We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
HELP: Trojan on pc which is now removed but so is AVG
Comments
-
I am here at last!0
-
Can you post attach.txt for me.
It was on of the two logs that were created along with DDS.txt when you first ran DDS.
Ta.0 -
As requested, I hope you can make sense of it!
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 16/12/2006 01:21:21
System Uptime: 11/10/2011 20:17:17 (1 hours ago)
.
Motherboard: ASUSTek Computer INC. | | LEONITE
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Socket 775 | 2800/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 120 GiB total, 67.49 GiB free.
is FIXED (NTFS) - 5 GiB total, 0.002 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7digital Locker 1.1
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe® Photoshop® Album Starter Edition 3.2
Advanced Registry Optimizer
ALOT Toolbar
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.12 (Unicode)
Bonjour
Conduit Engine
Enhanced Multimedia Keyboard Solution
FMS
Google Toolbar for Internet Explorer
Hardware Diagnostic Tools
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Easy Setup - Core
HP Easy Setup - Frontend
HP Picasso Media Center Add-In
HP Update
Intel(R) Matrix Storage Manager
Intel® Viiv™ Software
iTunes
K-Lite Codec Pack 4.1.7 (Standard)
LightScribe 1.4.124.1
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MidiNotate Player for HitTrax
MobileMe Control Panel
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
OcxSetup
OGA Notifier 2.0.0048.0
Python 2.4.3
Realtek High Definition Audio Driver
ResultBar 1.0 build 113
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
TallStick TS-AudioToMIDI 3.30 (remove only)
TranslatorBar 3.2 Toolbar
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2553110)
Virtual Serial Ports Emulator
.
==== Event Viewer Messages From Past Week ========
.
11/10/2011 20:25:06, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/10/2011 20:19:20, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: EterlogicVirtualSerialDriver spldr Wanarpv6
11/10/2011 20:19:20, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/10/2011 20:19:02, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/10/2011 20:18:34, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
11/10/2011 20:18:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/10/2011 20:18:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/10/2011 20:18:08, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
11/10/2011 20:18:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
11/10/2011 20:17:37, Error: Ntfs [137] - The default transaction resource manager on volume encountered a non-retryable error and could not start. The data contains the error code.
11/10/2011 18:50:56, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
11/10/2011 18:50:56, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/10/2011 18:50:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
11/10/2011 18:49:36, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.
11/10/2011 18:49:36, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
11/10/2011 18:49:36, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/10/2011 18:49:36, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/10/2011 18:49:36, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/10/2011 18:48:02, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer HP Deskjet F300 Series 03122009 with shared resource name HP Deskjet F300 Series 03122009. Error 1722. The printer cannot be used by others on the network.
11/10/2011 17:51:12, Error: Service Control Manager [7000] - The AVG Free WatchDog service failed to start due to the following error: AVG Free WatchDog is not a valid Win32 application.
11/10/2011 17:49:46, Error: EventLog [6008] - The previous system shutdown at 17:48:17 on 11/10/2011 was unexpected.
11/10/2011 16:52:04, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: Access is denied.
11/10/2011 16:52:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "5" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
11/10/2011 16:51:58, Error: Service Control Manager [7000] - The Intel(R) Matrix Storage Event Monitor service failed to start due to the following error: Access is denied.
11/10/2011 16:51:58, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: Access is denied.
11/10/2011 16:51:58, Error: Service Control Manager [7000] - The AVG Free WatchDog service failed to start due to the following error: Access is denied.
11/10/2011 16:51:58, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: Access is denied.
09/10/2011 10:26:59, Error: EventLog [6008] - The previous system shutdown at 10:25:02 on 09/10/2011 was unexpected.
04/10/2011 11:12:23, Error: EventLog [6008] - The previous system shutdown at 11:10:02 on 04/10/2011 was unexpected.
.
==== End Of File ===========================0 -
Cheers.
Let me know if you can run Malwarebytes or if it still errors: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."0 -
Let me know if you have any problems with this. I haven't got access to vista at the moment to check it works.
Download this file & save it to your desktop: http://download.sysinternals.com/Files/Junction.zip- Right click Junction.zip and choose extract all...
- When the Compressed Folders Extraction wizard opens, click Next
- Click Browse
- When the "select a destination" dialogue box opens, click Computer > Windows (C:) > Windows > OK
- Back at the Extraction Wizard, click Next.
- Untick "Show Extracted Files" and click Finish
- Press the Windows key + R to open the Run Command.
