includes\Includes] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\core\core] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\graphics\graphics] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\options\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\ThemeCustomizer\images\images] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\0\Private\Vendor\ProgFiles\ProgFiles] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\SBCYahoo_SMB_600000\SBCYahoo_SMB_600000] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\StartupSC\StartupSC] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\TempRec\TempSBE\TempSBE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\VBE\VBE] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\viewmgr\viewmgr] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\Temp\vmgr\4294894256\4294894256] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\twain_32\kodak\kds_aio5000\install\install] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\twain_32\kodak\kds_aioesp\lib\lib] -> \Device\__max++>\^ -> Mount Point
[C:\WINDOWS\WinSxS\InstallTemp\InstallTemp] -> \Device\__max++>\^ -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 152 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:10151AE6
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7C017FB1
< End of report >



OTL Extras logfile created on: 5/19/2010 10:36:54 PM - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\rhonda\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): C:\pagefile.sys 4977 4977 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.82 Gb Total Space | 48.95 Gb Free Space | 70.10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 957.22 Mb Total Space | 595.36 Mb Free Space | 62.20% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: D23PSX81
Current User Name: rhonda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"9323:TCP" = 9323:TCP:*:Enabled:EKDiscovery
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{069364A0-8F64-4691-8719-B3CC728BFD6C}" = ArcSoft PhotoImpression 5
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8 Dell Edition
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A9B8148-DDD7-448F-BD6C-358386D32354}" = Corel Photo Album 6
"{91130409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AE15D0F7-8C2E-4419-97B4-995ED16FBB4E}" = Art Explosion Greeting Card Factory Express
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
"{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}" = Jasc Paint Shop Photo Album
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4CB7852-8308-4BBB-AF7D-48F073B58507}" = Polaroid Digital Cam
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Center
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"Citrix ICA Web Client" = MetaFrame Presentation Server Web Client for Win32
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Photo Printer 720" = Dell Photo Printer 720
"Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ESPNMotion" = ESPNMotion
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Intel® 537EP V9x DF PCI Modem" = Intel® 537EP V9x DF PCI Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Connections Drivers
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"SBC.MCCInstall" = AT&T Self Support Tool
"SpongeBob SquarePants Diner Dash 2" = SpongeBob SquarePants Diner Dash 2
"SpongeBob SquarePants Obstacle Odyssey" = SpongeBob SquarePants Obstacle Odyssey
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 20 May 2010 - 04:08 AM

Hi,

Please run the following tool:
Download and run Win32kDiag:
  1. Download Win32kDiag from any of the following locations and save it to your Desktop.
  2. Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  3. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  4. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 20 May 2010 - 05:36 AM

Good morning!

Thanks for your assistance thus far, I really appreciate it!
Here is the information you requested:

Running from: C:\Documents and Settings\rhonda\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\rhonda\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\$hf_mig$\KB904706\KB904706

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB912812\KB912812

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB916281\KB916281

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB925454\KB925454

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB928090\KB928090

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB931768\KB931768

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB933566\KB933566

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB937143\KB937143

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB939653\KB939653

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB941568\KB941568

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB973874-IE8\KB973874-IE8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\ehCIR

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\EhCM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\ehcommon

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\ehepg

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\ehepgdat

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtCOM\ehiExtCOM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtens\ehiExtens

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiMsgr\ehiMsgr

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiPlay\ehiPlay

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\ehiProxy

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiUserXp\ehiUserXp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiVidCtl\ehiVidCtl

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiwmp\ehiwmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\ehRecObj

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehshell\ehshell

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D4.tmp\ZAP1D4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BB.tmp\ZAP2BB.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D6.tmp\ZAP2D6.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\batch\batch

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

[1] 2004-08-10 06:00:00 743936 C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe (Microsoft Corporation)

[1] 2008-04-13 19:12:21 744448 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe ()

[1] 2008-04-13 19:12:21 744448 C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe (Microsoft Corporation)



Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\News\News

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PIF\PIF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\security\logs\logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB873339\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 17:29:47 654848 C:\WINDOWS\$hf_mig$\KB885250\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB885835\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 12:34:54 654848 C:\WINDOWS\$hf_mig$\KB885836\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB886185\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB887472\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 11:34:54 654848 C:\WINDOWS\$hf_mig$\KB887742\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:48 654848 C:\WINDOWS\$hf_mig$\KB888113\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 15:46:40 654848 C:\WINDOWS\$hf_mig$\KB888302\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB890046\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB890175\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 20:35:06 718048 C:\WINDOWS\$hf_mig$\KB890859\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB891781\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893066\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893756\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB894391\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896358\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896422\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896424\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896428\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896727\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899587\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899588\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899589\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899591\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB900485\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB900725\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB901017\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB901214\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB902400\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB905414\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB905749\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB905915\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908519\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908531\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB910437\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911280\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911562\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911567\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911927\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB912919\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB913446\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB913580\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914388\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914389\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB915865\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917159\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917422\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917953\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918118\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB919007\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920214\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB920670\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920683\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920685\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920872\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921398\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921503\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB921883\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB922616\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB922819\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923414\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB923561\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB923694\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923980\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924191\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924270\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB925486\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB925902\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB926255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB926436\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927779\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB927802\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB928255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB928843\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB929123\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929338\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929969\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930178\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930916\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931261\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB931784\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931836\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB933360\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB935839\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB936021\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB936357\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB937894\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938127\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB938464\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB938829\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941644\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941693\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942763\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943055\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943485\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB944653\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB945553\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB946026\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB946648\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB948590\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB948881\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB950749\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950760\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950762\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB950974\update\update.exe (Microsoft Corporation)

