-
You can certainly attach the file if too big.
-
Member
log from Win32Diag tool part2
Found mount point : C:\Windows\PCHEALTH\ERRORREP\QHEADLES\QHEADLES
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\PLA\Templates\Templates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\registration\CRMLog\CRMLog
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SchCache\SchCache
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\security\templates\templates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\Tfs_DAV
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\Description Documents\Description Documents
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Recent\Recent
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\Templates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Desktop\Desktop
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Documents\Documents
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Downloads\Downloads
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Favorites\Favorites
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Links\Links
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Music\Music
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Pictures\Pictures
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Saved Games\Saved Games
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\LocalService\Videos\Videos
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\SCPD\SCPD
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Recent\Recent
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\Templates
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Desktop\Desktop
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Documents\Documents
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Downloads\Downloads
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Favorites\Favorites
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Links\Links
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Music\Music
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Pictures\Pictures
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Saved Games\Saved Games
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\ServiceProfiles\NetworkService\Videos\Videos
Mount point destination : \Device\__max++>\^
-
Member
log from Win32Diag tool part3
Found mount point : C:\Windows\SoftwareDistribution\AuthCabs\Downloaded\Downloaded
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.16868_none_9a40172a0fc4863e
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6000.21065_none_9ac68b3928e50d45
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18270_none_9c1383940cfa6868
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.22447_none_9cc4940f25f962e7
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.18049_none_9e2369c00a004aef
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6002.22150_none_9e993405232e229b
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.16868_none_05136bbbd8da5cfa\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.16868_none_05136bbbd8da5cfa: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.21065_none_0599dfcaf1fae401\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6000.21065_none_0599dfcaf1fae401: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.18270_none_06e6d825d6103f24\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.18270_none_06e6d825d6103f24: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.22447_none_0797e8a0ef0f39a3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6001.22447_none_0797e8a0ef0f39a3: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.18049_none_08f6be51d31621ab\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.18049_none_08f6be51d31621ab: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\8515290af8e2a11b58a5fdcb5018cdf3\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.22150_none_096c8896ec43f957\x86_microsoft-windows-mediaplayer-wmvcore_31bf3856ad364e35_6.0.6002.22150_none_096c8896ec43f957: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16919_none_f0a013de6e53b9ab\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16919_none_f0a013de6e53b9ab
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21119_none_f12988cb87718cb7\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21119_none_f12988cb87718cb7
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18322_none_f27480926b88b52c\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18322_none_f27480926b88b52c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22511_none_f307eee5849f1cd5\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22511_none_f307eee5849f1cd5
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18103_none_f4719482689de8ec\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18103_none_f4719482689de8ec
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\900b4a4eda74f4f6355031d2463ada66\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22215_none_f4f261f581c1d755\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22215_none_f4f261f581c1d755
