[Inactive] Win 7 2012 AntiVirus/fixNCR.reg after problem

MarkYourFace · Dec 14, 2011

OTL Extras logfile created on: 12/14/2011 7:26:37 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mark\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 3.34 Gb Available Physical Memory | 84.47% Memory free
7.90 Gb Paging File | 7.32 Gb Available in Paging File | 92.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585.57 Gb Total Space | 510.54 Gb Free Space | 87.19% Space Free | Partition Type: NTFS

Computer Name: ROARK | User Name: Mark | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2177155-1389372543-4173842260-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{18A6B663-A646-457B-A314-5CF58AECB06A}" = Intel® PROSet/Wireless WiMAX Software
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Intel(R) PROSet/Wireless WiFi Software
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"ProInst" = Intel PROSet Wireless

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play with PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18894D16-5448-4BF9-A128-F7E937322F91}" = OOBE
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}" = Remote Keyboard
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote Keyboard
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B287B75-DF8D-40C8-9620-8E4492C38EF1}" = Webroot Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D531F5A4-18F6-4130-B9A4-9179D6E349FC}" = VAIO Care
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service
"{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}" = Adobe Flash Player 10 ActiveX
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5248E24-F52C-4FD1-B76F-102460BAFD6B}" = VAIO Help and Support
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel(R) Wireless Display
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Application Manager for VAIO" = Application Manager for VAIO
"Digsby" = Digsby
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"splashtop" = VAIO Quick Web Access
"VAIO Messenger" = VAIO Messenger
"VAIO Satisfaction Survey.3.0" = VAIO Satisfaction Survey.
"Webroot Software" = Webroot Software
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2177155-1389372543-4173842260-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"48e4cff94f039634" = Best Buy pc app

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/5/2011 10:34:05 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/5/2011 10:34:05 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 117546

Error - 12/5/2011 10:34:05 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 117546

Error - 12/5/2011 10:34:06 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/5/2011 10:34:06 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 118576

Error - 12/5/2011 10:34:06 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 118576

Error - 12/5/2011 10:34:07 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/5/2011 10:34:07 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 119590

Error - 12/5/2011 10:34:07 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 119590

Error - 12/5/2011 10:34:08 PM | Computer Name = Roark | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ System Events ]
Error - 12/14/2011 2:56:43 AM | Computer Name = Roark | Source = ssidrv | ID = 131098
Description = Failed to set monitor event rule.

Error - 12/14/2011 2:56:44 AM | Computer Name = Roark | Source = ssidrv | ID = 462856
Description = NetMon is in invalid state.

Error - 12/14/2011 2:56:44 AM | Computer Name = Roark | Source = ssidrv | ID = 131098
Description = Failed to set monitor event rule.

Error - 12/14/2011 2:56:45 AM | Computer Name = Roark | Source = ssidrv | ID = 462856
Description = NetMon is in invalid state.

Error - 12/14/2011 2:56:45 AM | Computer Name = Roark | Source = ssidrv | ID = 131098
Description = Failed to set monitor event rule.

Error - 12/14/2011 2:56:46 AM | Computer Name = Roark | Source = ssidrv | ID = 462856
Description = NetMon is in invalid state.

Error - 12/14/2011 2:56:46 AM | Computer Name = Roark | Source = ssidrv | ID = 131098
Description = Failed to set monitor event rule.

Error - 12/14/2011 2:56:47 AM | Computer Name = Roark | Source = ssidrv | ID = 462856
Description = NetMon is in invalid state.

Error - 12/14/2011 2:56:47 AM | Computer Name = Roark | Source = ssidrv | ID = 131098
Description = Failed to set monitor event rule.

Error - 12/14/2011 2:56:48 AM | Computer Name = Roark | Source = ssidrv | ID = 462856
Description = NetMon is in invalid state.

< End of report >

MarkYourFace · Dec 14, 2011

Broni said: ↑

I need more details.
What does exactly happen?
Issues with Firefox only?

I try to go to any website on firefox and it stop responding and says that windows isn't responding anymore. This happens when I run any other program or when I right-click. After this happens I can't do anything with my computer anymore so I'm forced to restart it and go to safe mode with networking.

Broni · Dec 14, 2011

I still need a comment to my reply #19.

MarkYourFace · Dec 14, 2011

MarkYourFace said: ↑

I try to go to any website on firefox and it stop responding and says that windows isn't responding anymore. This happens when I run any other program or when I right-click. After this happens I can't do anything with my computer anymore so I'm forced to restart it and go to safe mode with networking.

Broni · Dec 14, 2011

By now I don't really see anything malicious on your computer.

Lets run the following tool. This will help determine which files need permissions restored.

Please download and save Junction.zip

Unzip it and place Junction.exe in the Windows directory (C:\Windows).
Go to Start>Run (Vista and Windows 7 users use "Start search" box).
Copy and paste the following command in the Run box and click OK (Vista and Windows 7 users press "Enter"):

cmd /c junction -s c:\ >log.txt&log.txt& del log.txt

A command window opens starting to scan the system.
Wait until a log file opens.
Copy and paste the log in your next reply.

MarkYourFace · Dec 14, 2011

Junction v1.06 - Windows junction creator and reparse point viewer
Copyright (C) 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com

\\?\c:\\Documents and Settings: JUNCTION
Print Name : C:\Users
Substitute Name: C:\Users

Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.

Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

..\\?\c:\\ProgramData\Application Data: JUNCTION
Print Name : C:\ProgramData
Substitute Name: C:\ProgramData

\\?\c:\\ProgramData\Desktop: JUNCTION
Print Name : C:\Users\Public\Desktop
Substitute Name: C:\Users\Public\Desktop

\\?\c:\\ProgramData\Documents: JUNCTION
Print Name : C:\Users\Public\Documents
Substitute Name: C:\Users\Public\Documents

\\?\c:\\ProgramData\Favorites: JUNCTION
Print Name : C:\Users\Public\Favorites
Substitute Name: C:\Users\Public\Favorites

\\?\c:\\ProgramData\Start Menu: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Start Menu
Substitute Name: C:\ProgramData\Microsoft\Windows\Start Menu

\\?\c:\\ProgramData\Templates: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Templates
Substitute Name: C:\ProgramData\Microsoft\Windows\Templates

.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0a04518656f6c8c2bbb9e9be466a9207_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\0b78f7cd6095cd7e4af97f9ac46f0ba4_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\14b693ad728d3604c45332c6eff6ae6a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\18dc46a4aaa4f0c76c2590d6befe550d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1dedc400c8b47125f378c912f1d5f425_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2b107162169f34e959efb9c998e0c4f1_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\2f8d34837131386f370f3753f2746322_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\331159987ef039d6b8095d7928d60fd5_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3c060d3bde051963c34a1d97cd948297_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\41ba1030cb3a36b3e517ff7c53ae9d36_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\450db45d79c993df7e107ba469cf55d5_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4f3728de35bf6bf63d1edeb8e189e049_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\5cfc74964f60a400b92e1f358860fd0a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\691a650a9f9593bed9bf18feec1b91e8_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\836b35cda8d34f3ad31484bf83525441_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\85cd1d8219f632a3467496c7d7ed4fbd_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9b19f93cde074c62b9f0441670eb0f2a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9c9667f9d40aa21c7c64cfb7b8ee974f_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a21a1f27a89b50db6df1d77c68f4590d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\a2aa288afeed0c7f39637800529ab96a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\b644728ec1bf864446c2a5b363f1133d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c4265ec01f871e42cdb1e07d3f53e280_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\cce6639fc2ea01a151e038071423946e_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\d2e1709cf519c26aac557541ae0e70d9_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\e8b253d5eb63cd1d648b4759dad7c06f_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\ee4ce172b128167b908f02d20d872104_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\eec396911dac2033f155c7b767788233_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fdfb3bb624efeacdbfeff69353ae3451_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\ProgramData\Microsoft\Crypto\RSA\MachineKeys\fe1fdf9bb39ce97261b5b26cdc43eae8_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

...

...

..
Failed to open \\?\c:\\Qoobox\BackEnv: Access is denied.

.

...

...

...

..
Failed to open \\?\c:\\System Volume Information\WindowsImageBackup: Access is denied.

Failed to open \\?\c:\\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{7519bc08-1ec0-11e1-8a1e-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{ab33212e-1cad-11e1-b6d6-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{b2bb726b-2237-11e1-ab92-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{b2bb73ac-2237-11e1-ab92-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{f9dd2c28-16ad-11e1-a511-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

Failed to open \\?\c:\\System Volume Information\{f9dd2d8b-16ad-11e1-a511-78843ce94750}{3808876b-c176-4e48-b7ae-04046e6cc752}: Access is denied.