[1] 2007-12-03 10:25:31 755576 C:\WINDOWS\$hf_mig$\KB951066\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951698\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951748\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951978\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB952004\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB952287\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB952954\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB953839\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB954211\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB954459\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB954600\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB955069\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB955759\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB955839\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB956391\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956572\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB956744\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956802\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956803\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956841\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB957095\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB957097\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958644\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958687\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB958690\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB959426\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960225\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB960715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960803\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB960859\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB961371\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB961373\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB961501\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB967715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB968220-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB968389\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB968537\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969059\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969897-IE8\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969898\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969947\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB970238\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB970430\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB971468\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971557\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB971633\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971657\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971737\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB972260-IE8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB972270\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973346\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973354\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973507\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973687\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973815\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973869\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973904\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974112\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974318\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974392\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974571\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975025\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975467\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975560\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB975561\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975713\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB976662-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977816\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977914\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978037\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978262\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978338\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978542\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978601\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978706\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979309\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979683\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB980182-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\$hf_mig$\KB980232\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB981332-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\01229cf5dcf0df67992cac35a2ba0b3f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\035cdeeef9eaa07de20138b420444b17\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\22f1a1e628f2ceada1948d2c604b5154\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\23e79e5fb28793d8cb1c2055b0d8dcb9\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\248802b74506342031e926839639c729\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\269630a60abe4177f0ba214686d6ebda\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\SoftwareDistribution\Download\284a430ed4a998417200bec9f0c45f85\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\2e6b16219034e135b4f869efb7a10fee\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3724a78548e17e8215a17353ec597ae3\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3e17316becee1d41b884695bbf7f49db\update\update.exe (Microsoft Corporation)

[1] 2009-04-13 13:42:06 716000 C:\WINDOWS\SoftwareDistribution\Download\3f96ee4455d36a14b252a0ddc35e56eb\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\4de233d8d67cd9916ac28a2d43724f55\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\50e2c72fd814d3841e776dd2c4918260\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe ()

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\59732c3a78c987eaec1ee41ab88e3da8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5e5aab0184cde550e4ba21f1d2bd377e\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\6a410a1bd174bc123056d235ac4829af\update\update.exe (Microsoft Corporation)

[1] 2006-04-10 12:36:18 710584 C:\WINDOWS\SoftwareDistribution\Download\6c4788c9549d437e76e1773a7639582a\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\75cd10bc79782317976e2a857798ad9f\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\7dc77bad5469553a68ef5efe55070b06\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\8ce9df05e44d8f9bdb2b38867a384b43\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\a4c8b51fef38872a7ec62d0a40ca147c\update\update.exe (Microsoft Corporation)

[1] 2007-07-27 10:41:48 755576 C:\WINDOWS\SoftwareDistribution\Download\aadd6ccc4585cbf4ee04287eb0e679df\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ab0676fe50d78a2ee35a6cca883a9b02\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\c0c52c03306062533f7dcb087bfcfa6b\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ca9dce055d1f0f23d2b57daec177104f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\d8ef7c8f90f509563f255df3e967b057\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da2a33b6770f970d7fe7262040f98a4f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da7fee2d51e2e59bdd47cb9e03387bcc\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e15760431e46367ca5a3dfd40a9d03e3\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e639ef786ddd695030aad48a97363146\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\f2adb0f8440e5dbd459aa6bfcaed1ba5\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\update\update.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB873339\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 17:29:47 654848 C:\WINDOWS\$hf_mig$\KB885250\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB885835\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 12:34:54 654848 C:\WINDOWS\$hf_mig$\KB885836\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB886185\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB887472\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 11:34:54 654848 C:\WINDOWS\$hf_mig$\KB887742\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:48 654848 C:\WINDOWS\$hf_mig$\KB888113\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 15:46:40 654848 C:\WINDOWS\$hf_mig$\KB888302\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB890046\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB890175\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 20:35:06 718048 C:\WINDOWS\$hf_mig$\KB890859\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB891781\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893066\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893756\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB894391\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896358\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896422\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896424\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896428\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896727\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899587\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899588\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899589\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899591\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB900485\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB900725\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB901017\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB901214\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB902400\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB905414\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB905749\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB905915\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908519\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908531\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB910437\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911280\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911562\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911567\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911927\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB912919\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB913446\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB913580\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914388\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914389\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB915865\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917159\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917422\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917953\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918118\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB919007\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920214\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB920670\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920683\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920685\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920872\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921398\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921503\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB921883\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB922616\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB922819\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923414\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB923561\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB923694\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923980\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924191\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924270\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB925486\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB925902\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB926255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB926436\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927779\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB927802\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB928255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB928843\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB929123\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929338\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929969\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930178\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930916\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931261\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB931784\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931836\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB933360\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB935839\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB936021\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB936357\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB937894\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938127\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB938464\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB938829\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941644\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941693\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942763\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943055\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943485\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB944653\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB945553\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB946026\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB946648\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB948590\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB948881\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB950749\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950760\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950762\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB950974\update\update.exe (Microsoft Corporation)

[1] 2007-12-03 10:25:31 755576 C:\WINDOWS\$hf_mig$\KB951066\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951698\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951748\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951978\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB952004\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB952287\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB952954\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB953839\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB954211\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB954459\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB954600\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB955069\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB955759\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB955839\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB956391\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956572\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB956744\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956802\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956803\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956841\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB957095\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB957097\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958644\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958687\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB958690\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB959426\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960225\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB960715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960803\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB960859\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB961371\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB961373\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB961501\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB967715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB968220-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB968389\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB968537\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969059\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969897-IE8\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969898\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969947\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB970238\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB970430\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB971468\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971557\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB971633\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971657\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971737\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB972260-IE8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB972270\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973346\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973354\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973507\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973687\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973815\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973869\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973904\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974112\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974318\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974392\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974571\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975025\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975467\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975560\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB975561\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975713\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB976662-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977816\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977914\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978037\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978262\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978338\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978542\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978601\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978706\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979309\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979683\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB980182-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\$hf_mig$\KB980232\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB981332-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\01229cf5dcf0df67992cac35a2ba0b3f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\035cdeeef9eaa07de20138b420444b17\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\22f1a1e628f2ceada1948d2c604b5154\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\23e79e5fb28793d8cb1c2055b0d8dcb9\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\248802b74506342031e926839639c729\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\269630a60abe4177f0ba214686d6ebda\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\SoftwareDistribution\Download\284a430ed4a998417200bec9f0c45f85\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\2e6b16219034e135b4f869efb7a10fee\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3724a78548e17e8215a17353ec597ae3\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3e17316becee1d41b884695bbf7f49db\update\update.exe (Microsoft Corporation)