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.16884_none_83e02be57bf1f0b4\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.16884_none_83e02be57bf1f0b4: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.21082_none_8467a03e95119112\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6000.21082_none_8467a03e95119112: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.18288_none_85ca6bb37914e701\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.18288_none_85ca6bb37914e701: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.22468_none_8669aa3c92224c10\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6001.22468_none_8669aa3c92224c10: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.18064_none_87c27e31762e9c0e\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.18064_none_87c27e31762e9c0e: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.22170_none_883d49e88f57f26d\x86_microsoft-windows-l..securityhelperclass_31bf3856ad364e35_6.0.6002.22170_none_883d49e88f57f26d: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.16884_none_9a0b894107fccf79
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6000.21082_none_9a92fd9a211c6fd7
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.18288_none_9bf5c90f051fc5c6
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6001.22468_none_9c9507981e2d2ad5
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18064_none_9deddb8d02397ad3
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\98feee1bafb0596b2f2987bc05c79171\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.22170_none_9e68a7441b62d132
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.18091_none_87a35e9f02db5bf5\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.18091_none_87a35e9f02db5bf5: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22200_none_888d4c521bb0e416\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22200_none_888d4c521bb0e416: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6000.16908_en-us_80aa46aabe6988cc\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6000.16908_en-us_80aa46aabe6988cc: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6000.21108_en-us_8133bb97d7875bd8\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6000.21108_en-us_8133bb97d7875bd8: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6001.18311_en-us_827eb35ebb9e844d\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6001.18311_en-us_827eb35ebb9e844d: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6001.22497_en-us_82b7d285d4f79ba9\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6001.22497_en-us_82b7d285d4f79ba9: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6002.18091_en-us_840ea5e6b905b8f9\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6002.18091_en-us_840ea5e6b905b8f9: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6002.22200_en-us_84f89399d1db411a\x86_microsoft-windows-netevent.resources_31bf3856ad364e35_6.0.6002.22200_en-us_84f89399d1db411a: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.16908_none_586821dd6d61016f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.16908_none_586821dd6d61016f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.21108_none_58f196ca867ed47b\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6000.21108_none_58f196ca867ed47b
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.18311_none_5a3c8e916a95fcf0\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.18311_none_5a3c8e916a95fcf0
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.22497_none_5a75adb883ef144c\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6001.22497_none_5a75adb883ef144c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.18091_none_5bcc811967fd319c\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.18091_none_5bcc811967fd319c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.22200_none_5cb66ecc80d2b9bd\x86_microsoft-windows-netevent_31bf3856ad364e35_6.0.6002.22200_none_5cb66ecc80d2b9bd
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.16908_none_54bd3631b81fb89b\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.16908_none_54bd3631b81fb89b: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.21108_none_5546ab1ed13d8ba7\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6000.21108_none_5546ab1ed13d8ba7: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22497_none_56cac20cceadcb78\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22497_none_56cac20cceadcb78: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6000.21108_none_cbcfae32467adc51
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22497_none_cd53c52043eb1c22
