browser redirect problem- need help!!

[mfarnand]

I have read all posts and followed the READ ME FIRST instructions, but still I am having problems with my browser being redirected. I am attaching the MGTools file. I hope that tips you off as to what is going on in my PC. I anxiously await your suggestions on how to proceed!

[chaslang]

Welcome to Major Geeks!

Quote:

Originally Posted by mfarnand

I have read all posts and followed the READ ME FIRST instructions

You need to attach the requested logs from Malwarebytes and SUPERAntiSpyware. For example, each of the below files need to be attached:

C:\Users\Farnand Parents Only\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\SUPERAntiSpyware Scan Log - 10-28-2010 - 02-15-30.log
C:\Users\Farnand Parents Only\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-24 (01-20-39).txt
C:\Users\Farnand Parents Only\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-10-26 (13-53-15).txt

Also do the below.


Download TDSSKiller from Kaspersky to your directly onto your Desktop

• Now double click the TDSSkiller.exe file to run it ( if using Vista or Windows 7 do not double click on it but rather, right click and select Run As Administrartor. )
• Allow the application to run if prompted by Windows or any security programs you have installed
• It will start the scan and run rather quickly and will notify you of whether anything is found or not.
• Follow the instructions to delete/quarantine if asks you what to do when if finds something.
• Whether an infection is found or not, a log file should be created on your C: drive ( or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )

Then uninstall McAfee Security Scan Plus since you have Norton Internet Security installed.

Also uninstall Java(TM) SE Runtime Environment 6 and install the current version as requested in the READ & RUN ME.

[mfarnand]

OK, I believe I have attached the scan logs you need- I ran the full scans (vs quick scans) and the Malwarebytes and SuperAntiSpyware each took two hours- so hopefully they show something of value. The only thing either found was 21 cookies on SuperAntiSpyware, so whatever is redirecting my browser isn't obvious.
I really appreciate your willingness to help with this problem. I hope you can solve the puzzle!
Maureen

[chaslang]

Quote:

Originally Posted by mfarnand

OK, I believe I have attached the scan logs you need- I ran the full scans (vs quick scans) and the Malwarebytes and SuperAntiSpyware

I'm sorry but I did not ask you to run new scans. You need to attach the logs I requested in my last message from previous scans so I can see what we being found. I asked for 3 logs ( 1 from SUPERAntiSpyware and 2 from Malwarebytes )


Also since there are many new infections that manage to get themselves into router hardware, if you have a router hooked up then you need to follow the instructions for your hardware and reset it to factory default settings. Normally there is a recessed push button type switch that needs to be held down for some number of seconds to do this. After resetting to factory defaults on your router, you will need to reconfigure the router for your network if you have made any changes to the default network setup.

[mfarnand]

Quote:

Originally Posted by chaslang

I'm sorry but I did not ask you to run new scans. You need to attach the logs I requested in my last message from previous scans so I can see what we being found. I asked for 3 logs ( 1 from SUPERAntiSpyware and 2 from Malwarebytes )


Also since there are many new infections that manage to get themselves into router hardware, if you have a router hooked up then you need to follow the instructions for your hardware and reset it to factory default settings. Normally there is a recessed push button type switch that needs to be held down for some number of seconds to do this. After resetting to factory defaults on your router, you will need to reconfigure the router for your network if you have made any changes to the default network setup.

Boy, and here I thought I was doing you one better by running those new full scans. Goes to show you what I know...
Well I attached the original files this time, so hopefully that will give you the information you need. I will also take care of the router on our end. I don't believe we deviated from the factory settings, but just in case I will reset it.
thanks again, and let me know the next step!
Maureen

[chaslang]

Quote:

Originally Posted by mfarnand

I don't believe we deviated from the factory settings, but just in case I will reset it.

You must be misreading what I said. It is not you that changes it. It is the malware. That is why it has to be reset back to factory defaults. Sometimes the a firmware update/reinstall is even necessary.

After doing this to your router, reboot your PC and see if anything changes as far as the redirects are concerned.

[mfarnand]

Quote:

Originally Posted by mfarnand

I have read all posts and followed the READ ME FIRST instructions, but still I am having problems with my browser being redirected. I am attaching the MGTools file. I hope that tips you off as to what is going on in my PC. I anxiously await your suggestions on how to proceed!