[1] 2009-04-13 13:42:06 716000 C:\WINDOWS\SoftwareDistribution\Download\3f96ee4455d36a14b252a0ddc35e56eb\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\4de233d8d67cd9916ac28a2d43724f55\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\50e2c72fd814d3841e776dd2c4918260\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe ()

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\59732c3a78c987eaec1ee41ab88e3da8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5e5aab0184cde550e4ba21f1d2bd377e\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\6a410a1bd174bc123056d235ac4829af\update\update.exe (Microsoft Corporation)

[1] 2006-04-10 12:36:18 710584 C:\WINDOWS\SoftwareDistribution\Download\6c4788c9549d437e76e1773a7639582a\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\75cd10bc79782317976e2a857798ad9f\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\7dc77bad5469553a68ef5efe55070b06\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\8ce9df05e44d8f9bdb2b38867a384b43\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\a4c8b51fef38872a7ec62d0a40ca147c\update\update.exe (Microsoft Corporation)

[1] 2007-07-27 10:41:48 755576 C:\WINDOWS\SoftwareDistribution\Download\aadd6ccc4585cbf4ee04287eb0e679df\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ab0676fe50d78a2ee35a6cca883a9b02\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\c0c52c03306062533f7dcb087bfcfa6b\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ca9dce055d1f0f23d2b57daec177104f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\d8ef7c8f90f509563f255df3e967b057\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da2a33b6770f970d7fe7262040f98a4f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da7fee2d51e2e59bdd47cb9e03387bcc\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e15760431e46367ca5a3dfd40a9d03e3\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e639ef786ddd695030aad48a97363146\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\f2adb0f8440e5dbd459aa6bfcaed1ba5\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\update\update.exe (Microsoft Corporation)



Cannot access: C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB873339\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 17:29:47 654848 C:\WINDOWS\$hf_mig$\KB885250\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB885835\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 12:34:54 654848 C:\WINDOWS\$hf_mig$\KB885836\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB886185\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB887472\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 11:34:54 654848 C:\WINDOWS\$hf_mig$\KB887742\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:48 654848 C:\WINDOWS\$hf_mig$\KB888113\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 15:46:40 654848 C:\WINDOWS\$hf_mig$\KB888302\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB890046\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB890175\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 20:35:06 718048 C:\WINDOWS\$hf_mig$\KB890859\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB891781\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893066\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893756\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB894391\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896358\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896422\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896424\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896428\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896727\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899587\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899588\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899589\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899591\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB900485\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB900725\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB901017\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB901214\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB902400\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB905414\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB905749\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB905915\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908519\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908531\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB910437\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911280\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911562\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911567\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911927\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB912919\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB913446\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB913580\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914388\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914389\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB915865\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917159\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917422\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917953\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918118\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB919007\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920214\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB920670\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920683\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920685\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920872\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921398\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921503\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB921883\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB922616\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB922819\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923414\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB923561\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB923694\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923980\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924191\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924270\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB925486\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB925902\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB926255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB926436\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927779\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB927802\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB928255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB928843\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB929123\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929338\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929969\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930178\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930916\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931261\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB931784\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931836\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB933360\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB935839\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB936021\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB936357\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB937894\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938127\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB938464\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB938829\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941644\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941693\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942763\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943055\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943485\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB944653\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB945553\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB946026\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB946648\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB948590\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB948881\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB950749\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950760\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950762\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB950974\update\update.exe (Microsoft Corporation)

[1] 2007-12-03 10:25:31 755576 C:\WINDOWS\$hf_mig$\KB951066\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951698\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951748\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951978\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB952004\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB952287\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB952954\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB953839\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB954211\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB954459\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB954600\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB955069\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB955759\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB955839\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB956391\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956572\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB956744\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956802\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956803\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956841\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB957095\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB957097\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958644\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958687\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB958690\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB959426\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960225\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB960715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960803\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB960859\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB961371\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB961373\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB961501\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB967715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB968220-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB968389\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB968537\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969059\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969897-IE8\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969898\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969947\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB970238\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB970430\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB971468\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971557\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB971633\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971657\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971737\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB972260-IE8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB972270\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973346\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973354\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973507\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973687\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973815\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973869\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973904\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974112\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974318\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974392\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974571\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975025\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975467\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975560\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB975561\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975713\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB976662-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977816\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977914\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978037\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978262\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978338\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978542\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978601\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978706\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979309\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979683\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB980182-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\$hf_mig$\KB980232\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB981332-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\01229cf5dcf0df67992cac35a2ba0b3f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\035cdeeef9eaa07de20138b420444b17\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\22f1a1e628f2ceada1948d2c604b5154\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\23e79e5fb28793d8cb1c2055b0d8dcb9\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\248802b74506342031e926839639c729\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\269630a60abe4177f0ba214686d6ebda\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\SoftwareDistribution\Download\284a430ed4a998417200bec9f0c45f85\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\2e6b16219034e135b4f869efb7a10fee\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3724a78548e17e8215a17353ec597ae3\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3e17316becee1d41b884695bbf7f49db\update\update.exe (Microsoft Corporation)

[1] 2009-04-13 13:42:06 716000 C:\WINDOWS\SoftwareDistribution\Download\3f96ee4455d36a14b252a0ddc35e56eb\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\4de233d8d67cd9916ac28a2d43724f55\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\50e2c72fd814d3841e776dd2c4918260\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe ()

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\59732c3a78c987eaec1ee41ab88e3da8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5e5aab0184cde550e4ba21f1d2bd377e\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\6a410a1bd174bc123056d235ac4829af\update\update.exe (Microsoft Corporation)

[1] 2006-04-10 12:36:18 710584 C:\WINDOWS\SoftwareDistribution\Download\6c4788c9549d437e76e1773a7639582a\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\75cd10bc79782317976e2a857798ad9f\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\7dc77bad5469553a68ef5efe55070b06\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\8ce9df05e44d8f9bdb2b38867a384b43\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\a4c8b51fef38872a7ec62d0a40ca147c\update\update.exe (Microsoft Corporation)

