|
|
Rank: Newbie
Groups: Member
Joined: 9/29/2009
Posts: 2
|
I Have Quite A Few GEN.TROJAN!IK viruses which have been detected on my computer, but i cant's seem to delete them. Can you please help me remove this if possible?
a-squared report below:Code:a-squared Free - Version 4.5
Last update: 28/09/2009 18:07:01
Scan settings:
Scan type: Deep Scan
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: Off
ADS Scan: On
Scan start: 29/09/2009 15:47:31
[772] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[864] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1140] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1272] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1660] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1364] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1504] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[2024] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1464] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[1780] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[3064] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
[3768] \\?\globalroot\Device\__max++>\58799288.x86.dll detected: Gen.Trojan!IK
c:\program files\artisandvdplayer detected: Trace.Directory.Artisan DVD_DivX Player!A2
c:\program files\artisandvdplayer\setup detected: Trace.Directory.Artisan DVD_DivX Player!A2
c:\program files\artisandvdplayer\tempdirctory detected: Trace.Directory.Artisan DVD_DivX Player!A2
c:\program files\blubster detected: Trace.Directory.Blubster!A2
c:\documents and settings\all users\start menu\programs\precisiontime detected: Trace.Directory.Claria.CommonComponents!A2
c:\program files\common files\cmeii detected: Trace.Directory.Claria.CommonComponents!A2
c:\documents and settings\pruthvesh\application data\im-names detected: Trace.Directory.IM Names!A2
c:\program files\mp3 rocket detected: Trace.Directory.MP3 Rocket!A2
c:\program files\mp3 rocket\lib detected: Trace.Directory.MP3 Rocket!A2
c:\program files\mp3 rocket\resource detected: Trace.Directory.MP3 Rocket!A2
c:\program files\mp3 rocket\root detected: Trace.Directory.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10 detected: Trace.Directory.MP3 Rocket!A2
c:\documents and settings\pruthvesh\start menu\programs\mp3 rocket detected: Trace.Directory.MP3 Rocket!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Ares --> Order detected: Trace.Registry.Ares 5.0!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\fcn --> cnid detected: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\fcn --> gid detected: Trace.Registry.Funky Emoticons!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\fcn --> idt detected: Trace.Registry.Funky Emoticons!A2
c:\windows\tasks\{7b02ef0b-a410-4938-8480-9ba26420a627}.job detected: Trace.File.FraudPack!A2
c:\windows\tasks\{bb65b0fb-5712-401b-b616-e69ac55e2757}.job detected: Trace.File.FraudPack!A2
c:\windows\installer\msic.tmp detected: Trace.File.FileSubmit.A!A2
Key: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\software\NordBull\ detected: Trace.Registry.FraudPack!A2
Key: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\software\PopRock\ detected: Trace.Registry.FraudPack!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\software\Microsoft\Windows\CurrentVersion\Run --> PopRock detected: Trace.Registry.FraudPack!A2
c:\program files\artisandvdplayer\~myplaylist~ detected: Trace.File.Artisan DVD_DivX Player!A2
c:\program files\artisandvdplayer\default playlist.m3u detected: Trace.File.Artisan DVD_DivX Player!A2
c:\program files\artisandvdplayer\setup\dvdaudio.ax detected: Trace.File.Artisan DVD_DivX Player!A2
c:\program files\artisandvdplayer\setup\dvdvideo.ax detected: Trace.File.Artisan DVD_DivX Player!A2
c:\program files\common files\cmeii\gatorsupportinfo.txt detected: Trace.File.Gator!A2
c:\program files\common files\cmeii\greg.reg detected: Trace.File.Gator!A2
c:\program files\common files\cmeii\gui\svcsap\applist.htm detected: Trace.File.Gator!A2
c:\windows\system32\ide21201.vxd detected: Trace.File.WindUpdates!A2
c:\program files\mp3 rocket\license.txt detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\mp3 rocket (minimized).lnk detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\mp3rocket.exe detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\mp3rocket.ico detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\mp3rocketlauncher.exe detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\xml.war detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\ezjcom18.jar detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\ezjcomlib18.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\hashes detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\jaxcent11.jar detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\jaxcentlib11.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\jdic.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\jshdocvw.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\jshdocvw.jar detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\log4j.properties detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\mp3rocket.ico detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\systemutilities.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\systemutilitiesa.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\lib\tray.dll detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\00_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\01_5_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\01_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\02_5_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\02_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\03_5_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\03_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\04_5_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\04_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\resource\05_ranking_stars.png detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\badge.img detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\canhandle.img detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\limewire.gif detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\options.js detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\scripts.js detected: Trace.File.MP3 Rocket!A2
c:\program files\mp3 rocket\root\magnet10\silentdetect.js detected: Trace.File.MP3 Rocket!A2