Well that was weird.... when I reset the router and restarted my PC I got this pop-up that a trial version of 'Advanced Registry Optimizer' found errors on my system and don't I want to run a complete scan to get rid of them? Now I don't know if that is at all related to the various scanning and Malware remover tools I have downloaded on my PC or if it is yet another virus just waiting for me to 'say yes' to, and by now I am so paranoid I didn't even want to hit the 'close' or 'No' option- I shut it down with Task Manager.
Just thought that was strange....
Maureen

[mfarnand]

Quote:

Originally Posted by mfarnand

Well that was weird.... when I reset the router and restarted my PC I got this pop-up that a trial version of 'Advanced Registry Optimizer' found errors on my system and don't I want to run a complete scan to get rid of them? Now I don't know if that is at all related to the various scanning and Malware remover tools I have downloaded on my PC or if it is yet another virus just waiting for me to 'say yes' to, and by now I am so paranoid I didn't even want to hit the 'close' or 'No' option- I shut it down with Task Manager.
Just thought that was strange....
Maureen

oh, and I guess I should have mentioned.... the redirects are still happening.

[chaslang]

Please also download MBRCheck to your desktop

• Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

Also download Win32kDiag from any of the following three locations and save it to your Desktop.

• Download Win32kDiag (Win32kDiag.exe)
• Download Win32kDiag (Win32kDiag.exe)
• Download Win32kDiag (Win32kDiag.exe)

Now Double-click Win32kDiag.exe to run Win32kDiag and let it finish.

• When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
• Now attach the Win32kDiag.txt file that will be created on your Desktop

[chaslang]

Almost forgot!! One more scan I want to get the log from.



I want to run a scan with RootKit Unhooker

• Please Download Rootkit Unhooker Save it to your desktop.
• Now double-click on RKUnhookerLE.exe to run it.
• Click the Report tab, then click Scan.
• Check (Tick) Drivers, Stealth. Uncheck the rest. then Click OK.
• Wait till the scanner has finished and then click File, Save Report.
• Save the report somewhere where you can find it. Click Close.

Attach the log from RootKitUnhooker to your next message.

Note: You may get a warning like below. It is ok, just ignore it.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

[chaslang]

One more question I need to ask.

Please open up Windows Device Manager and see if you have this device [cmz vmkd]




The name of the device may be slightly different than [cmz vmkd]

If you find this, right click on it and select Disable.

[mfarnand]

OK, so this is where I am...
1. I do not have any device in Device Manager that even remotely resembles [cmz vmkd]
2. When I try to run the RKUnhooker program I get the following error:
Error loading driver, NTSTATUS code: 0xC000036B
3. The other two programs downloaded and ran what I think is successfully and I have attached their log files.

thanks again for your help,
Maureen

[chaslang]

Okay now we will run Win32Kdiag via a different way which will attempt to fix some problems.


Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.

"%userprofile%\desktop\win32kdiag.exe" -f -r

When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

[chaslang]

I also want you to run another tool from Microsoft ( formerly SysInternals ).

• Please download Junction.zip and save it to your root folder (C:\Junction.zip)
• Unzip it and put junction.exe in the root folder (C:\junction.exe)
• Now click Start => Run... => Copy and paste the following command in the run box and click OK:

  cmd /c junction -s c:\ >C:\log.txt
  

• A command prompt window opens and also a license agreement from SysInternals will appear.
• Accept the license agreement and the scan will begin.
• Wait until a log file opens. Attach this C:\log.txt when it finishes (the command prompt window will close when it finishes).
• NOTE: It scans your whole hard disk so if can take a long time. Be patient and don't do anything else while it is scanning.

[mfarnand]

Quote:

Originally Posted by chaslang

Okay now we will run Win32Kdiag via a different way which will attempt to fix some problems.


Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.