- Copy and paste the contents of the codebox below into the run box (Don't include Code:), then click OK:
-
cmd /c junction -s c:\ >log.txt&log.txt&del log.txt
- A command window will open. (Agree if prompted)
- Wait until a log file opens in notepad.
- Copy and paste the contents of that file here.
0 -
Let me know if you have any problems with this. I haven't got access to vista at the moment to check it works.
Download this file & save it to your desktop: http://download.sysinternals.com/Files/Junction.zip- Right click Junction.zip and choose extract all...
- When the Compressed Folders Extraction wizard opens, click Next
- Click Browse
- When the "select a destination" dialogue box opens, click Computer > Windows (C:) > Windows > OK
- Back at the Extraction Wizard, click Next.
- Untick "Show Extracted Files" and click Finish
- Press the Windows key + R to open the Run Command.
- Copy and paste the contents of the codebox below into the run box (Don't include Code:), then click OK:
-
cmd /c junction -s c:\ >log.txt&log.txt&del log.txt
- A command window will open. (Agree if prompted)
- Wait until a log file opens in notepad.
- Copy and paste the contents of that file here.
The command window only opened for a split second and disappeared again. The log file has not opened yet. Any idea how long it should take until the log window does open?0 -
Try it this way instead.
- Open notepad
- Copy & paste the contents of the following codebox into notepad (Don't include code:)
@ECHO OFF junction -s c:\ > log.txt start log.txt del %0
- Click File > Save as
- In the box labelled File name type look.bat
- Change Save as type to All Files
- Save it to your desktop
- Close notepad
- On your desktop, double click on look.bat
- Once finished, notepad will open. Copy & Paste the contents here.
0 -
Junction v1.06 - Windows junction creator and reparse point viewer
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - https://www.sysinternals.com
Failed to open \\?\c:\\758d7a387ea1bcfb7fcec03ee437: Access is denied.
Failed to open \\?\c:\\9aba95e8277c2e2e4b16a3: Access is denied.
Failed to open \\?\c:\\b0bc23aa3324e582e6: Access is denied.
Failed to open \\?\c:\\ba69323f8f18ecf555d89a: Access is denied.
Failed to open \\?\c:\\bfd715e71e82a97b29de8b3f8f38997b: Access is denied.
Failed to open \\?\c:\\dcbc95a670fed51556ed5c4943: Access is denied.
\\?\c:\\Documents and Settings: JUNCTION
Print Name : C:\Users
Substitute Name: C:\Users
Failed to open \\?\c:\\e038d7c4c5872dc809: Access is denied.
Failed to open \\?\c:\\f25b872eb84b436f848855: Access is denied.
Failed to open \\?\c:\\f85b2655df28107e6a: Access is denied.
Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.
Failed to open \\?\c:\\MSOCache: Access is denied.
Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.
Failed to open \\?\c:\\PerfLogs: Access is denied.
Failed to open \\?\c:\\System Volume Information: Access is denied.
...
...
...
Failed to open \\?\c:\\Program Files\AVG\AVG9\avgtray.exe: Access is denied.
...
...
...
...
...
...
Failed to open \\?\c:\\Program Files\Malwarebytes' Anti-Malware 11 October 2011 JOE\mbam.exe: Access is denied.
...
...
...
.
Failed to open \\?\c:\\Program Files\PC-Doctor 5 for Windows\Configuration\config.xml: Access is denied.
..
...\\?\c:\\ProgramData\Application Data: JUNCTION
Print Name : C:\ProgramData
Substitute Name: C:\ProgramData
\\?\c:\\ProgramData\Desktop: JUNCTION
Print Name : C:\Users\Public\Desktop
Substitute Name: C:\Users\Public\Desktop
\\?\c:\\ProgramData\Documents: JUNCTION
Print Name : C:\Users\Public\Documents
Substitute Name: C:\Users\Public\Documents
\\?\c:\\ProgramData\Favorites: JUNCTION
Print Name : C:\Users\Public\Favorites
Substitute Name: C:\Users\Public\Favorites
\\?\c:\\ProgramData\Start Menu: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Start Menu
Substitute Name: C:\ProgramData\Microsoft\Windows\Start Menu
\\?\c:\\ProgramData\Templates: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Templates
Substitute Name: C:\ProgramData\Microsoft\Windows\Templates
Failed to open \\?\c:\\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}: Access is denied.
..
Failed to open \\?\c:\\ProgramData\avg9\Temp\file9514.tmp: Access is denied.
