Malwarebytes' Anti-Malware 1.21
Database version: 966
Windows 6.0.6001 Service Pack 1

19:29:47 20/07/2008
mbam-log-7-20-2008 (19-29-42).txt

Scan type: Quick Scan
Objects scanned: 35160
Time elapsed: 1 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/puren-gb.dll (Trojan.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\Downloaded Program Files\PURen-gb.dll (Trojan.Agent) -> No action taken.

00000000    0.00000000    MBAMSwissArmy!DispatchDeviceControl:  Invalid volume (\:) in input "\SystemRoot\System32\smss.exe"    
00000001    1.12942934    KTM:  TmRollbackTransaction for tx 855642c0    
00000002    4.13805151    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 9142    
00000003    4.13806486    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Default\Local Settings\Application Data" ) failed with status 0xc0000034    
00000004    4.13807392    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Default\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000005    4.15264082    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000006    4.15265656    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed with status 0xc0000034    
00000007    4.15266514    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000008    4.16728783    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc0000034    
00000009    4.16730261    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Local Settings" found in file record 539    
00000010    4.16731071    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Public\Local Settings\Application Data" ) failed with status 0xc0000034    
00000011    4.16731977    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Public\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000012    26.01040840    Index entry record length == 0 triggered    
00000013    26.01984978    Index entry record length == 0 triggered    
00000014    36.01158905    Index entry record length == 0 triggered    
00000015    36.01175690    Index entry record length == 0 triggered    
00000016    36.01191711    Index entry record length == 0 triggered    
00000017    36.01209641    Index entry record length == 0 triggered    
00000018    36.01226425    Index entry record length == 0 triggered    
00000019    36.01243210    Index entry record length == 0 triggered    
00000020    36.01259995    Index entry record length == 0 triggered    
00000021    36.01277161    Index entry record length == 0 triggered    
00000022    36.01293945    Index entry record length == 0 triggered    
00000023    36.01311111    Index entry record length == 0 triggered    
00000024    36.01328278    Index entry record length == 0 triggered    
00000025    36.01345825    Index entry record length == 0 triggered    
00000026    36.01365662    Index entry record length == 0 triggered    
00000027    36.01384354    Index entry record length == 0 triggered    
00000028    36.01403809    Index entry record length == 0 triggered    
00000029    36.01423264    Index entry record length == 0 triggered    
00000030    36.01442337    Index entry record length == 0 triggered    
00000031    36.01462173    Index entry record length == 0 triggered    
00000032    36.01481628    Index entry record length == 0 triggered    
00000033    36.01501846    Index entry record length == 0 triggered    
00000034    36.01521301    Index entry record length == 0 triggered    
00000035    36.01544952    Index entry record length == 0 triggered    
00000036    36.01585007    Index entry record length == 0 triggered    
00000037    36.01615906    Index entry record length == 0 triggered    
00000038    36.01636124    Index entry record length == 0 triggered    
00000039    36.01656342    Index entry record length == 0 triggered    
00000040    36.01675797    Index entry record length == 0 triggered    
00000041    36.01698685    Index entry record length == 0 triggered    
00000042    36.01718140    Index entry record length == 0 triggered    
00000043    36.01737213    Index entry record length == 0 triggered    
00000044    36.01757050    Index entry record length == 0 triggered    
00000045    36.01776505    Index entry record length == 0 triggered    
00000046    36.01795197    Index entry record length == 0 triggered    
00000047    36.01814651    Index entry record length == 0 triggered    
00000048    36.01834106    Index entry record length == 0 triggered    
00000049    36.01852798    Index entry record length == 0 triggered    
00000050    36.01872635    Index entry record length == 0 triggered    
00000051    36.01892090    Index entry record length == 0 triggered    
00000052    36.01913071    Index entry record length == 0 triggered    
00000053    36.01932144    Index entry record length == 0 triggered    
00000054    36.01951218    Index entry record length == 0 triggered    
00000055    36.01971054    Index entry record length == 0 triggered    
00000056    36.01990509    Index entry record length == 0 triggered    
00000057    36.02014542    Index entry record length == 0 triggered    
00000058    36.02035141    Index entry record length == 0 triggered    
00000059    36.02054596    Index entry record length == 0 triggered    
00000060    36.02087784    Index entry record length == 0 triggered    
00000061    36.02106857    Index entry record length == 0 triggered    
00000062    36.02128601    Index entry record length == 0 triggered    
00000063    36.02145386    Index entry record length == 0 triggered    
00000064    36.02162552    Index entry record length == 0 triggered    
00000065    36.02179337    Index entry record length == 0 triggered    