"%userprofile%\desktop\win32kdiag.exe" -f -r

When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

Here goes... (it is a beast)

Running from: C:\Users\Farnand Parents Only\Desktop\win32kdiag.exe

Log file at : C:\Users\Farnand Parents Only\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Cannot access: C:\Windows\assembly\GAC_32\Desktop.ini

[1] 2006-11-02 11:30:40 227 C:\Windows\assembly\Desktop.ini ()

[1] 2010-11-02 17:58:09 27648 C:\Windows\assembly\GAC_32\Desktop.ini ()

[1] 2010-11-02 17:58:09 37376 C:\Windows\assembly\GAC_64\Desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\Downloaded Program Files\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\Fonts\desktop.ini ()

[1] 2006-09-18 17:43:26 2480 C:\Windows\Media\Desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\Offline Web Pages\desktop.ini ()

[1] 2008-11-28 04:50:45 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-11-28 04:50:45 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JZ05IXA\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNNCXWA1\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KMXBXXQF\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB2YWOSJ\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2009-12-10 22:39:38 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3MOEWXQU\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\4VFH4CT2\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TXTFZOIT\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\VS5F72KS\desktop.ini ()

[1] 2009-05-05 21:49:36 6 C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini ()

[1] 2010-06-30 16:01:53 145 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2010-06-30 16:01:53 145 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D7Y8QX4R\desktop.ini ()

[1] 2010-06-30 16:01:52 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0QGANKM\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNXP4CEM\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VE0PM1EJ\desktop.ini ()

[1] 2010-06-30 16:01:52 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2009-01-17 18:24:45 6 C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\3868BLXO\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\4HCRJ7WB\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\K1WD427H\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\P85ATZH9\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-01-20 23:20:34 145 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini ()

[1] 2008-01-20 23:20:35 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGFI3ED2\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2006-11-02 11:30:52 6 C:\Windows\System32\config\systemprofile\AppData\LocalLow\desktop.ini ()

[1] 2006-11-02 11:30:39 6 C:\Windows\System32\config\systemprofile\AppData\Roaming\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\desktop.ini ()

[1] 2010-10-22 22:28:19 95 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\desktop.ini ()

[1] 2010-10-22 22:28:19 146 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini ()

[1] 2010-09-29 21:01:52 432 C:\Windows\System32\config\systemprofile\Contacts\desktop.ini ()

[1] 2010-10-22 22:26:03 402 C:\Windows\System32\config\systemprofile\Favorites\desktop.ini ()

[1] 2010-10-22 22:28:25 80 C:\Windows\System32\config\systemprofile\Favorites\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\System32\config\systemprofile\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\System32\config\systemprofile\Saved Games\desktop.ini ()

[1] 2010-09-29 21:01:52 278 C:\Windows\System32\config\systemprofile\Searches\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\3868BLXO\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\4HCRJ7WB\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\K1WD427H\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\P85ATZH9\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-01-20 23:20:34 145 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini ()

[1] 2008-01-20 23:20:35 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGFI3ED2\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2006-11-02 11:30:52 6 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\desktop.ini ()

[1] 2006-11-02 11:30:39 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\desktop.ini ()

[1] 2010-10-22 22:28:19 95 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\desktop.ini ()

[1] 2010-10-22 22:28:19 146 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini ()

[1] 2010-09-29 21:01:52 432 C:\Windows\SysWOW64\config\systemprofile\Contacts\desktop.ini ()

[1] 2010-10-22 22:26:03 402 C:\Windows\SysWOW64\config\systemprofile\Favorites\desktop.ini ()

[1] 2010-10-22 22:28:25 80 C:\Windows\SysWOW64\config\systemprofile\Favorites\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\SysWOW64\config\systemprofile\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\SysWOW64\config\systemprofile\Saved Games\desktop.ini ()