[1] 2007-07-27 10:41:48 755576 C:\WINDOWS\SoftwareDistribution\Download\aadd6ccc4585cbf4ee04287eb0e679df\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ab0676fe50d78a2ee35a6cca883a9b02\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\c0c52c03306062533f7dcb087bfcfa6b\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ca9dce055d1f0f23d2b57daec177104f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\d8ef7c8f90f509563f255df3e967b057\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da2a33b6770f970d7fe7262040f98a4f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da7fee2d51e2e59bdd47cb9e03387bcc\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e15760431e46367ca5a3dfd40a9d03e3\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e639ef786ddd695030aad48a97363146\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\f2adb0f8440e5dbd459aa6bfcaed1ba5\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\update\update.exe (Microsoft Corporation)



Found mount point : C:\WINDOWS\SoftwareDistribution\Download\c36c7f4b6082ffbd96a80985adcf3ca0\update\update

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB873339\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 17:29:47 654848 C:\WINDOWS\$hf_mig$\KB885250\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB885835\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 12:34:54 654848 C:\WINDOWS\$hf_mig$\KB885836\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB886185\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:52 654848 C:\WINDOWS\$hf_mig$\KB887472\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 11:34:54 654848 C:\WINDOWS\$hf_mig$\KB887742\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:34:48 654848 C:\WINDOWS\$hf_mig$\KB888113\update\update.exe (Microsoft Corporation)

[1] 2004-11-30 15:46:40 654848 C:\WINDOWS\$hf_mig$\KB888302\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB890046\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB890175\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 20:35:06 718048 C:\WINDOWS\$hf_mig$\KB890859\update\update.exe (Microsoft Corporation)

[1] 2004-10-14 13:21:58 654848 C:\WINDOWS\$hf_mig$\KB891781\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893066\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB893756\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB894391\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896358\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896422\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896423\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896424\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB896428\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB896727\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB898461\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899587\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899588\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB899589\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB899591\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB900485\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB900725\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB901017\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB901214\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB902400\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 22:35:05 718048 C:\WINDOWS\$hf_mig$\KB905414\update\update.exe (Microsoft Corporation)

[1] 2005-02-24 21:35:06 718048 C:\WINDOWS\$hf_mig$\KB905749\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB905915\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908519\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB908531\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB910437\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911280\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911562\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911567\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB911927\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB912919\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB913446\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB913580\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914388\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB914389\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB915865\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB916595\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917159\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB917344\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917422\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB917953\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918118\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB918439\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB919007\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920214\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB920670\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920683\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920685\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB920872\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921398\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB921503\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB921883\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB922582\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB922616\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB922819\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923414\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB923561\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB923694\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB923980\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924191\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB924270\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB925486\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB925902\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB926255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:16:51 716000 C:\WINDOWS\$hf_mig$\KB926436\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927779\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB927802\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB927891\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB928255\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB928843\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB929123\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929338\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB929969\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930178\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB930916\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931261\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB931784\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB931836\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB933360\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:28 716000 C:\WINDOWS\$hf_mig$\KB933729\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB935839\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB935840\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB936021\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB936357\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB937894\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938127\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB938464\update\update.exe (Microsoft Corporation)

[1] 2005-10-12 18:12:29 716000 C:\WINDOWS\$hf_mig$\KB938828\update\update.exe (Microsoft Corporation)

[1] 2006-01-19 14:29:19 716000 C:\WINDOWS\$hf_mig$\KB938829\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941202\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941644\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB941693\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB942763\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943055\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB943485\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB944653\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB945553\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB946026\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:20:44 755576 C:\WINDOWS\$hf_mig$\KB946648\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB948590\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB948881\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB950749\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950760\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB950762\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB950974\update\update.exe (Microsoft Corporation)

[1] 2007-12-03 10:25:31 755576 C:\WINDOWS\$hf_mig$\KB951066\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB951698\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951748\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB951978\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB952004\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB952287\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB952954\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB953839\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB954211\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB954459\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB954600\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB955069\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB955759\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB955839\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB956391\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956572\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB956744\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB956802\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956803\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB956841\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB957095\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB957097\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958644\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 06:18:51 755576 C:\WINDOWS\$hf_mig$\KB958687\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB958690\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB959426\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960225\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:56 716000 C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe (Microsoft Corporation)

[1] 2008-11-15 12:18:04 755576 C:\WINDOWS\$hf_mig$\KB960715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB960803\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB960859\update\update.exe (Microsoft Corporation)

[1] 2007-03-05 20:22:59 716000 C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB961371\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB961373\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB961501\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB967715\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB968220-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB968389\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB968537\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969059\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969897-IE8\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:22 755576 C:\WINDOWS\$hf_mig$\KB969898\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB969947\update\update.exe (Microsoft Corporation)

[1] 2007-11-30 07:39:18 755576 C:\WINDOWS\$hf_mig$\KB970238\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB970430\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB971468\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971557\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\$hf_mig$\KB971633\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971657\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB971737\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB972260-IE8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB972270\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973346\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973354\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973507\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973687\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973815\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB973869\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB973904\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974112\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974318\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974392\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB974571\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975025\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975467\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975560\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB975561\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB975713\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\$hf_mig$\KB976662-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977816\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB977914\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978037\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978262\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978338\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978542\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978601\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB978706\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979309\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB979683\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB980182-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\$hf_mig$\KB980232\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\$hf_mig$\KB981332-IE8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\01229cf5dcf0df67992cac35a2ba0b3f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\035cdeeef9eaa07de20138b420444b17\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\22f1a1e628f2ceada1948d2c604b5154\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\23e79e5fb28793d8cb1c2055b0d8dcb9\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\248802b74506342031e926839639c729\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\269630a60abe4177f0ba214686d6ebda\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 04:01:12 755576 C:\WINDOWS\SoftwareDistribution\Download\284a430ed4a998417200bec9f0c45f85\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\2e6b16219034e135b4f869efb7a10fee\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3724a78548e17e8215a17353ec597ae3\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\3e17316becee1d41b884695bbf7f49db\update\update.exe (Microsoft Corporation)