Value: HKEY_CLASSES_ROOT\arlnk --> URL Protocol detected: Trace.Registry.Ares Galaxy P2P Plus!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\arlnk --> URL Protocol detected: Trace.Registry.Ares Galaxy P2P Plus!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\ArtisanDVDPlayer\Directory --> CurrentPath detected: Trace.Registry.Artisan DVD_DivX Player!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\ArtisanDVDPlayer\Directory --> TempPath detected: Trace.Registry.Artisan DVD_DivX Player!A2
Value: HKEY_USERS\S-1-5-21-73586283-842925246-839522115-1004\Software\Cliprex DVD Player Professional --> Volume detected: Trace.Registry.Cliprex DVD Player Professional!A2
Key: HKEY_LOCAL_MACHINE\software\myway detected: Trace.Registry.MyWaySpeedbar!A2
Value: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Program Files\BHO\uninstall.exe detected: Trace.Registry.StartupBHO!A2
Value: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List --> C:\Program Files\BHO\uninstall.exe detected: Trace.Registry.StartupBHO!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MP3 Rocket --> DisplayName detected: Trace.Registry.MP3 Rocket!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MP3 Rocket --> UninstallString detected: Trace.Registry.MP3 Rocket!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@2o7[2].txt detected: Trace.TrackingCookie.2o7!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@2o7[3].txt detected: Trace.TrackingCookie.2o7!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@adserver.adtechus[1].txt detected: Trace.TrackingCookie.adserv!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@adtech[1].txt detected: Trace.TrackingCookie.adtech!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@atdmt[1].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@atdmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@atdmt[3].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@atdmt[4].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@doubleclick[1].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@doubleclick[2].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@doubleclick[3].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@doubleclick[4].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@fastclick[1].txt detected: Trace.TrackingCookie.fastclick!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@media.adrevolver[1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@media.adrevolver[2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@media.adrevolver[3].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@media.mtvnservices[1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@media.mtvnservices[2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@mediaplex[1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@mediaplex[2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@mediaplex[3].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@statcounter[1].txt detected: Trace.TrackingCookie.statcounter!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@tradedoubler[2].txt detected: Trace.TrackingCookie.tradedoubler!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@zedo[1].txt detected: Trace.TrackingCookie.zedo!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@zedo[3].txt detected: Trace.TrackingCookie.zedo!A2
C:\Documents and Settings\Pruthvesh\Cookies\pruthvesh@zedo[4].txt detected: Trace.TrackingCookie.zedo!A2
C:\Documents and Settings\Pruthvesh\Application Data\Mozilla\Firefox\Profiles\49ux4nk6.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll detected: Riskware.Adware.GetPlus!IK
C:\Documents and Settings\Pruthvesh\My Documents\Amal\Local Settings\Temporary Internet Files\Content.IE5\0XYZMJKP\content32070-0[1].htm detected: Riskware.AdWare.Win32.Gator!IK
C:\Documents and Settings\Pruthvesh\My Documents\Amal\Random Folder\mirc621.exe detected: Riskware.Client-IRC.Win32.mIRC.621!A2
C:\Documents and Settings\Pruthvesh\My Documents\Sneha\Local Settings\Temporary Internet Files\Content.IE5\8TCN8N83\content37885-0[1].htm detected: Riskware.AdWare.Win32.Gator!IK
C:\Program Files\Mozilla Firefox\plugins\np_gp.dll detected: Riskware.Adware.GetPlus!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033924.DLL detected: Riskware.AdWare.FunWeb!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033925.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033926.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033927.DLL detected: Riskware.AdTool.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033928.DLL detected: Riskware.AdWare.Mywebsearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033930.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033931.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033932.EXE detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033933.DLL detected: Riskware.AdWare.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033934.DLL detected: Riskware.AdWare.Mywebsearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033935.DLL detected: Riskware.AdWare.Mywebsearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033936.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033937.DLL detected: Riskware.WebToolbar!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033938.DLL detected: Riskware.AdWare.Mywebsearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033939.EXE detected: Riskware.AdWare.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033940.DLL detected: Riskware.AdWare.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0033941.DLL detected: Riskware.AdWare.Win32.MyWebSearch.i!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0036174.DLL detected: Riskware.AdTool.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0036177.EXE detected: Riskware.AdTool.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0036178.DLL detected: Riskware.AdTool.Win32.MyWebSearch!IK
C:\System Volume Information\_restore{FAD31253-1C6F-4667-9D3B-0B60ECC5D88D}\RP230\A0036197.dll detected: Riskware.AdWare.Win32.PowerSearch!IK
Scanned
Files: 473028
Traces: 633669
Cookies: 211
Processes: 39
Found
Files: 26
Traces: 76
Cookies: 30
Processes: 12
Registry keys: 0
Scan end: 29/09/2009 18:09:44
Scan time: 2:22:13
|
|
Rank: Advanced Member
Groups: Member, Moderation
Joined: 5/23/2006
Posts: 2,252
Location: Northern NY
|
Download to your Desktop Win32kDiag.exe by AD.