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6000.16908_en-us_f28bf998a1c9cb0c\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6000.16908_en-us_f28bf998a1c9cb0c: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6000.21108_en-us_f3156e85bae79e18\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6000.21108_en-us_f3156e85bae79e18: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6001.18311_en-us_f460664c9efec68d\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6001.18311_en-us_f460664c9efec68d: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6001.22497_en-us_f4998573b857dde9\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6001.22497_en-us_f4998573b857dde9: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6002.18091_en-us_f5f058d49c65fb39\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6002.18091_en-us_f5f058d49c65fb39: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6002.22200_en-us_f6da4687b53b835a\x86_microsoft-windows-t..p-utility.resources_31bf3856ad364e35_6.0.6002.22200_en-us_f6da4687b53b835a: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.16908_none_30e8bd0651b053ef
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6000.21108_none_317231f36ace26fb
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.18311_none_32bd29ba4ee54f70
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6001.22497_none_32f648e1683e66cc
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18091_none_344d1c424c4c841c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.22200_none_353709f565220c3d
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\b635b7a7651f5dd1a95f6d85f3bb620f\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cc9db45d4d7a49bee9efe23f364bf80b\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18795_none_656cbc830d360ee8\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18795_none_656cbc830d360ee8: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cc9db45d4d7a49bee9efe23f364bf80b\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.22886_none_66022984264aac18\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.22886_none_66022984264aac18: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_accessibility_b03f5f7f11d50a3a_6.0.6002.18005_none_4d866065934e5ef7\msil_accessibility_b03f5f7f11d50a3a_6.0.6002.18005_none_4d866065934e5ef7
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6002.18005_none_8054152c96e37e26\msil_aspnetmmcext_b03f5f7f11d50a3a_6.0.6002.18005_none_8054152c96e37e26
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6002.18005_none_eb63fcdad4ebfd16\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6002.18005_none_eb63fcdad4ebfd16
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6002.18005_none_1872efd4aa5a4414\msil_cscompmgd_b03f5f7f11d50a3a_6.0.6002.18005_none_1872efd4aa5a4414
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_dfsvc_b03f5f7f11d50a3a_6.0.6002.18005_none_65a8cc0289501153\msil_dfsvc_b03f5f7f11d50a3a_6.0.6002.18005_none_65a8cc0289501153
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_eventviewer.resources_31bf3856ad364e35_6.0.6002.18005_en-us_cc17da7cb2f2920f\msil_eventviewer.resources_31bf3856ad364e35_6.0.6002.18005_en-us_cc17da7cb2f2920f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6002.18005_none_ef4a58c7c5889e64\msil_ieexecremote_b03f5f7f11d50a3a_6.0.6002.18005_none_ef4a58c7c5889e64
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_ieexec_b03f5f7f11d50a3a_6.0.6002.18005_none_7ebbc5c007fec7a8\msil_ieexec_b03f5f7f11d50a3a_6.0.6002.18005_none_7ebbc5c007fec7a8
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_iehost_b03f5f7f11d50a3a_6.0.6002.18005_none_7e35165408616421\msil_iehost_b03f5f7f11d50a3a_6.0.6002.18005_none_7e35165408616421
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_iiehost_b03f5f7f11d50a3a_6.0.6002.18005_none_816442d68bbe18e0\msil_iiehost_b03f5f7f11d50a3a_6.0.6002.18005_none_816442d68bbe18e0
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_jsc_b03f5f7f11d50a3a_6.0.6002.18005_none_a7af7d70d7c9356f\msil_jsc_b03f5f7f11d50a3a_6.0.6002.18005_none_a7af7d70d7c9356f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6002.18005_none_387c914c0ed279d3\msil_microsoft.build.engine_b03f5f7f11d50a3a_6.0.6002.18005_none_387c914c0ed279d3
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6002.18005_none_c2a3acd783e72d57\msil_microsoft.build.framework_b03f5f7f11d50a3a_6.0.6002.18005_none_c2a3acd783e72d57
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6002.18005_none_9d3ca2208d80c419\msil_microsoft.build.tasks_b03f5f7f11d50a3a_6.0.6002.18005_none_9d3ca2208d80c419
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6002.18005_none_e1e4fa8ea5567225\msil_microsoft.build.utilities_b03f5f7f11d50a3a_6.0.6002.18005_none_e1e4fa8ea5567225
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6002.18005_none_d20884118360c004\msil_microsoft.jscript_b03f5f7f11d50a3a_6.0.6002.18005_none_d20884118360c004
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.managementconsole_31bf3856ad364e35_6.0.6002.18005_none_404ed32b1170eb50\msil_microsoft.managementconsole_31bf3856ad364e35_6.0.6002.18005_none_404ed32b1170eb50
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6002.18005_none_c7bec71ffdedf435\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6002.18005_none_c7bec71ffdedf435
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6002.18005_none_5f17fcdf1d21af33\msil_microsoft.visualbasic.compatibility.data_b03f5f7f11d50a3a_6.0.6002.18005_none_5f17fcdf1d21af33: 3