[1] 2009-04-13 13:42:06 716000 C:\WINDOWS\SoftwareDistribution\Download\3f96ee4455d36a14b252a0ddc35e56eb\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\4de233d8d67cd9916ac28a2d43724f55\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\50e2c72fd814d3841e776dd2c4918260\update\update.exe (Microsoft Corporation)

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe ()

[1] 2008-07-09 02:38:29 755576 C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\59732c3a78c987eaec1ee41ab88e3da8\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5cfa09586faf6d9470f0c817d855bb6b\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\5e5aab0184cde550e4ba21f1d2bd377e\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\6a410a1bd174bc123056d235ac4829af\update\update.exe (Microsoft Corporation)

[1] 2006-04-10 12:36:18 710584 C:\WINDOWS\SoftwareDistribution\Download\6c4788c9549d437e76e1773a7639582a\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\75cd10bc79782317976e2a857798ad9f\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\7dc77bad5469553a68ef5efe55070b06\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\85947e1a809663c7f480717673587a59\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\8ce9df05e44d8f9bdb2b38867a384b43\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9868363812bbe4a0a4d814b7943ba906\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\9d21500a4aa475547c4a2420fee1c623\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\a4c8b51fef38872a7ec62d0a40ca147c\update\update.exe (Microsoft Corporation)

[1] 2007-07-27 10:41:48 755576 C:\WINDOWS\SoftwareDistribution\Download\aadd6ccc4585cbf4ee04287eb0e679df\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ab0676fe50d78a2ee35a6cca883a9b02\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\b7b0631e184025ba37e5a4ec1d8637e7\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\c0c52c03306062533f7dcb087bfcfa6b\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\ca9dce055d1f0f23d2b57daec177104f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\d3767eab8f4479a8d252b47e8ec225c8\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\d8ef7c8f90f509563f255df3e967b057\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da2a33b6770f970d7fe7262040f98a4f\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\da7fee2d51e2e59bdd47cb9e03387bcc\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e15760431e46367ca5a3dfd40a9d03e3\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\e639ef786ddd695030aad48a97363146\update\update.exe (Microsoft Corporation)

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\f2adb0f8440e5dbd459aa6bfcaed1ba5\update\update.exe (Microsoft Corporation)

[1] 2008-07-08 08:02:04 755576 C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe ()

[1] 2009-05-26 06:40:52 755576 C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\update\update.exe (Microsoft Corporation)



Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\5a0d771158cfd69be5ddd26d8f58c73b

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7d49753b93ffa6844bcba39df0e9b771\7d49753b93ffa6844bcba39df0e9b771

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1025\1025

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1028\1028

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1031\1031

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1037\1037

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1041\1041

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1042\1042

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\1054\1054

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\2052\2052

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3076\3076

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-3987078197-456683979-229190831-1007\S-1-5-21-3987078197-456683979-229190831-1007

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\{4E3254D7-522A-412A-9296-3F4767B3A2CB}

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\MMC

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\javaws\cache\cache

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Musicmatch\Jukebox\Cache\Cache

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.MSO\Content.MSO

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\dumprep.exe

[1] 2004-08-10 06:00:00 10752 C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Microsoft Corporation)

[1] 2008-04-13 19:12:18 10752 C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Microsoft Corporation)

[1] 2008-04-13 19:12:18 10752 C:\WINDOWS\system32\dumprep.exe ()

[1] 2004-08-10 06:00:00 10752 C:\i386\dumprep.exe (Microsoft Corporation)



Found mount point : C:\WINDOWS\system32\export\export

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\FxsTmp\FxsTmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\GroupPolicy\Machine\Machine

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\GroupPolicy\User\User

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\Macromed\update\update

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\wbem\wmiprvse.exe

[1] 2009-02-06 05:15:13 227840 C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\wmiprvse.exe (Microsoft Corporation)

[1] 2004-08-10 06:00:00 218112 C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe (Microsoft Corporation)

[1] 2008-04-13 19:12:40 218112 C:\WINDOWS\$NtUninstallKB956572$\wmiprvse.exe (Microsoft Corporation)

[1] 2008-04-13 19:12:40 218112 C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 11:39:29 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 04:41:05 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 05:10:02 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 05:15:13 227840 C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 05:10:02 227840 C:\WINDOWS\system32\dllcache\wmiprvse.exe (Microsoft Corporation)

[1] 2009-02-06 05:10:02 227840 C:\WINDOWS\system32\wbem\wmiprvse.exe ()

[1] 2004-08-10 06:00:00 218112 C:\i386\wmiprvse.exe (Microsoft Corporation)



Found mount point : C:\WINDOWS\system32\wins\wins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\options\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\tellafriend\offline\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\buttons\buttons

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dialogs\dialogs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dropdowns\dropdowns

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\htmldialog\htmldialog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\list\list

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\listMenu\listMenu

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\notification\notification

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\options_menu_button\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\preview\preview

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\scrollbar\scrollbar

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\searchWidget\searchWidget

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\selectors\selectors

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\shared_graphics\shared_graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\tray_scroller\tray_scroller

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\AdvancedOptions\AdvancedOptions

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\alerts\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\bookmarks\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\GeneralOptions\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\options\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Autumn\Autumn

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Birthday\Birthday

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Chanukah\Chanukah

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Christmas\Christmas

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Halloween\Halloween

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Baby\New Baby

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Years\New Years

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Sports\Sports

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frame_template\frame_template

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\offline\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\html\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\tests\tests

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview2\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\core\core

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\includes\includes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\popups\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\search\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SelectorEditor\SelectorEditor

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SkinChooser\SkinChooser

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\ThemeTemplates\Default\Default

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\ProgFiles\ProgFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\colorSchemes\backgrounds\backgrounds

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\graphics\tellafriend_offline\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\core\core

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\includes\includes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\ThemeCustomizer\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\production\automationScripts\automationScripts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\colorSchemes\backgrounds\backgrounds

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\barintro_images\barintro_images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\Includes\Includes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\core\core

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\graphics\graphics

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\options\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\ThemeCustomizer\images\images

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\ProgFiles\ProgFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\SBCYahoo_SMB_600000\SBCYahoo_SMB_600000

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\StartupSC\StartupSC

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\TempRec\TempSBE\TempSBE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\VBE\VBE

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\viewmgr\viewmgr

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Temp\vmgr\4294894256\4294894256

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\twain_32\kodak\kds_aio5000\install\install

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\twain_32\kodak\kds_aioesp\lib\lib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^



Finished!