Failed to open \\?\c:\\ProgramData\MFAData\msistorg.dat: Access is denied.
.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows Defender: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\S-1-5-18: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4e274167a1a9db90e11bcd04f189e81f_d368d167-70a4-4eb6-8610-7813e18e0fe4: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_d368d167-70a4-4eb6-8610-7813e18e0fe4: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Network\Downloader: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Search\Data\Applications\Windows: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\User Account Pictures\IUSR_NMPR.dat: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report000cabc8: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report02050f8a: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report02208c57: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0281cd5c: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report02e8a968: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report03149fb7: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0380bd93: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0428dbec: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report04b452f0: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0520f037: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06667129: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report06b8c254: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08129a0d: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0876c9a5: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report088b840d: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0896447e: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08a278d7: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report09d29e9f: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0b9fe7c0: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0bf9ec03: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0c8ee13a: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0ca9cc72: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d3235ee: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0d9b694d: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0db22912: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e0df3c0: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0e479201: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0eebb75c: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10274098: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10538c49: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report114c09e9: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report12ca7dc6: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report12ca7df5: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report139bfbac: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13f21e49: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report141e530f: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1455f086: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report154fa027: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report15b0b684: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report15dce214: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1626f881: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report167b9e34: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report170cd26e: Access is denied.
Failed to open \\?\c:\\ProgramData\Microsoft\Windows\WER\ReportQueue\Report17a38cd5: Access is denied.
Failed to open \\?\c:\\Qoobox\BackEnv: Access is denied.
\\?\c:\\Qoobox\Quarantine\C\Windows\$NtUninstallKB10816$\645433307.vir: SYMBOLIC LINK
Print Name : c:\windows\system32\config
Substitute Name: \systemroot\system32\config
\\?\c:\\Users\All Users: SYMBOLIC LINK
Print Name : C:\ProgramData
Substitute Name: \??\C:\ProgramData
\\?\c:\\Users\Default User: JUNCTION
Print Name : C:\Users\Default
Substitute Name: C:\Users\Default
Failed to open \\?\c:\\Users\IUSR_NMPR: Access is denied.
\\?\c:\\Users\All Users\Application Data: JUNCTION
Print Name : C:\ProgramData
Substitute Name: C:\ProgramData
\\?\c:\\Users\All Users\Desktop: JUNCTION
Print Name : C:\Users\Public\Desktop
Substitute Name: C:\Users\Public\Desktop
\\?\c:\\Users\All Users\Documents: JUNCTION
Print Name : C:\Users\Public\Documents
Substitute Name: C:\Users\Public\Documents
\\?\c:\\Users\All Users\Favorites: JUNCTION
Print Name : C:\Users\Public\Favorites
Substitute Name: C:\Users\Public\Favorites
\\?\c:\\Users\All Users\Start Menu: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Start Menu
Substitute Name: C:\ProgramData\Microsoft\Windows\Start Menu
\\?\c:\\Users\All Users\Templates: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Templates
Substitute Name: C:\ProgramData\Microsoft\Windows\Templates
Failed to open \\?\c:\\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521}: Access is denied.
...
Failed to open \\?\c:\\Users\All Users\avg9\Temp\file9514.tmp: Access is denied.
Failed to open \\?\c:\\Users\All Users\MFAData\msistorg.dat: Access is denied.0 -
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows Defender: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\S-1-5-18: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\4e274167a1a9db90e11bcd04f189e81f_d368d167-70a4-4eb6-8610-7813e18e0fe4: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_d368d167-70a4-4eb6-8610-7813e18e0fe4: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Network\Downloader: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Search\Data\Applications\Windows: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Search\Data\Temp\usgthrsvc: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\User Account Pictures\IUSR_NMPR.dat: Access is denied.
.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report000cabc8: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report02050f8a: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report02208c57: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0281cd5c: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report02e8a968: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report03149fb7: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0380bd93: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0428dbec: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report04b452f0: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0520f037: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report06667129: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report06b8c254: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report08129a0d: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0876c9a5: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report088b840d: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0896447e: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report08a278d7: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report09d29e9f: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0b9fe7c0: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0bf9ec03: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0c8ee13a: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0ca9cc72: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0d3235ee: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0d9b694d: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0db22912: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0e0df3c0: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0e479201: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report0eebb75c: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report10274098: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report10538c49: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report114c09e9: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report12ca7dc6: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report12ca7df5: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report139bfbac: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report13f21e49: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report141e530f: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report1455f086: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report154fa027: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report15b0b684: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report15dce214: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report1626f881: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report167b9e34: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report170cd26e: Access is denied.
