Fred1945

Gen.trojan!ik Problem

Recommended Posts

This is posted in the old forum. I believe it says to re-post in this forum.

Hi. Possibly you could help me with a GEN.TROJAN!IK problem. A-squared will not delete. System shutdown & restart occurs after choosing quarantine. Shutdown message says a services file has been unexpectedly stopped & system shutdown & restart will occur in 30 seconds. Posting a-squared scan results. Iseeyouxp will not run. Hijack free will not run. Posting results of Win32kDiag below a-squared scan.


Code:
a-squared Free - Version 4.5
Last update: 9/30/2009 10:42:36 AM

Scan settings:

Scan type: Quick Scan
Objects: Memory, Traces, Cookies
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 9/30/2009 10:42:55 AM

[1072] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[1168] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[1300] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[1412] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[2016] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[520] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[1624] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[2588] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[2684] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[3084] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
[1976] \\?\globalroot\Device\__max++>\F268733E.x86.dll detected: Gen.Trojan!IK
c:\documents and settings\c f faulds\application data\bsplayer pro detected: Trace.Directory.BSplayer!A2
c:\windows\tasks\{7b02ef0b-a410-4938-8480-9ba26420a627}.job detected: Trace.File.FraudPack!A2
c:\windows\tasks\{bb65b0fb-5712-401b-b616-e69ac55e2757}.job detected: Trace.File.FraudPack!A2
c:\windows\installer\msi22.tmp detected: Trace.File.FileSubmit.B!A2
c:\documents and settings\c f faulds\application data\bsplayer pro\bsplayer.xml detected: Trace.File.BSplayer!A2
Value: HKEY_USERS\S-1-5-21-1801674531-527237240-839522115-1003\Software\BST\bsplayerv1 --> AppPath detected: Trace.Registry.BSplayer!A2
Value: HKEY_USERS\S-1-5-21-1801674531-527237240-839522115-1003\Software\BST\bsplayerv1 --> AppVer detected: Trace.Registry.BSplayer!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.a.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.a.pl!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.about!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.about!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.about!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.adsremote!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.angelfire!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.burstnet!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected]8[1].txt detected: Trace.TrackingCookie.cdfreaks!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.cdfreaks!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.cgi-bin[1].txt!A2
C:\Documents and Settings\C F Faulds\Cookies\c f faulds[email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.count!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.count!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.count!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.count!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.count!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.ebay.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.goclick!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.link!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.link!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.link!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected]re[2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.news.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.pop!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.serv.net!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.sex!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.travelzoo!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.webtrends!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.webtrends!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.webtrends!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.buy!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][1].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.www.com!A2
C:\Documents and Settings\C F Faulds\Cookies\c f [email protected][2].txt detected: Trace.TrackingCookie.zdnet.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.adknowledge!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.advertising!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected]dmt[2].txt detected: Trace.TrackingCookie.atdmt!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.bs.serving-sys!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.casalemedia!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.citi.bridgetrack!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.com!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.doubleclick!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.lop!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.pricegrabber!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.questionmarket!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.rub!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][1].txt detected: Trace.TrackingCookie.serving-sys!A2
C:\Documents and Settings\C F Faulds\Cookies\[email protected][2].txt detected: Trace.TrackingCookie.tribalfusion!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562517 detected: Trace.TrackingCookie.doubleclick.net!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562576 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562577 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562585 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562599 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562600 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562601 detected: Trace.TrackingCookie.trafficmp.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1213734840562623 detected: Trace.TrackingCookie.tribalfusion.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1214261963031257 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1214262082468755 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1233358030453125 detected: Trace.TrackingCookie.reuters.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1233358030687500 detected: Trace.TrackingCookie.statse.webtrendslive!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1234948378859375 detected: Trace.TrackingCookie.zedo.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1239844157515627 detected: Trace.TrackingCookie.media!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1248300317437000 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1250019427343000 detected: Trace.TrackingCookie.sales.liveperson.net!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1250019427421000 detected: Trace.TrackingCookie.sales.liveperson.net!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1250112713265003 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2
C:\Documents and Settings\C F Faulds\Application Data\Mozilla\Firefox\Profiles\7pgpp6ik.default\cookies.sqlite:1252538045000002 detected: Trace.TrackingCookie.ad.yieldmanager.com!A2

Scanned

Files: 1277
Traces: 631072
Cookies: 6269
Processes: 35

Found

Files: 0
Traces: 7
Cookies: 124
Processes: 11
Registry keys: 0

Scan end: 9/30/2009 10:47:12 AM
Scan time: 0:04:17





Code:

Starting up...

Running from: C:\Documents and Settings\C F Faulds\Desktop\a2 squared\Win32kDiag

.exe

Log file at : C:\Documents and Settings\C F Faulds\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\All Users\Application Data\yahoo!\ytaggedbm

\ytaggedbm

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZA

P47.tmp\ZAP47.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d1\d1

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d2\d2

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d3\d3

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d4\d4

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d5\d5

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d6\d6

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d7\d7

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\CSC\d8\d8

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ftpcache\ftpcache

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F2

31838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\18555481990E

8AB4CBB63FB4F26006C0\1.0.0\1.0.0

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C6

48A4DB8BE2A5B47BE100\1.0.0\1.0.0

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3

D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Temporar

y ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Minidump\Minidump

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msdownld.tmp\msdownld.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Config\CheckPoint\CheckPoi

nt

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\InstalledSKUs\InstalledSKU

s

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\DFS\DFS

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System\News\News

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\System_OEM\System_OEM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\PIF\PIF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SoftwareDistribution\AuthCabs\Downloaded\Do

wnloaded

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\SxsCaPendDel\SxsCaPendDel

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\system32\eventlog.dll

[1] 2004-08-04 00:56:44 55808 C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll (

Microsoft Corporation)

[1] 2008-04-13 20:11:53 56320 C:\WINDOWS\ServicePackFiles\i386\eventlog.dll (Mic

rosoft Corporation)

[1] 2008-04-13 20:11:53 61952 C:\WINDOWS\system32\eventlog.dll ()

[2] 2008-04-13 20:11:53 56320 C:\WINDOWS\system32\logevent(2).dll (Microsoft Cor

poration)

[2] 2008-04-13 20:11:53 56320 C:\WINDOWS\system32\logevent.dll (Microsoft Corpor

ation)

[2] 2008-04-13 20:11:53 56320 C:\System Volume Information\_restore{6FCA2E7E-FAF

1-44AC-9220-EAE62695F92F}\RP537\A0098434.dll (Microsoft Corporation)

Found mount point : C:\WINDOWS\temp\_avast4_\_avast4_

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2

.0.0(2).0_x-ww_6e57c34e\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0(2).0_x-ww_6e57c

34e

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2

.0.0(3).0_x-ww_6e57c34e\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0(3).0_x-ww_6e57c

34e

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2

.0.0(4).0_x-ww_6e57c34e\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0(4).0_x-ww_6e57c

34e

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f

7f11d50a3a_2.0.0(2).0_x-ww_7d5f3790\x86_System.EnterpriseServices_b03f5f7f11d50a

3a_2.0.0(2).0_x-ww_7d5f3790

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f

7f11d50a3a_2.0.0(3).0_x-ww_7d5f3790\x86_System.EnterpriseServices_b03f5f7f11d50a

3a_2.0.0(3).0_x-ww_7d5f3790

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f

7f11d50a3a_2.0.0(4).0_x-ww_7d5f3790\x86_System.EnterpriseServices_b03f5f7f11d50a

3a_2.0.0(4).0_x-ww_7d5f3790

Mount point destination : \Device\__max++>\^

Finished! Press any key to exit...

Thanks

Share this post


Link to post
Share on other sites

Fred, please reply to your original thread in the old forum. You can still use the old forum until the 15th of October. Users just can't start new threads in the old forum.

Share this post


Link to post
Share on other sites

Thread Closed

Reason: Lack of Response

PM either ShadowPuterDude or Lynx to have this thread reopened.

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.