Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access them.


  • This topic is locked This topic is locked
3 replies to this topic

#1 I_hate_trojans!

I_hate_trojans!

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:55 AM

Posted 30 November 2009 - 06:54 AM

Hi Experts

I cannot access the internet using the menu. The above message appears when I try. I am able to get online by putting iexplore.exe on my desktop.

I have tried to follow the instructions on the preparation guide. Unfortunately, no logs appear with either the DDS or RootRepeal. I cannot deleted the RootRepeal file: "Access is Denied"

The only information I have is from the following 2 log files:

Running from: C:\Documents and Settings\Administrator\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Administrator\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\chsime\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\CHTIME\Applets\Applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imjp8_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\imkr6_1\dicts\dicts

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\ime\shared\res\res

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe

[1] 2004-08-04 07:56:52 743936 C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe (Microsoft Corporation)

[1] 2008-04-14 00:12:21 744448 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe ()

[1] 2008-04-14 00:12:21 744448 C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe (Microsoft Corporation)




Volume in drive C has no label.
Volume Serial Number is 8CCE-E76A

Directory of C:\WINDOWS\$hf_mig$\KB968389\SP2QFE

06/02/2009 19:46 408,064 netlogon.dll
1 File(s) 408,064 bytes

Directory of C:\WINDOWS\$NtServicePackUninstall$

04/08/2004 08:56 180,224 scecli.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

04/08/2004 08:56 407,040 netlogon.dll

Directory of C:\WINDOWS\$NtServicePackUninstall$

04/08/2004 08:56 55,808 eventlog.dll
3 File(s) 643,072 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\system32

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:11 61,952 eventlog.dll
3 File(s) 650,240 bytes

Total Files Listed:
10 File(s) 2,345,984 bytes
0 Dir(s) 55,455,977,472 bytes free




Please can you help?

BC AdBot (Login to Remove)

 


#2 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,289 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:12:55 PM

Posted 12 December 2009 - 07:36 PM

Hello, I_hate_trojans!.
My name is aommaster and I will be helping you with your log.

I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having, I would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.

Thanks

Please note that I am in the process of my training so it may take a while for me to get back to you, as each of my fixes need to be checked by a coach first.

I see that you're having trouble running executables. Let's try RSIT:
We need to run RSIT
  • Download random's system information tool (RSIT) by random/random and save it to your desktop.
  • Double click on RSIT.exe.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
In your next reply, please include the following:
  • Log.txt
  • info.txt

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#3 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,289 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:12:55 PM

Posted 15 December 2009 - 12:58 PM

Hello I_hate_trojans!
Are you still with us?

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:10:55 AM

Posted 18 December 2009 - 12:51 AM

This thread will now be closed due to lack feedback.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users