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6002.18005_none_ed4030cc958ae321\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.0.6002.18005_none_ed4030cc958ae321: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6002.18005_none_f2b3e9f14ccc4d0f\msil_microsoft.visualbasic.vsa_b03f5f7f11d50a3a_6.0.6002.18005_none_f2b3e9f14ccc4d0f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6002.18005_none_ad69093e0186cb39\msil_microsoft.visualbasic_b03f5f7f11d50a3a_6.0.6002.18005_none_ad69093e0186cb39
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160\msil_microsoft.vsa.vb.codedomprocessor_b03f5f7f11d50a3a_6.0.6002.18005_none_44578232f2ea7160
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6002.18005_none_682aad423a72f74b\msil_microsoft.vsa_b03f5f7f11d50a3a_6.0.6002.18005_none_682aad423a72f74b
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.web.administration.resources_31bf3856ad364e35_6.0.6002.18005_en-us_9e7284d03365a901\msil_microsoft.web.administration.resources_31bf3856ad364e35_6.0.6002.18005_en-us_9e7284d03365a901: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_microsoft.web.administration_31bf3856ad364e35_6.0.6002.18005_none_b8c9781d8fcc849c\msil_microsoft.web.administration_31bf3856ad364e35_6.0.6002.18005_none_b8c9781d8fcc849c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_miguicontrols_31bf3856ad364e35_6.0.6002.18005_none_b034519a39bcde59\msil_miguicontrols_31bf3856ad364e35_6.0.6002.18005_none_b034519a39bcde59
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_mmcex_31bf3856ad364e35_6.0.6002.18005_none_fdd3b6785be3af44\msil_mmcex_31bf3856ad364e35_6.0.6002.18005_none_fdd3b6785be3af44
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_mmcfxcommon_31bf3856ad364e35_6.0.6002.18005_none_5452e9e5750caf3c\msil_mmcfxcommon_31bf3856ad364e35_6.0.6002.18005_none_5452e9e5750caf3c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_napsnap.resources_31bf3856ad364e35_6.0.6002.18005_en-us_d14785aeef1f0902\msil_napsnap.resources_31bf3856ad364e35_6.0.6002.18005_en-us_d14785aeef1f0902
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6002.18005_none_9e0bf58c35ba287c\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6002.18005_none_9e0bf58c35ba287c
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6002.18005_none_43070e2e1454a6a0\msil_presentationcffrasterizer_31bf3856ad364e35_6.0.6002.18005_none_43070e2e1454a6a0
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationfontcache_31bf3856ad364e35_6.0.6002.18005_none_0fb649d9ad5630d5\msil_presentationfontcache_31bf3856ad364e35_6.0.6002.18005_none_0fb649d9ad5630d5
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationframework.aero_31bf3856ad364e35_6.0.6002.18005_none_1b338c0e6cbb7a8b\msil_presentationframework.aero_31bf3856ad364e35_6.0.6002.18005_none_1b338c0e6cbb7a8b
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationframework.classic_31bf3856ad364e35_6.0.6002.18005_none_b244cef4e1b377d4\msil_presentationframework.classic_31bf3856ad364e35_6.0.6002.18005_none_b244cef4e1b377d4
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationframework.luna_31bf3856ad364e35_6.0.6002.18005_none_1a0e64ec6d65920e\msil_presentationframework.luna_31bf3856ad364e35_6.0.6002.18005_none_1a0e64ec6d65920e
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationframework.royale_31bf3856ad364e35_6.0.6002.18005_none_9c96b85b8e663ccc\msil_presentationframework.royale_31bf3856ad364e35_6.0.6002.18005_none_9c96b85b8e663ccc
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationframework_31bf3856ad364e35_6.0.6002.18005_none_78a30f10f11e86c4\msil_presentationframework_31bf3856ad364e35_6.0.6002.18005_none_78a30f10f11e86c4
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_presentationui_31bf3856ad364e35_6.0.6002.18005_none_ad960e0439a9be86\msil_presentationui_31bf3856ad364e35_6.0.6002.18005_none_ad960e0439a9be86
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_reachframework_31bf3856ad364e35_6.0.6002.18005_none_439ad0affea2839f\msil_reachframework_31bf3856ad364e35_6.0.6002.18005_none_439ad0affea2839f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6002.18005_none_4aa84200fc580287\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6002.18005_none_4aa84200fc580287
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_smdiagnostics_b77a5c561934e089_6.0.6002.18005_none_9e6dd954b053cc6d\msil_smdiagnostics_b77a5c561934e089_6.0.6002.18005_none_9e6dd954b053cc6d
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_smsvchost_b03f5f7f11d50a3a_6.0.6002.18005_none_12354c1054c35525\msil_smsvchost_b03f5f7f11d50a3a_6.0.6002.18005_none_12354c1054c35525
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_sysglobl_b03f5f7f11d50a3a_6.0.6002.18005_none_d4bb69db8a792ee2\msil_sysglobl_b03f5f7f11d50a3a_6.0.6002.18005_none_d4bb69db8a792ee2
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6002.18005_none_8b9cdc5b78f8032d\msil_system.configuration.install_b03f5f7f11d50a3a_6.0.6002.18005_none_8b9cdc5b78f8032d
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.configuration_b03f5f7f11d50a3a_6.0.6002.18005_none_2afff036370d4fd2\msil_system.configuration_b03f5f7f11d50a3a_6.0.6002.18005_none_2afff036370d4fd2
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.data.sqlxml_b77a5c561934e089_6.0.6002.18005_none_3153bfada5516881\msil_system.data.sqlxml_b77a5c561934e089_6.0.6002.18005_none_3153bfada5516881
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.deployment_b03f5f7f11d50a3a_6.0.6002.18005_none_5fd691f73142d41f\msil_system.deployment_b03f5f7f11d50a3a_6.0.6002.18005_none_5fd691f73142d41f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.design_b03f5f7f11d50a3a_6.0.6002.18005_none_b525864303710290\msil_system.design_b03f5f7f11d50a3a_6.0.6002.18005_none_b525864303710290
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6002.18005_none_aef5d5a354b01224\msil_system.directoryservices.protocols_b03f5f7f11d50a3a_6.0.6002.18005_none_aef5d5a354b01224: 3
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6002.18005_none_5679ca4731c43ad9\msil_system.directoryservices_b03f5f7f11d50a3a_6.0.6002.18005_none_5679ca4731c43ad9
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6002.18005_none_1be3a910b0bb38ae\msil_system.drawing.design_b03f5f7f11d50a3a_6.0.6002.18005_none_1be3a910b0bb38ae
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.drawing_b03f5f7f11d50a3a_6.0.6002.18005_none_8f6eb5fdf12629bc\msil_system.drawing_b03f5f7f11d50a3a_6.0.6002.18005_none_8f6eb5fdf12629bc
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6002.18005_none_abcac43873eedab5\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6002.18005_none_abcac43873eedab5
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.identitymodel_b77a5c561934e089_6.0.6002.18005_none_1d35f4104460221f\msil_system.identitymodel_b77a5c561934e089_6.0.6002.18005_none_1d35f4104460221f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.io.log_b03f5f7f11d50a3a_6.0.6002.18005_none_84d894282094e2b4\msil_system.io.log_b03f5f7f11d50a3a_6.0.6002.18005_none_84d894282094e2b4
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.management_b03f5f7f11d50a3a_6.0.6002.18005_none_1f10f6d20cbde89f\msil_system.management_b03f5f7f11d50a3a_6.0.6002.18005_none_1f10f6d20cbde89f
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.messaging_b03f5f7f11d50a3a_6.0.6002.18005_none_2d8dcc7323f39b16\msil_system.messaging_b03f5f7f11d50a3a_6.0.6002.18005_none_2d8dcc7323f39b16
Mount point destination : \Device\__max++>\^
Found mount point : C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.runtime.remoting_b77a5c561934e089_6.0.6002.18005_none_c56ff2c845843ca9\msil_system.runtime.remoting_b77a5c561934e089_6.0.6002.18005_none_c56ff2c845843ca9
Mount point destination : \Device\__max++>\^
Could not open reparse point C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.0.6002.18005_none_47ee75992421f088: 3
-
Was that the end of the report?
-
Member
-
Okay no problem, got it. I'll take a look and post back soon.
-
Member
re: Win32Diag log
Hi IndiGenus:
Thanks very much. Will await your reply.
from Dorothy
-
* IMPORTANT !!! Copy ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. Please also post an updated HijackThis log and let me know how it's running.
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
-
Member
re: Copy ComboFix.exe to desktop
Hi IndiGenus:
Got your reply & will do the "ComboFix.exe" instructions/scan.
and post a log.
As for "HijackThis" log, I'll give that a try after the above. I wasn't able to do that when I first asked for help (see my request for help page).
Talk with you soon. Thanks for your speedy reply.
from Dorothy
-
Member
ComboFix log included
Hi IndiGenus:
Below the info notes is the ComboFix log you requested.
I didnt notice any prompts to allow install of "Micrsoft Windows Recovery Console", so I'm thinking it's already on my computer.
I reactivated Antivirus & Antispyware applications before going onto the Internet to post here. Hope I was supposed to do that.
***Note***:
1. I still can't access Spybot-Search & Destroy...same message as before comes up saying I may not have the appropriate permissions to access item, even though I click "run as administrator". I have never had the Tea Timer running because I found all the prompts to confusing and was concerned about a conflict between Spybot Teatimer and AVG8 Resident Shield so I just used the AVG8 Resident Shield.
2. AVG8 Resident Shield will still not reactivate even after clicking the appropriate boxes.
3. Windows Defender re-enabled no problem.
Hope that's the info you were requesting.
Thanks from Dorothy
Here is the ComboFix log:
ComboFix 09-10-17.01 - JeffandMom 19/10/2009 13:16.1.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.2.1033.18.446.119 [GMT -4:00]
Running from: c:\users\JeffandMom\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1243676550-844158297-4097513924-1001
c:\$recycle.bin\S-1-5-21-1243676550-844158297-4097513924-1002
c:\$recycle.bin\S-1-5-21-1243676550-844158297-4097513924-1003
c:\$recycle.bin\S-1-5-21-1243676550-844158297-4097513924-500
c:\$recycle.bin\S-1-5-21-1738422755-998661840-641317060-500
c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\users\JeffandMom\AppData\Roaming\.#
c:\windows\win32k.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
((((((((((((((((((((((((( Files Created from 2009-09-19 to 2009-10-19 )))))))))))))))))))))))))))))))
.