[1] 2010-09-29 21:01:52 278 C:\Windows\SysWOW64\config\systemprofile\Searches\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.0.6001.18000_none_faa43406abfabc54\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.0.6002.18005_none_fc8fad12a91c87a0\desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16651_none_9c039c9a7c9b86cc\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16721_none_9c240e447c833020\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_9beefef27caad52c\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16917_none_9c34e3b87c75a687\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20788_none_9c73cba795cb2bca\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20885_none_9c70ccaf95cddcec\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_9ca00f6d95a9cfab\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.21117_none_9cbe58a595937993\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18000_none_9e1eea92799a72b1\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18032_none_9e007b6279b0f932\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18112_none_9e161d2079a0be77\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_9de30e6279c69631\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18320_none_9e09506c79aaa208\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18461_none_9ddf12ec79ca284a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18520_none_9e09543879aa9c56\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22132_none_9e8a182d92ce98fc\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22233_none_9e8b1a5d92cdaf7a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_9e503c9192f8ef2a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22509_none_9eb1918f92afeb26\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22672_none_9e5ee1fb92eefa83\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22750_none_9e72832592e08d1a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18005_none_a00a639e76bc3dfd\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18101_none_a006645c76bfd5c8\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18179_none_9fc2b73876f16417\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18244_none_9fde277076dd8eb8\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18301_none_a006682876bfd016\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22213_none_a08731cf8fe3c431\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22303_none_a09203a18fdba567\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22384_none_a03c848b901b9e46\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22475_none_a04856a7901298d3\Desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16830_none_913e5911cf724417\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16851_none_9129b983cf819550\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16890_none_90fd7989cfa2ebbd\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21023_none_91d59ec8e8854737\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21046_none_91c2ffcee892cb1e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21089_none_919ac0fce8b086e7\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18000_none_934503afcc8086e7\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18226_none_9335695fcc8b5121\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18248_none_9321ca1bcc99bbb1\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18294_none_92e7b957ccc5e20a\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22389_none_93812780e5d6e496\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22418_none_93cbd890e59f04cf\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22475_none_9387f82ae5d26070\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6002.18005_none_95307cbbc9a25233\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_76302609e24bf744\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18813_none_7626584de25329b3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_762089d3e256c457\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18865_none_75f24945e279e816\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18882_none_75d9a88fe28cd3f3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18904_none_76322a69e24a2440\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18928_none_76208bb9e256c17e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18943_none_7605ea6fe26b7aad\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18975_none_75e77b3fe282012e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22903_none_76bac504fb68ad8c\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_76b4f68afb6c4830\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22956_none_7687b646fb8e8546\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22973_none_766f1590fba17123\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22995_none_765b764cfbafdbb3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23019_none_76b5cef6fb6b94c9\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23040_none_768c5c98fb8c048d\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23067_none_767dbec6fb95edd0\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_bd4a7e7c0a1701cb\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_bf35f7880738cd17\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_a035a0d61fe27228\desktop.ini ()

[1] 2006-11-02 11:02:11 645 C:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_4d76c90c0812a431\Desktop.ini ()

[1] 2006-11-02 11:02:11 645 C:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_4f62421805346f7d\Desktop.ini ()

[1] 2006-11-02 11:05:17 322 C:\Windows\winsxs\amd64_microsoft-windows-moviesamples_31bf3856ad364e35_6.0.6000.16386_none_8e83937253e03817\desktop.ini ()

[1] 2006-11-02 11:04:25 702 C:\Windows\winsxs\amd64_microsoft-windows-musicsamples_31bf3856ad364e35_6.0.6000.16386_none_043c39ea6d9a42f6\desktop.ini ()

[1] 2006-11-02 11:01:45 906 C:\Windows\winsxs\amd64_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_f160f6463d419c79\desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\winsxs\amd64_microsoft-windows-s..i-accessibilityuser_31bf3856ad364e35_6.0.6000.16386_none_bd2c5389c42f60bd\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..i-extrasandupgrades_31bf3856ad364e35_6.0.6000.16386_none_09e3a6f16c11592d\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-accessoriesuser_31bf3856ad364e35_6.0.6000.16386_none_7dec073dcf98212b\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-maintenanceuser_31bf3856ad364e35_6.0.6000.16386_none_5fef799411517542\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-systemtoolsuser_31bf3856ad364e35_6.0.6000.16386_none_7a9387469ef9d813\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-accessories_31bf3856ad364e35_6.0.6000.16386_none_45fef56c74dc3dfa\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-maintenance_31bf3856ad364e35_6.0.6000.16386_none_b8820d8458997423\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-systemtools_31bf3856ad364e35_6.0.6000.16386_none_d8551a2143164d12\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\winsxs\amd64_microsoft-windows-s..opini-accessibility_31bf3856ad364e35_6.0.6000.16386_none_3453368938bb0338\Desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\winsxs\amd64_microsoft-windows-s..sktopini-sendtouser_31bf3856ad364e35_6.0.6000.16386_none_622c6b094f8b1f58\Desktop.ini ()