#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 20 May 2010 - 07:06 AM

Hi,

please run win32kdiag.exe again, with the following command to fix some malware related changes.
Please make sure that a copy of win32kdiag.exe is located on your desktop.

Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK:

"%userprofile%\desktop\win32kdiag.exe" -f -r

When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

We also need to scan the system with this special tool.
  • Please download Junction.zip and save it.
  • Unzip it and put junction.exe in the Windows directory (C:\Windows).
  • Go to Start => Run... => Copy and paste the following command in the run box and click OK:
    cmd /c junction -s c:\ >log.txt&log.txt& del log.txt
    A command window opens starting to scan the system. Wait until a log file opens. Copy and paste or attach the content of it.


regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 20 May 2010 - 10:15 PM

Running from: C:\Documents and Settings\rhonda\desktop\win32kdiag.exe

Log file at : C:\Documents and Settings\rhonda\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\$hf_mig$\KB904706\KB904706

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB904706\KB904706

Found mount point : C:\WINDOWS\$hf_mig$\KB912812\KB912812

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB912812\KB912812

Found mount point : C:\WINDOWS\$hf_mig$\KB916281\KB916281

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB916281\KB916281

Found mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB918899\KB918899

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Found mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB922760\KB922760

Found mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB924496\KB924496

Found mount point : C:\WINDOWS\$hf_mig$\KB925454\KB925454

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB925454\KB925454

Found mount point : C:\WINDOWS\$hf_mig$\KB928090\KB928090

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB928090\KB928090

Found mount point : C:\WINDOWS\$hf_mig$\KB931768\KB931768

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB931768\KB931768

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Found mount point : C:\WINDOWS\$hf_mig$\KB933566\KB933566

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB933566\KB933566

Found mount point : C:\WINDOWS\$hf_mig$\KB937143\KB937143

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB937143\KB937143

Found mount point : C:\WINDOWS\$hf_mig$\KB939653\KB939653

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB939653\KB939653

Found mount point : C:\WINDOWS\$hf_mig$\KB941568\KB941568

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB941568\KB941568

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Found mount point : C:\WINDOWS\$hf_mig$\KB973874-IE8\KB973874-IE8

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\$hf_mig$\KB973874-IE8\KB973874-IE8

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\ehCIR

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\ehCIR

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\EhCM

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\EhCM

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\ehcommon

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\ehcommon

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\ehepg

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepg\ehepg

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\ehepgdat

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehepgdat\ehepgdat

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtCOM\ehiExtCOM

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtCOM\ehiExtCOM

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtens\ehiExtens

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiExtens\ehiExtens

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiMsgr\ehiMsgr

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiMsgr\ehiMsgr

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiPlay\ehiPlay

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiPlay\ehiPlay

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\ehiProxy

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiProxy\ehiProxy

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiUserXp\ehiUserXp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiUserXp\ehiUserXp

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiVidCtl\ehiVidCtl

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiVidCtl\ehiVidCtl

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiwmp\ehiwmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehiwmp\ehiwmp

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\ehRecObj

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehRecObj\ehRecObj

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehshell\ehshell

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehshell\ehshell

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D4.tmp\ZAP1D4.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D4.tmp\ZAP1D4.tmp

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BB.tmp\ZAP2BB.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BB.tmp\ZAP2BB.tmp

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D6.tmp\ZAP2D6.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D6.tmp\ZAP2D6.tmp

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\assembly\tmp\tmp

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Config\Config

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Found mount point : C:\WINDOWS\ime\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\chsime\applets\applets

Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\imejp\applets\applets

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\imejp98\imejp98

Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Found mount point : C:\WINDOWS\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\ime\shared\res\res

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\java\trustlib\trustlib

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Temporary ASP.NET Files\Bind Logs\Bind Logs

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\msapps\msinfo\msinfo

Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Found mount point : C:\WINDOWS\pchealth\helpctr\batch\batch

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\batch\batch

Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

Attempting to restore permissions of : C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\News\News

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\Config\News\News

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Found mount point : C:\WINDOWS\PIF\PIF

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\PIF\PIF

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Found mount point : C:\WINDOWS\security\logs\logs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\security\logs\logs

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\AuthCabs

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe

Attempting to restore permissions of : C:\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\update\update.exe

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe

Attempting to restore permissions of : C:\WINDOWS\SoftwareDistribution\Download\55ae228715888b68a08f491655790fa6\update\update.exe

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe

Attempting to restore permissions of : C:\WINDOWS\SoftwareDistribution\Download\c263092dccc247f68a43cfee93ecc72d\update\update.exe

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\c36c7f4b6082ffbd96a80985adcf3ca0\update\update

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\c36c7f4b6082ffbd96a80985adcf3ca0\update\update

Cannot access: C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe

Attempting to restore permissions of : C:\WINDOWS\SoftwareDistribution\Download\fbadf956b1f29cd6cc8927434ddbc900\update\update.exe

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\5a0d771158cfd69be5ddd26d8f58c73b

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\5a0d771158cfd69be5ddd26d8f58c73b

Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7d49753b93ffa6844bcba39df0e9b771\7d49753b93ffa6844bcba39df0e9b771

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7d49753b93ffa6844bcba39df0e9b771\7d49753b93ffa6844bcba39df0e9b771

Found mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\SoftwareDistribution\SelfUpdate\Registered\Registered

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Found mount point : C:\WINDOWS\system32\1025\1025

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1025\1025

Found mount point : C:\WINDOWS\system32\1028\1028

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1028\1028

Found mount point : C:\WINDOWS\system32\1031\1031

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1031\1031

Found mount point : C:\WINDOWS\system32\1037\1037

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1037\1037

Found mount point : C:\WINDOWS\system32\1041\1041

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1041\1041

Found mount point : C:\WINDOWS\system32\1042\1042

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1042\1042

Found mount point : C:\WINDOWS\system32\1054\1054

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\1054\1054

Found mount point : C:\WINDOWS\system32\2052\2052

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\2052\2052

Found mount point : C:\WINDOWS\system32\3076\3076

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\3076\3076

Found mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\3com_dmi\3com_dmi

Found mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\appmgmt\MACHINE\MACHINE

Found mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-3987078197-456683979-229190831-1007\S-1-5-21-3987078197-456683979-229190831-1007

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\appmgmt\S-1-5-21-3987078197-456683979-229190831-1007\S-1-5-21-3987078197-456683979-229190831-1007

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\{4E3254D7-522A-412A-9296-3F4767B3A2CB}

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\{4E3254D7-522A-412A-9296-3F4767B3A2CB}

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\MMC

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\MMC\MMC

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Found mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\javaws\cache\cache

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\javaws\cache\cache

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-343818398-1004336348-839522115-500\S-1-5-21-343818398-1004336348-839522115-500

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-3987078197-456683979-229190831-500\S-1-5-21-3987078197-456683979-229190831-500

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE\OFFICE

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Musicmatch\Jukebox\Cache\Cache

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Musicmatch\Jukebox\Cache\Cache

Found mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.MSO\Content.MSO

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.MSO\Content.MSO

Found mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\NetHood\NetHood

Found mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\config\systemprofile\PrintHood\PrintHood

Found mount point : C:\WINDOWS\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\dhcp\dhcp

Found mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\drivers\disdn\disdn

Cannot access: C:\WINDOWS\system32\dumprep.exe

Attempting to restore permissions of : C:\WINDOWS\system32\dumprep.exe

Found mount point : C:\WINDOWS\system32\export\export

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\export\export

Found mount point : C:\WINDOWS\system32\FxsTmp\FxsTmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\FxsTmp\FxsTmp

Found mount point : C:\WINDOWS\system32\GroupPolicy\Machine\Machine

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\GroupPolicy\Machine\Machine

Found mount point : C:\WINDOWS\system32\GroupPolicy\User\User

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\GroupPolicy\User\User

Found mount point : C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\IME\CINTLGNT\CINTLGNT

Found mount point : C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\IME\PINTLGNT\PINTLGNT

Found mount point : C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\IME\TINTLGNT\TINTLGNT

Found mount point : C:\WINDOWS\system32\Macromed\update\update

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\Macromed\update\update

Found mount point : C:\WINDOWS\system32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys

Found mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\mui\dispspec\dispspec

Found mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\oobe\html\ispsgnup\ispsgnup

Found mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\oobe\html\oemcust\oemcust

Found mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\oobe\html\oemhw\oemhw

Found mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\oobe\html\oemreg\oemreg

Found mount point : C:\WINDOWS\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\oobe\sample\sample

Found mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\ShellExt\ShellExt

Found mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\spool\PRINTERS\PRINTERS

Found mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\wbem\mof\bad\bad

Found mount point : C:\WINDOWS\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\wbem\mof\good\good

Found mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\wbem\snmp\snmp

Cannot access: C:\WINDOWS\system32\wbem\wmiprvse.exe

Attempting to restore permissions of : C:\WINDOWS\system32\wbem\wmiprvse.exe

Found mount point : C:\WINDOWS\system32\wins\wins

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\wins\wins

Found mount point : C:\WINDOWS\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\system32\xircom\xircom

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\options\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\options\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\tellafriend\offline\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\tellafriend\offline\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\buttons\buttons

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\buttons\buttons

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dialogs\dialogs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dialogs\dialogs

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dropdowns\dropdowns

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\dropdowns\dropdowns

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\htmldialog\htmldialog

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\htmldialog\htmldialog

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\list\list

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\list\list

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\listMenu\listMenu

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\listMenu\listMenu

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\notification\notification

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\notification\notification

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\options_menu_button\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\options_menu_button\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\preview\preview

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\preview\preview

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\scrollbar\scrollbar

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\scrollbar\scrollbar

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\searchWidget\searchWidget

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\searchWidget\searchWidget

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\selectors\selectors

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\selectors\selectors

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\shared_graphics\shared_graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\shared_graphics\shared_graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\tray_scroller\tray_scroller

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\core\UI_elements\tray_scroller\tray_scroller

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\AdvancedOptions\AdvancedOptions

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\AdvancedOptions\AdvancedOptions

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\alerts\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\alerts\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\bookmarks\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\bookmarks\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\GeneralOptions\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\GeneralOptions\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\options\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\options\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Autumn\Autumn

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Autumn\Autumn

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Birthday\Birthday

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Birthday\Birthday

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Chanukah\Chanukah

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Chanukah\Chanukah

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Christmas\Christmas

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Christmas\Christmas

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Halloween\Halloween

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Halloween\Halloween

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Baby\New Baby

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Baby\New Baby

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Years\New Years

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\New Years\New Years

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Sports\Sports

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frames\Sports\Sports

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frame_template\frame_template

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\frame_template\frame_template

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\offline\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\offline\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\html\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\html\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\tests\tests

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview\wizard\tests\tests

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview2\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoview2\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\core\core

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\core\core

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\includes\includes

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\photoviewVista\includes\includes

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\popups\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\popups\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\search\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\search\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SelectorEditor\SelectorEditor

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SelectorEditor\SelectorEditor

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SkinChooser\SkinChooser

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\features\SkinChooser\SkinChooser

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\ThemeTemplates\Default\Default

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\AllUsersData\SkinEngine\ThemeTemplates\Default\Default

Found mount point : C:\WINDOWS\Temp\0\Private\Runtime\ProgFiles\ProgFiles

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Runtime\ProgFiles\ProgFiles

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\colorSchemes\backgrounds\backgrounds

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\colorSchemes\backgrounds\backgrounds

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\graphics\tellafriend_offline\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\assets\graphics\tellafriend_offline\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\core\core

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\core\core

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\includes\includes

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\Amazon\includes\includes

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\ThemeCustomizer\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\features\ThemeCustomizer\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\production\automationScripts\automationScripts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Default\production\automationScripts\automationScripts