\\?\c:\\Users\All Users: SYMBOLIC LINK
Print Name : C:\ProgramData
Substitute Name: \??\C:\ProgramData

\\?\c:\\Users\Default User: JUNCTION
Print Name : C:\Users\Default
Substitute Name: C:\Users\Default

\\?\c:\\Users\All Users\Application Data: JUNCTION
Print Name : C:\ProgramData
Substitute Name: C:\ProgramData

\\?\c:\\Users\All Users\Desktop: JUNCTION
Print Name : C:\Users\Public\Desktop
Substitute Name: C:\Users\Public\Desktop

\\?\c:\\Users\All Users\Documents: JUNCTION
Print Name : C:\Users\Public\Documents
Substitute Name: C:\Users\Public\Documents

\\?\c:\\Users\All Users\Favorites: JUNCTION
Print Name : C:\Users\Public\Favorites
Substitute Name: C:\Users\Public\Favorites

\\?\c:\\Users\All Users\Start Menu: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Start Menu
Substitute Name: C:\ProgramData\Microsoft\Windows\Start Menu

\\?\c:\\Users\All Users\Templates: JUNCTION
Print Name : C:\ProgramData\Microsoft\Windows\Templates
Substitute Name: C:\ProgramData\Microsoft\Windows\Templates

.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0a04518656f6c8c2bbb9e9be466a9207_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\0b78f7cd6095cd7e4af97f9ac46f0ba4_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\14b693ad728d3604c45332c6eff6ae6a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\18dc46a4aaa4f0c76c2590d6befe550d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\1dedc400c8b47125f378c912f1d5f425_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2b107162169f34e959efb9c998e0c4f1_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\2f8d34837131386f370f3753f2746322_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\331159987ef039d6b8095d7928d60fd5_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\3c060d3bde051963c34a1d97cd948297_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\41ba1030cb3a36b3e517ff7c53ae9d36_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\450db45d79c993df7e107ba469cf55d5_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\4f3728de35bf6bf63d1edeb8e189e049_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\5cfc74964f60a400b92e1f358860fd0a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\691a650a9f9593bed9bf18feec1b91e8_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\836b35cda8d34f3ad31484bf83525441_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\85cd1d8219f632a3467496c7d7ed4fbd_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\9b19f93cde074c62b9f0441670eb0f2a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\9c9667f9d40aa21c7c64cfb7b8ee974f_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\a21a1f27a89b50db6df1d77c68f4590d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\a2aa288afeed0c7f39637800529ab96a_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\b644728ec1bf864446c2a5b363f1133d_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\c4265ec01f871e42cdb1e07d3f53e280_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\cce6639fc2ea01a151e038071423946e_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\d2e1709cf519c26aac557541ae0e70d9_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\e8b253d5eb63cd1d648b4759dad7c06f_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\ee4ce172b128167b908f02d20d872104_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\eec396911dac2033f155c7b767788233_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fdfb3bb624efeacdbfeff69353ae3451_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

Failed to open \\?\c:\\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\fe1fdf9bb39ce97261b5b26cdc43eae8_bd50c529-4cc0-4334-8add-7eb4ebccef21: Access is denied.

...

...

..\\?\c:\\Users\Default\Application Data: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming
Substitute Name: C:\Users\Default\AppData\Roaming

\\?\c:\\Users\Default\Local Settings: JUNCTION
Print Name : C:\Users\Default\AppData\Local
Substitute Name: C:\Users\Default\AppData\Local

\\?\c:\\Users\Default\My Documents: JUNCTION
Print Name : C:\Users\Default\Documents
Substitute Name: C:\Users\Default\Documents

\\?\c:\\Users\Default\NetHood: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts

\\?\c:\\Users\Default\PrintHood: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts

\\?\c:\\Users\Default\Recent: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent

\\?\c:\\Users\Default\SendTo: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo

\\?\c:\\Users\Default\Start Menu: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu

\\?\c:\\Users\Default\Templates: JUNCTION
Print Name : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates
Substitute Name: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates

\\?\c:\\Users\Default\AppData\Local\Application Data: JUNCTION
Print Name : C:\Users\Default\AppData\Local
Substitute Name: C:\Users\Default\AppData\Local

\\?\c:\\Users\Default\AppData\Local\History: JUNCTION
Print Name : C:\Users\Default\AppData\Local\Microsoft\Windows\History
Substitute Name: C:\Users\Default\AppData\Local\Microsoft\Windows\History

\\?\c:\\Users\Default\AppData\Local\Temporary Internet Files: JUNCTION
Print Name : C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files
Substitute Name: C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files

\\?\c:\\Users\Default\Documents\My Music: JUNCTION
Print Name : C:\Users\Default\Music
Substitute Name: C:\Users\Default\Music

\\?\c:\\Users\Default\Documents\My Pictures: JUNCTION
Print Name : C:\Users\Default\Pictures
Substitute Name: C:\Users\Default\Pictures

\\?\c:\\Users\Default\Documents\My Videos: JUNCTION
Print Name : C:\Users\Default\Videos
Substitute Name: C:\Users\Default\Videos

\\?\c:\\Users\Mark\Application Data: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming
Substitute Name: C:\Users\Mark\AppData\Roaming

\\?\c:\\Users\Mark\Cookies: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Cookies
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Cookies

\\?\c:\\Users\Mark\Local Settings: JUNCTION
Print Name : C:\Users\Mark\AppData\Local
Substitute Name: C:\Users\Mark\AppData\Local

\\?\c:\\Users\Mark\My Documents: JUNCTION
Print Name : C:\Users\Mark\Documents
Substitute Name: C:\Users\Mark\Documents

\\?\c:\\Users\Mark\NetHood: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Network Shortcuts
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Network Shortcuts

\\?\c:\\Users\Mark\PrintHood: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Printer Shortcuts

\\?\c:\\Users\Mark\Recent: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Recent
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Recent

\\?\c:\\Users\Mark\SendTo: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\SendTo
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\SendTo

\\?\c:\\Users\Mark\Start Menu: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu

\\?\c:\\Users\Mark\Templates: JUNCTION
Print Name : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Templates
Substitute Name: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Templates

\\?\c:\\Users\Mark\AppData\Local\Application Data: JUNCTION
Print Name : C:\Users\Mark\AppData\Local
Substitute Name: C:\Users\Mark\AppData\Local

\\?\c:\\Users\Mark\AppData\Local\History: JUNCTION
Print Name : C:\Users\Mark\AppData\Local\Microsoft\Windows\History
Substitute Name: C:\Users\Mark\AppData\Local\Microsoft\Windows\History

\\?\c:\\Users\Mark\AppData\Local\Temporary Internet Files: JUNCTION
Print Name : C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files
Substitute Name: C:\Users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files

.

...

...

...

...

...

...

.\\?\c:\\Users\Mark\Documents\My Music: JUNCTION
Print Name : C:\Users\Mark\Music
Substitute Name: C:\Users\Mark\Music

\\?\c:\\Users\Mark\Documents\My Pictures: JUNCTION
Print Name : C:\Users\Mark\Pictures
Substitute Name: C:\Users\Mark\Pictures

\\?\c:\\Users\Mark\Documents\My Videos: JUNCTION
Print Name : C:\Users\Mark\Videos
Substitute Name: C:\Users\Mark\Videos

.\\?\c:\\Users\Public\Documents\My Music: JUNCTION
Print Name : C:\Users\Public\Music
Substitute Name: C:\Users\Public\Music

\\?\c:\\Users\Public\Documents\My Pictures: JUNCTION
Print Name : C:\Users\Public\Pictures
Substitute Name: C:\Users\Public\Pictures

\\?\c:\\Users\Public\Documents\My Videos: JUNCTION
Print Name : C:\Users\Public\Videos
Substitute Name: C:\Users\Public\Videos

.

...

...

...

...

...

...

...

...

...

...

...

...

...

Failed to open \\?\c:\\Windows\System32\LogFiles\WMI\RtBackup: Access is denied.

...

...

.\\?\c:\\Windows\SysWOW64\config\systemprofile\Application Data: JUNCTION
Print Name : C:\Windows\system32\config\systemprofile\AppData\Roaming
Substitute Name: C:\Windows\system32\config\systemprofile\AppData\Roaming

\\?\c:\\Windows\SysWOW64\config\systemprofile\Local Settings: JUNCTION
Print Name : C:\Windows\system32\config\systemprofile\AppData\Local
Substitute Name: C:\Windows\system32\config\systemprofile\AppData\Local

\\?\c:\\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data: JUNCTION
Print Name : C:\Windows\system32\config\systemprofile\AppData\Local
Substitute Name: C:\Windows\system32\config\systemprofile\AppData\Local

\\?\c:\\Windows\SysWOW64\config\systemprofile\AppData\Local\History: JUNCTION
Print Name : C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History
Substitute Name: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History

\\?\c:\\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files: JUNCTION
Print Name : C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
Substitute Name: C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files

..

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

.

Broni · Dec 14, 2011

Not much there either.

Please click HERE to download Kaspersky Virus Removal Tool.

Double click on the file you just downloaded and let it install.

It will install to your desktop (be patient; it may take a while).

Accept license agreement and click "Start" button.

Click on Settings button

In Scan scope leave pre-checked items as they're and also checkmark My Computer

In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection

Click on Automatic Scan tab and then click on Start scanning button.

Before it is done it may prompt for action regardless of the setting so choose delete if prompted.

When the scan is done NO log will be produced.

Click on Report button then on Automatic Scan report tab.

Right click anywhere within right pane, click Select All then right click again and click Copy.

This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.

You can save this on the desktop.

Post the contents of the document in your next reply.

TechSpot

[Inactive] Win 7 2012 AntiVirus/fixNCR.reg after problem

MarkYourFace Newcomer, in training

MarkYourFace Newcomer, in training

Broni Malware Annihilator

MarkYourFace Newcomer, in training

Broni Malware Annihilator

MarkYourFace Newcomer, in training

Broni Malware Annihilator