[1] 2006-09-18 17:43:26 2480 C:\Windows\winsxs\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_6.0.6000.16386_none_70fa55ba70fbf789\Desktop.ini ()

[1] 2006-11-02 11:04:06 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_73d023d55cf5a71b\Desktop.ini ()

[1] 2006-11-02 11:04:06 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18005_none_75bb9ce15a177267\Desktop.ini ()

[1] 2006-11-02 11:04:10 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-stickynotes_31bf3856ad364e35_6.0.6000.16386_none_6ccb85afefd52f98\Desktop.ini ()

[1] 2006-11-02 11:04:27 183 C:\Windows\winsxs\amd64_microsoft-windows-videosamples_31bf3856ad364e35_6.0.6000.16386_none_4f9506e3d1c509b8\desktop.ini ()

[1] 2006-11-02 11:02:25 645 C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\Desktop.ini ()

[1] 2006-11-02 11:02:25 645 C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\Desktop.ini ()



Cannot access: C:\Windows\assembly\GAC_64\Desktop.ini

[1] 2006-11-02 11:30:40 227 C:\Windows\assembly\Desktop.ini ()

[1] 2010-11-02 17:58:09 27648 C:\Windows\assembly\GAC_32\Desktop.ini ()

[1] 2010-11-02 17:58:09 37376 C:\Windows\assembly\GAC_64\Desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\Downloaded Program Files\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\Fonts\desktop.ini ()

[1] 2006-09-18 17:43:26 2480 C:\Windows\Media\Desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\Offline Web Pages\desktop.ini ()

[1] 2008-11-28 04:50:45 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-11-28 04:50:45 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6JZ05IXA\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNNCXWA1\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KMXBXXQF\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OB2YWOSJ\desktop.ini ()

[1] 2008-11-28 04:50:45 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2009-12-10 22:39:38 145 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3MOEWXQU\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\4VFH4CT2\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\TXTFZOIT\desktop.ini ()

[1] 2009-12-10 22:39:38 67 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\VS5F72KS\desktop.ini ()

[1] 2009-05-05 21:49:36 6 C:\Windows\ServiceProfiles\LocalService\AppData\LocalLow\desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini ()

[1] 2010-06-30 16:01:53 145 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2010-06-30 16:01:53 145 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D7Y8QX4R\desktop.ini ()

[1] 2010-06-30 16:01:52 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0QGANKM\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNXP4CEM\desktop.ini ()

[1] 2010-06-30 16:01:53 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VE0PM1EJ\desktop.ini ()

[1] 2010-06-30 16:01:52 67 C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2009-01-17 18:24:45 6 C:\Windows\ServiceProfiles\NetworkService\AppData\LocalLow\desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\3868BLXO\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\4HCRJ7WB\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\K1WD427H\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\P85ATZH9\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-01-20 23:20:34 145 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini ()

[1] 2008-01-20 23:20:35 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGFI3ED2\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2006-11-02 11:30:52 6 C:\Windows\System32\config\systemprofile\AppData\LocalLow\desktop.ini ()

[1] 2006-11-02 11:30:39 6 C:\Windows\System32\config\systemprofile\AppData\Roaming\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\desktop.ini ()

[1] 2010-10-22 22:28:19 95 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\desktop.ini ()

[1] 2010-10-22 22:28:19 146 C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini ()

[1] 2010-09-29 21:01:52 432 C:\Windows\System32\config\systemprofile\Contacts\desktop.ini ()

[1] 2010-10-22 22:26:03 402 C:\Windows\System32\config\systemprofile\Favorites\desktop.ini ()

[1] 2010-10-22 22:28:25 80 C:\Windows\System32\config\systemprofile\Favorites\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\System32\config\systemprofile\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\System32\config\systemprofile\Saved Games\desktop.ini ()

[1] 2010-09-29 21:01:52 278 C:\Windows\System32\config\systemprofile\Searches\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\3868BLXO\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\4HCRJ7WB\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\K1WD427H\desktop.ini ()

[1] 2010-10-22 22:28:22 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Feeds Cache\P85ATZH9\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\desktop.ini ()

[1] 2008-01-20 23:20:34 145 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2U9M35IT\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini ()

[1] 2008-01-20 23:20:35 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGFI3ED2\desktop.ini ()

[1] 2008-01-20 23:20:34 67 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHXXFROW\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini ()

[1] 2006-11-02 11:30:52 6 C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\desktop.ini ()

[1] 2006-11-02 11:30:39 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\desktop.ini ()

[1] 2008-01-20 23:20:34 6 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\desktop.ini ()

[1] 2010-10-22 22:28:19 95 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\desktop.ini ()

[1] 2010-10-22 22:28:19 146 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini ()

[1] 2010-09-29 21:01:52 432 C:\Windows\SysWOW64\config\systemprofile\Contacts\desktop.ini ()

[1] 2010-10-22 22:26:03 402 C:\Windows\SysWOW64\config\systemprofile\Favorites\desktop.ini ()

[1] 2010-10-22 22:28:25 80 C:\Windows\SysWOW64\config\systemprofile\Favorites\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\SysWOW64\config\systemprofile\Links\desktop.ini ()

[1] 2010-09-29 21:01:52 282 C:\Windows\SysWOW64\config\systemprofile\Saved Games\desktop.ini ()

[1] 2010-09-29 21:01:52 278 C:\Windows\SysWOW64\config\systemprofile\Searches\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.0.6001.18000_none_faa43406abfabc54\desktop.ini ()

[1] 2006-09-18 17:35:48 65 C:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.0.6002.18005_none_fc8fad12a91c87a0\desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16651_none_9c039c9a7c9b86cc\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16721_none_9c240e447c833020\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16772_none_9beefef27caad52c\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16917_none_9c34e3b87c75a687\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20788_none_9c73cba795cb2bca\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20885_none_9c70ccaf95cddcec\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20949_none_9ca00f6d95a9cfab\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.21117_none_9cbe58a595937993\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18000_none_9e1eea92799a72b1\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18032_none_9e007b6279b0f932\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18112_none_9e161d2079a0be77\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18165_none_9de30e6279c69631\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18320_none_9e09506c79aaa208\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18461_none_9ddf12ec79ca284a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.18520_none_9e09543879aa9c56\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22132_none_9e8a182d92ce98fc\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22233_none_9e8b1a5d92cdaf7a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22299_none_9e503c9192f8ef2a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22509_none_9eb1918f92afeb26\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22672_none_9e5ee1fb92eefa83\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6001.22750_none_9e72832592e08d1a\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18005_none_a00a639e76bc3dfd\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18101_none_a006645c76bfd5c8\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18179_none_9fc2b73876f16417\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18244_none_9fde277076dd8eb8\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18301_none_a006682876bfd016\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22213_none_a08731cf8fe3c431\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22303_none_a09203a18fdba567\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22384_none_a03c848b901b9e46\Desktop.ini ()

[1] 2006-11-02 11:02:18 629 C:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.22475_none_a04856a7901298d3\Desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16830_none_913e5911cf724417\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16851_none_9129b983cf819550\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16890_none_90fd7989cfa2ebbd\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21023_none_91d59ec8e8854737\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21046_none_91c2ffcee892cb1e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21089_none_919ac0fce8b086e7\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18000_none_934503afcc8086e7\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18226_none_9335695fcc8b5121\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18248_none_9321ca1bcc99bbb1\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18294_none_92e7b957ccc5e20a\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22389_none_93812780e5d6e496\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22418_none_93cbd890e59f04cf\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22475_none_9387f82ae5d26070\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6002.18005_none_95307cbbc9a25233\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_76302609e24bf744\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18813_none_7626584de25329b3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_762089d3e256c457\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18865_none_75f24945e279e816\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18882_none_75d9a88fe28cd3f3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18904_none_76322a69e24a2440\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18928_none_76208bb9e256c17e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18943_none_7605ea6fe26b7aad\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18975_none_75e77b3fe282012e\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22903_none_76bac504fb68ad8c\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_76b4f68afb6c4830\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22956_none_7687b646fb8e8546\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22973_none_766f1590fba17123\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22995_none_765b764cfbafdbb3\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23019_none_76b5cef6fb6b94c9\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23040_none_768c5c98fb8c048d\desktop.ini ()

[1] 2006-09-18 17:24:04 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.23067_none_767dbec6fb95edd0\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6001.18000_none_bd4a7e7c0a1701cb\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_6.0.6002.18005_none_bf35f7880738cd17\desktop.ini ()

[1] 2006-09-18 17:24:26 65 C:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_a035a0d61fe27228\desktop.ini ()

[1] 2006-11-02 11:02:11 645 C:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_4d76c90c0812a431\Desktop.ini ()

[1] 2006-11-02 11:02:11 645 C:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_4f62421805346f7d\Desktop.ini ()

[1] 2006-11-02 11:05:17 322 C:\Windows\winsxs\amd64_microsoft-windows-moviesamples_31bf3856ad364e35_6.0.6000.16386_none_8e83937253e03817\desktop.ini ()

[1] 2006-11-02 11:04:25 702 C:\Windows\winsxs\amd64_microsoft-windows-musicsamples_31bf3856ad364e35_6.0.6000.16386_none_043c39ea6d9a42f6\desktop.ini ()

[1] 2006-11-02 11:01:45 906 C:\Windows\winsxs\amd64_microsoft-windows-photosamples_31bf3856ad364e35_6.0.6000.16386_none_f160f6463d419c79\desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\winsxs\amd64_microsoft-windows-s..i-accessibilityuser_31bf3856ad364e35_6.0.6000.16386_none_bd2c5389c42f60bd\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..i-extrasandupgrades_31bf3856ad364e35_6.0.6000.16386_none_09e3a6f16c11592d\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-accessoriesuser_31bf3856ad364e35_6.0.6000.16386_none_7dec073dcf98212b\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-maintenanceuser_31bf3856ad364e35_6.0.6000.16386_none_5fef799411517542\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ini-systemtoolsuser_31bf3856ad364e35_6.0.6000.16386_none_7a9387469ef9d813\Desktop.ini ()

[1] 2006-09-18 17:27:22 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-accessories_31bf3856ad364e35_6.0.6000.16386_none_45fef56c74dc3dfa\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-maintenance_31bf3856ad364e35_6.0.6000.16386_none_b8820d8458997423\Desktop.ini ()

[1] 2006-09-18 17:27:23 170 C:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-systemtools_31bf3856ad364e35_6.0.6000.16386_none_d8551a2143164d12\Desktop.ini ()

[1] 2006-09-18 17:27:22 166 C:\Windows\winsxs\amd64_microsoft-windows-s..opini-accessibility_31bf3856ad364e35_6.0.6000.16386_none_3453368938bb0338\Desktop.ini ()

[1] 2006-09-18 17:27:23 438 C:\Windows\winsxs\amd64_microsoft-windows-s..sktopini-sendtouser_31bf3856ad364e35_6.0.6000.16386_none_622c6b094f8b1f58\Desktop.ini ()

[1] 2006-09-18 17:43:26 2480 C:\Windows\winsxs\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_6.0.6000.16386_none_70fa55ba70fbf789\Desktop.ini ()

[1] 2006-11-02 11:04:06 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6001.18000_none_73d023d55cf5a71b\Desktop.ini ()

[1] 2006-11-02 11:04:06 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18005_none_75bb9ce15a177267\Desktop.ini ()

[1] 2006-11-02 11:04:10 91 C:\Windows\winsxs\amd64_microsoft-windows-tabletpc-stickynotes_31bf3856ad364e35_6.0.6000.16386_none_6ccb85afefd52f98\Desktop.ini ()

[1] 2006-11-02 11:04:27 183 C:\Windows\winsxs\amd64_microsoft-windows-videosamples_31bf3856ad364e35_6.0.6000.16386_none_4f9506e3d1c509b8\desktop.ini ()

[1] 2006-11-02 11:02:25 645 C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\Desktop.ini ()

[1] 2006-11-02 11:02:25 645 C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\Desktop.ini ()



Cannot access: C:\Windows\bthservsdp.dat

[1] 2010-11-02 17:56:54 12 C:\Windows\bthservsdp.dat ()

[1] 2010-10-22 17:36:02 12 C:\System Volume Information\SystemRestore\FRStaging\Windows\bthservsdp.dat ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

[1] 2010-11-02 17:58:09 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl

[1] 2010-11-02 17:57:57 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

[1] 2010-11-02 17:57:57 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl

[1] 2010-11-02 17:57:57 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl ()



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl

[1] 2010-11-02 17:58:12 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl ()





Finished!