Run Win32kDiag
It will produce a report on the Desktop.
Post that report on your next reply.
a-squared Team - www.emsisoft.com
|
|
Rank: Newbie
Groups: Member
Joined: 9/29/2009
Posts: 2
|
Code:Running from: C:\Documents and Settings\Pruthvesh\My Documents\Amal\Win32kDiag(3).exe
Log file at : C:\Documents and Settings\Pruthvesh\Desktop\Win32kDiag.txt
WARNING: Could not get backup privileges!
Searching 'C:\WINDOWS'...
Found mount point : C:\WINDOWS\$hf_mig$\KB834707\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB834707\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB867282\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB867282\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB873333\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB873333\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB883939\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB883939\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890047\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890047\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890175\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890175\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890923\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB890923\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB893086\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB893086\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB896688\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB896688\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB896727\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB896727\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB899588\SP2QFE\SP2QFE
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$hf_mig$\KB899588\update\update
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB890923$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\A4W_DATA\A4W_DATA
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\addins\addins
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\dao\10.0.4504.0__31bf3856ad364e35\10.0.4504.0__31bf3856ad364e35
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Publisher\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\11.0.0.0__71e9bce111e9429c
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\7.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\10.0.4504.0__31bf3856ad364e35
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\1.0.5000.0__b03f5f7f11d50a3a
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\1.0.5000.0__b77a5c561934e089
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_29288ff4\1.0.5000.0__b03f5f7f11d50a3a_29288ff4
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_63937859\1.0.5000.0__b77a5c561934e089_63937859
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7c519107\1.0.5000.0__b77a5c561934e089_7c519107
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_764e1619\1.0.5000.0__b03f5f7f11d50a3a_764e1619
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_49c99553\1.0.5000.0__b03f5f7f11d50a3a_49c99553
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b7815ae3\1.0.5000.0__b03f5f7f11d50a3a_b7815ae3
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4926f31f\1.0.5000.0__b77a5c561934e089_4926f31f
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8a3441fe\1.0.5000.0__b77a5c561934e089_8a3441fe
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17B.tmp\ZAP17B.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19B.tmp\ZAP19B.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP265.tmp\ZAP265.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP290.tmp\ZAP290.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFA.tmp\ZAPFA.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\temp\temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\assembly\tmp\tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Config\Config
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Debug\UserMode\UserMode
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Installations\{27CA2C5D-95E6-467E-898C-AE509746C4BE}\{27CA2C5D-95E6-467E-898C-AE509746C4BE}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Installations\{4047B242-1233-451B-AC91-A318DE01F288}\{4047B242-1233-451B-AC91-A318DE01F288}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Installations\{628E8630-7947-49EA-BE90-7F8BFF77A79C}\{628E8630-7947-49EA-BE90-7F8BFF77A79C}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Installations\{A89EB61A-717D-4E9B-BB70-7626DF2EB947}\{A89EB61A-717D-4E9B-BB70-7626DF2EB947}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Program Files\CONFLICT.1\CONFLICT.1
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Program Files\CONFLICT.2\CONFLICT.2
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Downloaded Program Files\CONFLICT.3\CONFLICT.3
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\Database\Database
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\CBO\CBO
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Cbz\Cbz
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Content\Cbz\Cbz
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Content\Lib\Lib
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Content\Wave\Wave
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Lib\Lib
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Help\SBSI\Training\WXPPer\Wave\Wave
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\chsime\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imejp\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imejp98\imejp98
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\ime\shared\res\res
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\inf\catalog\catalog
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{21351A28-ACFB-463D-A0A0-AC9F5F4D273E}\{21351A28-ACFB-463D-A0A0-AC9F5F4D273E}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{24769D29-677C-42B0-9420-6F7688058990}\{24769D29-677C-42B0-9420-6F7688058990}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200}\{30C10EE3-EFB3-4B7A-9CDC-50790C2B5200}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{47808F78-F178-49DC-B708-15FE538B16FF}\{47808F78-F178-49DC-B708-15FE538B16FF}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{515E1B00-E2B4-4975-9900-95F66077C3AE}\{515E1B00-E2B4-4975-9900-95F66077C3AE}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{7148F0A8-6813-11D6-A77B-00B0D0142000}\{7148F0A8-6813-11D6-A77B-00B0D0142000}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-000000000001}\{AC76BA86-7AD7-1033-7B44-000000000001}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\java\classes\classes
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\java\trustlib\trustlib
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\1033
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\ASP.NETClientFiles
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\CONFIG
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\0409\0409
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Minidump\Minidump
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\msapps\msinfo\msinfo
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\mui\mui
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\nview\nview