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\colorSchemes\backgrounds\backgrounds

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\colorSchemes\backgrounds\backgrounds

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\barintro_images\barintro_images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\barintro_images\barintro_images

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\Includes\Includes

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\assets\graphics\Includes\Includes

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\core\core

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\core\core

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\graphics\graphics

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\Amazon\graphics\graphics

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\options\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\options\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\ThemeCustomizer\images\images

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\AllUsersData\ThemesV3\Windows\features\ThemeCustomizer\images\images

Found mount point : C:\WINDOWS\Temp\0\Private\Vendor\ProgFiles\ProgFiles

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\0\Private\Vendor\ProgFiles\ProgFiles

Found mount point : C:\WINDOWS\Temp\SBCYahoo_SMB_600000\SBCYahoo_SMB_600000

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\SBCYahoo_SMB_600000\SBCYahoo_SMB_600000

Found mount point : C:\WINDOWS\Temp\StartupSC\StartupSC

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\StartupSC\StartupSC

Found mount point : C:\WINDOWS\Temp\TempRec\TempSBE\TempSBE

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\TempRec\TempSBE\TempSBE

Found mount point : C:\WINDOWS\Temp\VBE\VBE

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\VBE\VBE

Found mount point : C:\WINDOWS\Temp\viewmgr\viewmgr

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\viewmgr\viewmgr

Found mount point : C:\WINDOWS\Temp\vmgr\4294894256\4294894256

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\Temp\vmgr\4294894256\4294894256

Found mount point : C:\WINDOWS\twain_32\kodak\kds_aio5000\install\install

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\twain_32\kodak\kds_aio5000\install\install

Found mount point : C:\WINDOWS\twain_32\kodak\kds_aioesp\lib\lib

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\twain_32\kodak\kds_aioesp\lib\lib

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp



Finished!










Junction v1.05 - Windows junction creator and reparse point viewer
Copyright © 2000-2007 Mark Russinovich
Systems Internals - http://www.sysinternals.com


Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.


...

...
Failed to open \\?\c:\\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f: Access is denied.




...

...

...

...

...

...

...

...

...

...


Failed to open \\?\c:\\Program Files\ArcSoft\PhotoImpression 5\photoimpression.exe: Access is denied.


...

...

...

...

...
Failed to open \\?\c:\\Program Files\Dell Support Center\HWDiag\bin\pcdrsysinfodirect.p5x: Access is denied.




...

...

...

...

...

...

...

...

.
Failed to open \\?\c:\\Program Files\Spybot - Search & Destroy\SpybotSD.exe: Access is denied.



Failed to open \\?\c:\\Program Files\Trend Micro\HijackThis\HijackThis.exe: Access is denied.



Failed to open \\?\c:\\Program Files\Trend Micro\Internet Security 12\PCCSScan.exe: Access is denied.



Failed to open \\?\c:\\Program Files\Trend Micro\Internet Security 12\PCCVScan.exe: Access is denied.


..

...

...

...

...

...

..\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790

.\\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e
Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e



...

...

...

...

...

...

...

...

...

...

..

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 21 May 2010 - 04:47 AM

Hi,

We need to reset the permissions altered by the malware on some files.
  • Download this tool and save it to the desktop: http://download.bleepingcomputer.com/sUBs/...xes/Inherit.exe
  • Go to Start => Run => Copy and paste the first line of the following lines in the run box and click OK:

    "%userprofile%\desktop\inherit" "c:\Program Files\ArcSoft\PhotoImpression 5\photoimpression.exe"
    "%userprofile%\desktop\inherit" "c:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
    "%userprofile%\desktop\inherit" "c:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
    "%userprofile%\desktop\inherit" "c:\Program Files\Trend Micro\Internet Security 12\PCCSScan.exe"
  • If you get a security warning select Run.
  • You will get a "Finish" popup. Click OK.
  • Do the same for the rest of the lines until you have run all the above commands one by one.

How is the PC doing now?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 23 May 2010 - 12:27 AM

Looks like everything's back to normal.

I'm not sure what all you did to fix it or if any of my preliminary actions aided you at all but THANK YOU!

I appreciate what you guys do and I'm looking into joining the school to help the fight. Donation will be forthcoming.

Thanks again for all your assistance!

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 23 May 2010 - 04:43 AM

Heya,

please don't leave just yet. smile.gif I'm happy to hear that your symptoms are gone, however I would like to run a couple of scans to make sure there is nothing left in hiding.


Therefore please run a scan with Eset:
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 25 May 2010 - 07:36 PM

sad.gif It just keeps giving me the EULA, I check agee and then start but it just brings the EULA back......vicious cycle. Tried for 2 days now, any ideas?

#12 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 26 May 2010 - 07:39 AM

Hi,

please try running Kaspersky instead then:
Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
      Extended (if available otherwise Standard)
    • Scan Options:
      Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
      Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#13 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 27 May 2010 - 04:21 AM

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, May 27, 2010
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Wednesday, May 26, 2010 07:52:02
Records in database: 4170849
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: yes
Scan e-mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\

Scan statistics:
Objects scanned: 81049
Threats found: 1
Infected objects found: 2
Suspicious objects found: 0
Scan duration: 01:25:54


File name / Threat / Threats count
C:\Program Files\MUSICMATCH\Common\ComponentMgr\HoldingArea\WebSys2\WebSys.mmz Infected: not-a-virus:RiskTool.Win32.Deleter.f 1
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\WebSys\offline.mmz Infected: not-a-virus:RiskTool.Win32.Deleter.f 1

Selected area has been scanned.


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 28 May 2010 - 03:07 PM

Hi,

the files found by Kaspersky are a false positive.

Please update your software next:
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 20 (JDK or JRE)"
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u20-windows-i586.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Your Adobe Reader is also out of date. Please uninstall it and download the latest version from Adobe: Download
Please untick all proposed toolbars unless you really want them.

How is your PC currently doing?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 southernthunder75

southernthunder75
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 31 May 2010 - 04:19 PM

I apologize for the delay, been quite busy lately......but it looks pretty good so far. Any further ideas or scans?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users