2009-10-19 17:29 . 2009-10-19 17:33 -------- d-----w- c:\users\JeffandMom\AppData\Local\temp
2009-10-19 17:29 . 2009-10-19 17:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-15 03:59 . 2009-10-15 03:59 -------- d-----w- c:\program files\ESET
2009-10-14 22:58 . 2009-10-14 23:00 -------- d-----w- c:\program files\Windows Live Safety Center
2009-10-14 03:33 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 03:33 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 03:33 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 03:30 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 18:35 . 2009-10-13 18:35 -------- d-----w- c:\users\JeffandMom\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-10-13 18:15 . 2009-10-13 18:47 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-03 05:51 . 2009-10-01 14:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-23 17:12 . 2009-09-24 00:31 -------- d-----w- c:\users\JeffandMom\.housecall6.6
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 04:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-13 18:23 . 2009-07-14 03:00 -------- d-----w- c:\programdata\NOS
2009-09-30 22:16 . 2008-11-03 18:46 -------- d-----w- c:\program files\DNA
2009-09-30 04:03 . 2008-01-11 02:28 680 ----a-w- c:\users\JeffandMom\AppData\Local\d3d9caps.dat
2009-09-27 17:21 . 2009-02-13 05:06 -------- d-----w- c:\program files\Spybot - Search & Destroy162
2009-09-23 15:22 . 2007-06-21 09:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-21 05:01 . 2008-05-25 16:40 -------- d-----w- c:\programdata\Avg8
2009-09-12 05:11 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-09-12 05:11 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-09-12 05:11 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-09-12 05:11 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-12 05:10 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-09-02 06:40 . 2009-02-13 09:37 -------- d-----w- c:\program files\Java
2009-08-29 00:27 . 2009-09-03 13:57 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-03 13:57 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 13:51 . 2009-02-03 20:53 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-28 13:51 . 2009-02-03 20:53 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-28 13:51 . 2009-02-03 20:53 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-27 05:22 . 2009-10-14 03:32 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-14 03:32 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-14 03:32 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-14 03:32 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-23 04:32 . 2007-06-12 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-14 16:27 . 2009-09-10 00:49 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 00:49 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 00:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 00:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 00:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 00:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 00:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 00:49 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 00:49 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 00:49 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 00:49 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-04 23:52 . 2009-08-04 23:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-04 12:34 . 2009-10-14 03:32 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 12:34 . 2009-10-14 03:32 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-25 09:23 . 2009-01-24 07:23 411368 ----a-w- c:\windows\system32\deploytk.dll
2007-09-25 01:32 . 2007-09-25 01:32 774144 ----a-w- c:\program files\RngInterstitial.dll
2007-06-13 03:56 . 2007-06-13 03:55 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-19 2025752]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BitTorrent DNA"="c:\users\JeffandMom\Program Files\DNA\btdna.exe"
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Corel Photo Downloader"=c:\program files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Sys7CC0.exe"=c:\windows\Sys7CC0.exe
"WPCUMI"=c:\windows\system32\WpcUmi.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"SigmatelSysTrayApp"=sttray.exe