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\1\1
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\10\10
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\11\11
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\12\NWSERVER\NWSERVER
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\12\WFW311\WFW311
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\13\13
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\14\14
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\15\15
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\16\16
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\16A\16A
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\17A\17A
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\19\19
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\2\2
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\20\20
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\21\21
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\22\22
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\23\Drivers\Scan\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\23\Drivers\Win_XP2K\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\23\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\23\PROGRAM\32\32
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\23\PROGRAM\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\24\24
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\25\25
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\26\WIN2K_XP\WIN2K_XP
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\27\27
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\28\28
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\29\29
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\3\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\30\30
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\31\31
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\32\32
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\33\33
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\34\34
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\35\35
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\36\New Folder\New Folder
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\37\37
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\38\38
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\39\39
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\4\4
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\40\40
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\5\5
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\6\6
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\7\7
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\8\ENGLISH\ENGLISH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\9\9
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\OEMdriver\temp\temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\ERRORREP\UserDumps\UserDumps
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoint
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKUs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\PIF\PIF
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\RegisteredPackages\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}\{CAC24AF7-5447-4F19-9FA6-F6E6E69D395E}
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\security\logs\logs
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SOFTDISK\SSSTUDIO\SSSTUDIO
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Downloaded
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bd1cd727f9156915edd6700037e6f705\bd1cd727f9156915edd6700037e6f705
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\SxsCaPendDel\SxsCaPendDel
Mount point destination : \Device\__max++>\^
Cannot access: C:\WINDOWS\system32\dumprep.exe
[1] 2004-08-04 13:00:00 10752 C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe (Microsoft Corporation)
[1] 2008-04-14 01:12:18 10752 C:\WINDOWS\ServicePackFiles\i386\dumprep.exe (Microsoft Corporation)
[1] 2008-04-14 01:12:18 10752 C:\WINDOWS\system32\dumprep.exe ()
Cannot access: C:\WINDOWS\system32\eventlog.dll
[1] 2004-08-04 13:00:00 55808 C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll (Microsoft Corporation)
[1] 2008-04-14 01:11:53 56320 C:\WINDOWS\ServicePackFiles\i386\eventlog.dll (Microsoft Corporation)
[1] 2008-04-14 01:11:53 61952 C:\WINDOWS\system32\eventlog.dll ()
[2] 2008-04-14 01:11:53 56320 C:\WINDOWS\system32\logevent.dll (Microsoft Corporation)
Found mount point : C:\WINDOWS\Temp\_avast4_\_avast4_
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\47714\47714
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\47734\47734
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\47735\47735
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\47739\47739
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\47996\47996
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\48199\48199
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\InstallTemp\61903\61903
Mount point destination : \Device\__max++>\^
Found mount point : C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d
Mount point destination : \Device\__max++>\^
Finished!
|
|
Rank: Advanced Member
Groups: Member, Moderation
Joined: 5/23/2006
Posts: 2,252
Location: Northern NY
|
Open notepad
Copy and Paste the below lines of code to notepad:Code:@echo off
copy C:\WINDOWS\system32\logevent.dll c:\logevent.dll
copy C:\WINDOWS\ServicePackFiles\i386\dumprep.exe c:\dumprep.exe Go to File > save as and name the file fixes.bat, change the Save as type to all files and save it to your Desktop.
Double-click on fixes.bat to execute it.
-----------------------------------------------------------
Download Avenger from here and unzip to your desktop.
Run Avenger
Read the prompt that appears, and press OK
Copy & paste the following text in Input script Box:
Code:Files to move:
C:\logevent.dll | C:\WINDOWS\SYSTEM32\eventlog.dll
C:\dumprep.exe | C:\WINDOWS\SYSTEM32\dumprep.exe
Then click "Execute".
You will be presented with 2 confirmation prompts. Select yes on each. Your system will reboot.
Note: It is possible that Avenger will reboot your system TWICE.
Upon reboot, a command prompt window will appear on your screen for a few seconds, and then Avenger's log will open. Please paste that log here in your next post.
-----------------------------------------------------------
Go to start > run and copy and paste the following command in the field:Code:"%userprofile%\desktop\win32kdiag.exe" -f -r
This should restore permissions on locked files and remove mountpoints.
-----------------------------------------------------------
Post fresh logs for:
Avenger (C:\avenger.txt)
a-squared Free
ISeeYouXP
HiJackFree
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
a-squared Team - www.emsisoft.com
|
|
Rank: Advanced Member
Groups: Member, Moderation
Joined: 5/23/2006
Posts: 2,252
Location: Northern NY
|
Thread Closed
Reason: Lack of Response
PM either ShadowPuterDude or Lynx to have this thread reopened.
The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.
All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread
a-squared Team - www.emsisoft.com
|
|
|
Guest User |