00000066    36.02196503    Index entry record length == 0 triggered    
00000067    36.02212143    Index entry record length == 0 triggered    
00000068    36.04697800    Index entry record length == 0 triggered    
00000069    36.04714966    Index entry record length == 0 triggered    
00000070    36.04732132    Index entry record length == 0 triggered    
00000071    36.04748917    Index entry record length == 0 triggered    
00000072    36.04766083    Index entry record length == 0 triggered    
00000073    36.04783249    Index entry record length == 0 triggered    
00000074    36.04798508    Index entry record length == 0 triggered    
00000075    36.04814529    Index entry record length == 0 triggered    
00000076    36.04831314    Index entry record length == 0 triggered    
00000077    36.04848480    Index entry record length == 0 triggered    
00000078    36.04865265    Index entry record length == 0 triggered    
00000079    36.04882813    Index entry record length == 0 triggered    
00000080    36.04899597    Index entry record length == 0 triggered    
00000081    36.04916763    Index entry record length == 0 triggered    
00000082    36.04933548    Index entry record length == 0 triggered    
00000083    36.04949188    Index entry record length == 0 triggered    
00000084    36.04964828    Index entry record length == 0 triggered    
00000085    36.04981613    Index entry record length == 0 triggered    
00000086    36.04998779    Index entry record length == 0 triggered    
00000087    36.05015945    Index entry record length == 0 triggered    
00000088    36.05032730    Index entry record length == 0 triggered    
00000089    36.05049515    Index entry record length == 0 triggered    
00000090    36.05067062    Index entry record length == 0 triggered    
00000091    36.05084229    Index entry record length == 0 triggered    
00000092    36.05099869    Index entry record length == 0 triggered    
00000093    36.05115891    Index entry record length == 0 triggered    
00000094    36.05132675    Index entry record length == 0 triggered    
00000095    36.05149460    Index entry record length == 0 triggered    
00000096    36.05166245    Index entry record length == 0 triggered    
00000097    36.05183411    Index entry record length == 0 triggered    
00000098    36.05200958    Index entry record length == 0 triggered    
00000099    36.05218506    Index entry record length == 0 triggered    
00000100    36.05235672    Index entry record length == 0 triggered    
00000101    36.05253220    Index entry record length == 0 triggered    
00000102    36.05270004    Index entry record length == 0 triggered    
00000103    36.05287170    Index entry record length == 0 triggered    
00000104    36.05303955    Index entry record length == 0 triggered    
00000105    36.05319595    Index entry record length == 0 triggered    
00000106    36.05335617    Index entry record length == 0 triggered    
00000107    36.05352402    Index entry record length == 0 triggered    
00000108    36.05369186    Index entry record length == 0 triggered    
00000109    36.05385971    Index entry record length == 0 triggered    
00000110    36.05403137    Index entry record length == 0 triggered    
00000111    36.05419922    Index entry record length == 0 triggered    
00000112    36.05437851    Index entry record length == 0 triggered    
00000113    36.05454636    Index entry record length == 0 triggered    
00000114    36.05470276    Index entry record length == 0 triggered    
00000115    36.05486298    Index entry record length == 0 triggered    
00000116    36.05503082    Index entry record length == 0 triggered    
00000117    36.05519867    Index entry record length == 0 triggered    
00000118    36.05537033    Index entry record length == 0 triggered    
00000119    36.05554199    Index entry record length == 0 triggered    
00000120    36.05570984    Index entry record length == 0 triggered    
00000121    36.05587769    Index entry record length == 0 triggered    
00000122    65.31430054    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\COMPONENTS" ):  10485760 bytes supplied, 19922944 bytes required    
00000123    66.09806061    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SOFTWARE" ):  10485760 bytes supplied, 33292288 bytes required    
00000124    66.61573792    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SYSTEM" ):  10485760 bytes supplied, 23068672 bytes required    
00000125    68.82025909    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\hiberfil.sys" ):  10485760 bytes supplied, 1877131264 bytes required    
00000126    68.84171295    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\pagefile.sys" ):  10485760 bytes supplied, -2104025088 bytes required    
00000127    69.56855011    Index entry record length == 0 triggered    
00000128    69.57402802    Index entry record length == 0 triggered    
00000129    71.15454102    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000130    71.15455627    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed with status 0xc0000034    
00000131    71.15456390    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed on query operation with status 0xc0000034    
00000132    71.17510986    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000133    71.17512512    MBAMSwissArmy!ReadNTFSFile:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed with status 0xc0000034    
00000134    71.17514038    MBAMSwissArmy!HandleIoctlReadFile:  ReadFile( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed on query operation with status 0xc0000034

Malwarebytes' Anti-Malware 1.21
Database version: 966
Windows 6.0.6001 Service Pack 1

19:57:14 20/07/2008
mbam-log-7-20-2008 (19-57-08).txt

Scan type: Quick Scan
Objects scanned: 35315
Time elapsed: 1 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\Downloaded Program Files\PURen-gb.dll (Trojan.Agent) -> No action taken.

00000000    0.00000000    KTM:  TmRollbackTransaction for tx b19080e0    
00000001    21.37055779    KTM:  TmRollbackTransaction for tx b19080e0    
00000002    150.46270752    MBAMSwissArmy!DispatchDeviceControl:  Invalid volume (\:) in input "\SystemRoot\System32\smss.exe"    
00000003    151.48446655    KTM:  TmRollbackTransaction for tx 86003bf0    
00000004    154.98028564    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 9142    
00000005    154.98028564    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Default\Local Settings\Application Data" ) failed with status 0xc0000034    
00000006    154.98030090    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Default\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000007    154.99485779    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000008    154.99487305    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed with status 0xc0000034    
00000009    154.99488831    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000010    155.00950623    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc0000034    
00000011    155.00952148    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Local Settings" found in file record 539    
00000012    155.00952148    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Public\Local Settings\Application Data" ) failed with status 0xc0000034    
00000013    155.00953674    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Public\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000014    216.94541931    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\COMPONENTS" ):  10485760 bytes supplied, 19922944 bytes required    
00000015    217.71768188    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SOFTWARE" ):  10485760 bytes supplied, 33292288 bytes required    
00000016    218.24685669    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SYSTEM" ):  10485760 bytes supplied, 23068672 bytes required    
00000017    220.52919006    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\hiberfil.sys" ):  10485760 bytes supplied, 1877131264 bytes required    
00000018    220.55137634    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\pagefile.sys" ):  10485760 bytes supplied, -2104025088 bytes required    
00000019    223.03013611    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000020    223.03016663    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed with status 0xc0000034    
00000021    223.03016663    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed on query operation with status 0xc0000034    
00000022    223.05126953    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000023    223.05130005    MBAMSwissArmy!ReadNTFSFile:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed with status 0xc0000034    
00000024    223.05130005    MBAMSwissArmy!HandleIoctlReadFile:  ReadFile( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed on query operation with status 0xc0000034

Malwarebytes' Anti-Malware 1.21
Database version: 966
Windows 6.0.6001 Service Pack 1

20:12:29 20/07/2008
mbam-log-7-20-2008 (20-12-25).txt

Scan type: Quick Scan
Objects scanned: 35321
Time elapsed: 1 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/puren-gb.dll (Trojan.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\Downloaded Program Files\PURen-gb.dll (Trojan.Agent) -> No action taken.