"AVG8_TRAY"=c:\progra~1\AVG\AVG8\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):40,68,88,54,68,33,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1243676550-844158297-4097513924-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B3575F37-250E-44F1-955F-9DBA8D31014F}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{33B940DD-6CDC-41AD-B5C0-94FFFE30F099}"= UDP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{675E4329-BDAD-425B-8F52-E59340D79AE2}"= TCP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"TCP Query User{1C073947-2788-4DB5-8357-98E3E3FCDA24}c:\\program files\\maxis\\simcity 3000 unlimited\\apps\\updater\\updater.exe"= UDP:c:\program files\maxis\simcity 3000 unlimited\apps\updater\updater.exe:SC3UpdaterMFC
"UDP Query User{8CB2018A-3E7E-4C02-AF5B-51AF4CF93026}c:\\program files\\maxis\\simcity 3000 unlimited\\apps\\updater\\updater.exe"= TCP:c:\program files\maxis\simcity 3000 unlimited\apps\updater\updater.exe:SC3UpdaterMFC
"TCP Query User{C4FD23D5-2EA3-4158-A34F-46692E6CC4D4}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{40927A40-DE20-49B6-A2E7-F52B8395AA5D}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{714594F5-54E7-4B6C-986C-A77C6490D6DC}"= UDP:c:\program files\SpywareBlaster\spywareblaster.exe:SpywareBlaster
"{45CDFF7D-D7E9-433E-9584-73C0A7ECF93F}"= TCP:c:\program files\SpywareBlaster\spywareblaster.exe:SpywareBlaster
"{16DCBD6D-6EA6-4CE0-A7D8-36E9E51C0130}"= UDP:c:\program files\Spybot - Search & Destroy\SpybotSD.exe:Spybot - Search & Destroy
"{0B8085F5-69B5-4EFB-A42F-6B5FEC037EA8}"= TCP:c:\program files\Spybot - Search & Destroy\SpybotSD.exe:Spybot - Search & Destroy
"TCP Query User{78733992-4ABA-4095-9BF7-64F6EB0EBD63}c:\\users\\jeffandmom\\appdata\\local\\temp\\cryf095.tmp\\install.exe"= Disabled:UDP:c:\users\jeffandmom\appdata\local\temp\cryf095.tmp\install.exe:install.exe
"UDP Query User{5100B386-8977-488E-87A5-FD6EE52C9204}c:\\users\\jeffandmom\\appdata\\local\\temp\\cryf095.tmp\\install.exe"= Disabled:TCP:c:\users\jeffandmom\appdata\local\temp\cryf095.tmp\install.exe:install.exe
"TCP Query User{A68E209B-8B93-4E8F-AD3B-7CAF8423BEF2}c:\\program files\\msn messenger\\msnmsgr.exe"= UDP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"UDP Query User{14456106-FC4A-499C-B233-9DA902D77F8C}c:\\program files\\msn messenger\\msnmsgr.exe"= TCP:c:\program files\msn messenger\msnmsgr.exe:MSN Messenger
"TCP Query User{DA2C9F94-6C3A-46C3-9312-8BE90D992031}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:Starcraft
"UDP Query User{CAA44634-39E1-43CB-8892-D368F1834357}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:Starcraft
"TCP Query User{0E289CE5-5339-44C8-83BA-4250041310E6}c:\\program files\\morpheus\\morpheus.exe"= UDP:c:\program files\morpheus\morpheus.exe:Morpheus
"UDP Query User{4D3E9D19-028D-48DC-8DC3-B94B6CE2B61C}c:\\program files\\morpheus\\morpheus.exe"= TCP:c:\program files\morpheus\morpheus.exe:Morpheus
"TCP Query User{2D148C49-136C-4B8D-AFCB-C9CB301F394A}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{419A0031-93D2-4BF9-A854-F6F4F229506D}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{5C26B0C7-70E4-4FB7-BA48-D7A46CE57571}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{4664334B-7196-45E1-8965-4F14BE3AE307}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{10E65A62-9E1F-4C13-96DC-6EC6E25B51BE}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{AC6B501D-9E15-4FDC-BEED-80EAD63AF5BD}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{342ADA7E-1204-486D-A832-F5C6798570B8}"= UDP:c:\program files\Maxis\SimCity 3000 Unlimited\Apps\sc3U.exe:SimCity 3000 Unlimited
"{319F2B45-1BE1-4DC6-8C9B-AE7E9F61ABF9}"= TCP:c:\program files\Maxis\SimCity 3000 Unlimited\Apps\sc3U.exe:SimCity 3000 Unlimited
"{9AD0B42E-5FC0-406C-8664-6A68A668041D}"= UDP:c:\program files\Maxis\SimCity 3000 Unlimited\Apps\BAApp.exe:Building Architect Plus
"{3E1367B2-685D-4894-923E-AFD35913E544}"= TCP:c:\program files\Maxis\SimCity 3000 Unlimited\Apps\BAApp.exe:Building Architect Plus
"{B81B8BDE-CE31-4AE3-AE3E-11822A09AC36}"= Disabled:UDP:c:\program files\Blubster\Blubster.exe:Blubster
"{57B35579-93BD-4E43-A763-C6C5B815D71C}"= Disabled:TCP:c:\program files\Blubster\Blubster.exe:Blubster
"TCP Query User{EEA02241-6F2D-4A58-A957-BED349F9BD7F}c:\\program files\\yahoo! games\\jeopardy!\\jeopardy!.exe"= Disabled:UDP:c:\program files\yahoo! games\jeopardy!\jeopardy!.exe:JEOPARDY!
"UDP Query User{98A85509-9C5B-4A6F-A64B-A2CAF6A08A7B}c:\\program files\\yahoo! games\\jeopardy!\\jeopardy!.exe"= Disabled:TCP:c:\program files\yahoo! games\jeopardy!\jeopardy!.exe:JEOPARDY!
"{AF793AE3-9195-45C6-B589-B85B8CE1AACB}"= Disabled:UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{857C846E-0368-42AC-86E3-2284F4A9426E}"= Disabled:TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{DEE67F76-564B-4964-A1D2-19945441D98D}"= UDP:c:\program files\Grisoft\AVG7\avgcc.exe:AVG Control Center
"{4914565E-0F00-4948-985F-4B448B560D0D}"= TCP:c:\program files\Grisoft\AVG7\avgcc.exe:AVG Control Center
"{F9971E49-5AA4-477D-80D6-E12FD76C7CE0}"= UDP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"{FF0F290B-0A63-4B58-9DA9-F4A0DBA266DF}"= TCP:c:\program files\Grisoft\AVG7\avginet.exe:avginet.exe
"TCP Query User{E8772C2A-B0D4-460C-8DF3-35E02E89AE12}c:\\users\\jeffandmom\\program files\\dna\\btdna.exe"= UDP:c:\users\jeffandmom\program files\dna\btdna.exe:btdna.exe
"UDP Query User{B052B293-75C7-453A-8372-2C4B7F475EE4}c:\\users\\jeffandmom\\program files\\dna\\btdna.exe"= TCP:c:\users\jeffandmom\program files\dna\btdna.exe:btdna.exe
"{E9047EDA-B009-4D37-B5D0-223878263010}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{8EAC47DC-0B2D-4B94-A9BC-378DAC1FD3CB}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{6C1C211A-8DA3-4CA0-AE22-1788A73C9E1C}"= UDP:c:\program files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"{311AF4CA-6404-47DC-AA44-CA46CFE86C6F}"= TCP:c:\program files\BitTorrent_DNA\dna.exe:BitTorrent DNA
"TCP Query User{EC185DCC-5F9D-4A17-AC8F-C22058AFB2C6}c:\\users\\jeffandmom\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\users\jeffandmom\program files\bittorrent\bittorrent.exe:bittorrent.exe
"UDP Query User{EF017CC1-AA8C-470E-818B-B94E53DDF341}c:\\users\\jeffandmom\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\users\jeffandmom\program files\bittorrent\bittorrent.exe:bittorrent.exe
"TCP Query User{2C30FE43-5885-4432-9C6A-5C1304483211}c:\\users\\jeffandmom\\program files\\bittorrent_dna\\dna.exe"= UDP:c:\users\jeffandmom\program files\bittorrent_dna\dna.exe:dna.exe
"UDP Query User{87858FAD-BB85-4647-8BAB-19A30257510B}c:\\users\\jeffandmom\\program files\\bittorrent_dna\\dna.exe"= TCP:c:\users\jeffandmom\program files\bittorrent_dna\dna.exe:dna.exe
"{B766EDBB-17DC-45F4-B0B6-2675A6AEE9AA}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{096035EE-C61B-4CA5-8159-D47F80B13720}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{524E00AF-11ED-4B19-9D99-111C2B612F6F}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{BDC5A94C-D7AA-4B8C-92C4-249EA6779E6D}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{4A3A4C3F-639B-4A1B-8B64-D45A9F0F8CCC}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{0AA9915C-6298-4CF6-A6AA-35F53C27D723}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{1BBD6D94-7589-47E1-A491-C8FAFF73A663}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [03/02/2009 4:53 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [03/02/2009 4:53 PM 108552]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://en.wikipedia.org/wiki/Main_Page
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: avon.ca\avon
Trusted Zone: avon.com\ca2
Trusted Zone: avon.com\www.ca
Trusted Zone: care2.com
Trusted Zone: care2.com\mail
Trusted Zone: care2.com\stopglobalwarming
Trusted Zone: care2.com\www
Trusted Zone: care2.net\passport
Trusted Zone: ebay.com\signin
Trusted Zone: microsoft.com\update
Trusted Zone: pogo.com
Trusted Zone: terrapass.com\www
Trusted Zone: thepetitionsite.com
Trusted Zone: wikipedia.org\en
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.
- - - - ORPHANS REMOVED - - - -
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 13:33
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pls\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.spx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="YMP.Media"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\progra~1\AVG\AVG8\avgwdsvc.exe
c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
c:\windows\System32\drivers\XAudio.exe
c:\program files\Spybot - Search & Destroy162\SDWinSec.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
c:\combofix\CF28740.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\System32\sdclt.exe
.
**************************************************************************
.
Completion time: 2009-10-19 13:43 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-19 17:42
Pre-Run: 45,895,049,216 bytes free
Post-Run: 45,633,609,728 bytes free
309 --- E O F --- 2009-10-14 03:43
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