Let me know if that does anything for ya'
thanks
Maureen

[mfarnand]

Quote:

Originally Posted by chaslang

I also want you to run another tool from Microsoft ( formerly SysInternals ).

• Please download Junction.zip and save it to your root folder (C:\Junction.zip)
• Unzip it and put junction.exe in the root folder (C:\junction.exe)
• Now click Start => Run... => Copy and paste the following command in the run box and click OK:

  cmd /c junction -s c:\ >C:\log.txt
  

• A command prompt window opens and also a license agreement from SysInternals will appear.
• Accept the license agreement and the scan will begin.
• Wait until a log file opens. Attach this C:\log.txt when it finishes (the command prompt window will close when it finishes).
• NOTE: It scans your whole hard disk so if can take a long time. Be patient and don't do anything else while it is scanning.

Chaslang,
I thought I was on a roll, but when I got to the step where I typed the command in the 'Run' box.... I got nuthin'. No request to accept a license agreement.... just nuthin'. Maybe I screwed something up- but if so, I am not sure what. I created a folder in the C drive called "Junction.zip" and in that folder I saved the Junction.zip file. I opened the file and saved the file "Junction.exe" in a folder also in the C drive called "Junction.exe". Then I went to Start then Run and cut/pasted the command you had in your post. When I got nothing back, I retyped the command from scratch, but once again I got nothing.
Ideas?
thanks
Maureen

[chaslang]

Quote:

Originally Posted by mfarnand

I opened the file and saved the file "Junction.exe" in a folder also in the C drive called "Junction.exe".

No! You need to have Junction.exe directly in the the root folder of the C drive. It must be located at C:\junction.exe The command I gave you will only find junction.exe if it has been extracted from the ZIP file and only if the actual executable file is located at C:\junction.exe

[chaslang]

No matter what the outcome is for trying to run Junction, please continue on with the below.


Download OTL and scan.txt to your Desktop.

• Double click on the OTL icon to run it.
• Make sure all other windows and unnecessary processes are closed.
• Double click inside the Custom Scan box at the bottom
• A window will appear saying Click Ok to load a custom scan from a file or Cancel to cancel
• Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
• Select scan.txt and click Open. Writing will now appear under the Custom Scan box
• Click the Quick Scan button.
• Do not change any settings unless otherwise told to do so.
• The scan wont take long.
• When the scan completes, it will open two notepad windows.OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please attach them to your next message.

[mfarnand]

Quote:

Originally Posted by chaslang

No matter what the outcome is for trying to run Junction, please continue on with the below.


Download OTL and scan.txt to your Desktop.

• Double click on the OTL icon to run it.
• Make sure all other windows and unnecessary processes are closed.
• Double click inside the Custom Scan box at the bottom
• A window will appear saying Click Ok to load a custom scan from a file or Cancel to cancel
• Click the Ok button and navigate to the file scan.txt which we just saved to your desktop
• Select scan.txt and click Open. Writing will now appear under the Custom Scan box
• Click the Quick Scan button.
• Do not change any settings unless otherwise told to do so.
• The scan wont take long.
• When the scan completes, it will open two notepad windows.OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please attach them to your next message.

Chaslang,
OK..... I put the Junction.exe file directly in the C drive.... this time no folder. Then I followed the path Start=> Run=> cmd /c junction -s c:\ >C:\log.txt and still nothing happened.
But I did have no issues with the next step in the process and tried attaching the two log files- OTL. Txt and Extras. Txt. I got an upload error on the OTL log file- The file is huge.... 2.77M- maybe there is a file size limit on upload?
Ideas?
Maureen

[chaslang]

Quote:

Originally Posted by mfarnand

I got an upload error on the OTL log file- The file is huge.... 2.77M- maybe there is a file size limit on upload?

Yes! Please compress it into a ZIP file and attach it. Also do the below.



Run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• C:\MGlogs.zip