00000000    0.00000000    KTM:  TmRollbackTransaction for tx 867950a8    
00000001    17.20880127    MBAMSwissArmy!DispatchDeviceControl:  Invalid volume (\:) in input "\SystemRoot\System32\smss.exe"    
00000002    17.86698341    KTM:  TmRollbackTransaction for tx 867950a8    
00000003    21.97016144    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 9142    
00000004    21.97017479    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Default\Local Settings\Application Data" ) failed with status 0xc0000034    
00000005    21.97018433    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Default\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000006    21.98474312    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000007    21.98475838    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed with status 0xc0000034    
00000008    21.98476791    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000009    21.99938774    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc0000034    
00000010    21.99940109    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Local Settings" found in file record 539    
00000011    21.99941063    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Public\Local Settings\Application Data" ) failed with status 0xc0000034    
00000012    21.99942017    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Public\Local Settings\Application Data" ) failed on query operation with status 0xc0000034    
00000013    44.02024078    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc000003e    
00000014    44.02024841    MBAMSwissArmy!QueryNTFSEnumerateLength:  ProcessNTFSIndexData failed with status 0xc000003e    
00000015    44.02025986    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Windows\Fonts" ) failed on query operation with status 0xc000003e    
00000016    52.11055756    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc000003e    
00000017    52.11056519    MBAMSwissArmy!QueryNTFSEnumerateLength:  ProcessNTFSIndexData failed with status 0xc000003e    
00000018    52.11057281    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Windows\system32" ) failed on query operation with status 0xc000003e    
00000019    81.76855469    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\COMPONENTS" ):  10485760 bytes supplied, 19922944 bytes required    
00000020    82.55133820    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SOFTWARE" ):  10485760 bytes supplied, 33292288 bytes required    
00000021    83.00333405    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\Windows\system32\Config\SYSTEM" ):  10485760 bytes supplied, 23068672 bytes required    
00000022    84.87451172    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\hiberfil.sys" ):  10485760 bytes supplied, 1877131264 bytes required    
00000023    84.89613342    MBAMSwissArmy!HandleIoctlReadFile:  Output buffer too small ( "C:\pagefile.sys" ):  10485760 bytes supplied, -2104025088 bytes required    
00000024    85.52275848    MBAMSwissArmy!ProcessNTFSIndexData:  ProcessNTFSAttributeData (INDEX_ALLOCATION) failed with status 0xc000003e    
00000025    85.52277374    MBAMSwissArmy!QueryNTFSEnumerateLength:  ProcessNTFSIndexData failed with status 0xc000003e    
00000026    85.52278137    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Program Files\Mozilla Firefox\Components" ) failed on query operation with status 0xc000003e    
00000027    87.05323029    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000028    87.05324554    MBAMSwissArmy!EnumerateNTFSDirectory:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed with status 0xc0000034    
00000029    87.05325317    MBAMSwissArmy!HandleIoctlEnumerate:  EnumerateDirectory( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer" ) failed on query operation with status 0xc0000034    
00000030    87.07434845    MBAMSwissArmy!GetNTFSIndexEntryByName:  No index entry for "Application Data" found in file record 8946    
00000031    87.07437134    MBAMSwissArmy!ReadNTFSFile:  OpenNTFSFileRecordByName( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed with status 0xc0000034    
00000032    87.07437897    MBAMSwissArmy!HandleIoctlReadFile:  ReadFile( "C:\Users\Little Haze Barn\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT" ) failed on query operation with status 0xc0000034