Failed to open \\?\c:\\Users\All Users\Microsoft\Windows\WER\ReportQueue\Report17a38cd5: Access is denied.
\\?\c:\\Users\charley\Application Data: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming
Substitute Name: C:\Users\charley\AppData\Roaming
\\?\c:\\Users\charley\Cookies: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Cookies
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Cookies
\\?\c:\\Users\charley\Local Settings: JUNCTION
Print Name : C:\Users\charley\AppData\Local
Substitute Name: C:\Users\charley\AppData\Local
\\?\c:\\Users\charley\My Documents: JUNCTION
Print Name : C:\Users\charley\Documents
Substitute Name: C:\Users\charley\Documents
\\?\c:\\Users\charley\NetHood: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Network Shortcuts
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Network Shortcuts
\\?\c:\\Users\charley\PrintHood: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
\\?\c:\\Users\charley\Recent: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Recent
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Recent
\\?\c:\\Users\charley\SendTo: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\SendTo
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\SendTo
\\?\c:\\Users\charley\Start Menu: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Start Menu
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Start Menu
\\?\c:\\Users\charley\Templates: JUNCTION
Print Name : C:\Users\charley\AppData\Roaming\Microsoft\Windows\Templates
Substitute Name: C:\Users\charley\AppData\Roaming\Microsoft\Windows\Templates
\\?\c:\\Users\charley\AppData\Local\Application Data: JUNCTION
Print Name : C:\Users\charley\AppData\Local
Substitute Name: C:\Users\charley\AppData\Local
\\?\c:\\Users\charley\AppData\Local\History: JUNCTION
Print Name : C:\Users\charley\AppData\Local\Microsoft\Windows\History
Substitute Name: C:\Users\charley\AppData\Local\Microsoft\Windows\History
\\?\c:\\Users\charley\AppData\Local\Temporary Internet Files: JUNCTION
Print Name : C:\Users\charley\AppData\Local\Microsoft\Windows\Temporary Internet Files
Substitute Name: C:\Users\charley\AppData\Local\Microsoft\Windows\Temporary Internet Files
..
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
\\?\c:\\Users\charley\Documents\My Music: JUNCTION
Print Name : C:\Users\charley\Music
Substitute Name: C:\Users\charley\Music
\\?\c:\\Users\charley\Documents\My Pictures: JUNCTION
Print Name : C:\Users\charley\Pictures
Substitute Name: C:\Users\charley\Pictures
\\?\c:\\Users\charley\Documents\My Videos: JUNCTION
Print Name : C:\Users\charley\Videos
Substitute Name: C:\Users\charley\Videos
...
\\?\c:\\Users\Default\Application Data: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming
Substitute Name: C:\Users\Default\AppData\Roaming
\\?\c:\\Users\Default\Local Settings: JUNCTION
Print Name : C:\Users\Default\AppData\Local
Substitute Name: C:\Users\Default\AppData\Local
\\?\c:\\Users\Default\My Documents: JUNCTION
Print Name : C:\Users\Default\Documents
Substitute Name: C:\Users\Default\Documents
\\?\c:\\Users\Default\NetHood: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
\\?\c:\\Users\Default\PrintHood: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
\\?\c:\\Users\Default\Recent: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
\\?\c:\\Users\Default\SendTo: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
\\?\c:\\Users\Default\Start Menu: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
\\?\c:\\Users\Default\Templates: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
\\?\c:\\Users\Default\AppData\Local\Application Data: JUNCTION
Print Name : C:\Users\Default\AppData\Local
Substitute Name: C:\Users\Default\AppData\Local
\\?\c:\\Users\Default\AppData\Local\History: JUNCTION
Print Name : C:\Users\Default\AppData\Local\Microsoft\Windows\History
Substitute Name: C:\Users\Default\AppData\Local\Microsoft\Windows\History
\\?\c:\\Users\Default\AppData\Local\Temporary Internet Files: JUNCTION
Print Name : C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
Substitute Name: C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
\\?\c:\\Users\Default\Documents\My Music: JUNCTION
Print Name : C:\Users\Default\Music
Substitute Name: C:\Users\Default\Music0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.2K Banking & Borrowing
- 252.8K Reduce Debt & Boost Income
- 453.2K Spending & Discounts
- 243.2K Work, Benefits & Business
- 597.6K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards