TechSpot

2nd hard drive

By soldier4mine
Jun 10, 2012
  1. Hi I have had very bad luck when I describe the problems I am having so I was wondering if anyone would take the time to look at my logs. I recently had been instructed to to a series of "runs" on a different board, I complied, however because of my lack of ability to explain what is going on with my system, communication didnt go so well , I figured forget it, but I just need someone to look, as I recently read your only suppose to run logs as instructed (after I just ran them) but they are freshly ran and I cant tell you how much I would appreciate just a glance at these. I'm beginning to think I'm crazy....... I am an account executive and thought my knowledge of computers were fairly good, I took hardware and software (computers) and did well. I cant explain this and IM NOT PARANOID, thank you for any help you can give me!
     
  2. soldier4mine

    soldier4mine TS Rookie Topic Starter

    MiniToolBox by Farbar Version: 09-06-2012
    Ran by whocares (administrator) on 10-06-2012 at 10:04:38
    Microsoft Windows 7 Ultimate (X86)
    Boot Mode: Normal
    ***************************************************************************

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    ========================= FF Proxy Settings: ==============================

    ========================= Hosts content: =================================



    ========================= IP Configuration: ================================

    TP-LINK 300Mbps Wireless N Adapter = Wireless Network Connection (Connected)
    Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : sowhat
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : TP-LINK 300Mbps Wireless N Adapter
    Physical Address. . . . . . . . . : F8-D1-11-13-73-C2
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::893d:6533:cd1:25f0%12(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.12(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Sunday, June 10, 2012 4:36:02 AM
    Lease Expires . . . . . . . . . . : Monday, June 11, 2012 4:36:02 AM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 318296337
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-52-96-5E-00-14-22-28-A8-DF
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller
    Physical Address. . . . . . . . . : 00-14-22-28-A8-DF
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.{4B4A6ED4-F376-4301-9505-6914A2583C0B}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3819:2eee:3f57:fef3(Preferred)
    Link-local IPv6 Address . . . . . : fe80::3819:2eee:3f57:fef3%13(Preferred)
    Default Gateway . . . . . . . . . : ::
    NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter isatap.{88BF7D75-B36F-49FA-8BEF-5A1454CD91E4}:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: clearspot
    Address: 192.168.1.1

    Name: google.com
    Addresses: 2001:4860:4007:800::1006
    74.125.224.162
    74.125.224.166
    74.125.224.165
    74.125.224.164
    74.125.224.174
    74.125.224.163
    74.125.224.168
    74.125.224.160
    74.125.224.161
    74.125.224.167
    74.125.224.169


    Pinging google.com [74.125.224.163] with 32 bytes of data:
    Reply from 74.125.224.163: bytes=32 time=81ms TTL=57
    Reply from 74.125.224.163: bytes=32 time=75ms TTL=57

    Ping statistics for 74.125.224.163:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 75ms, Maximum = 81ms, Average = 78ms
    Server: clearspot
    Address: 192.168.1.1

    Name: yahoo.com
    Addresses: 209.191.122.70
    72.30.38.140
    98.139.183.24


    Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
    Reply from 209.191.122.70: bytes=32 time=114ms TTL=47
    Reply from 209.191.122.70: bytes=32 time=109ms TTL=47

    Ping statistics for 209.191.122.70:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 109ms, Maximum = 114ms, Average = 111ms
    Server: clearspot
    Address: 192.168.1.1

    Name: bleepingcomputer.com
    Address: 208.43.87.2


    Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
    Reply from 208.43.87.2: Destination host unreachable.
    Reply from 208.43.87.2: Destination host unreachable.

    Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    12...f8 d1 11 13 73 c2 ......TP-LINK 300Mbps Wireless N Adapter
    11...00 14 22 28 a8 df ......Broadcom NetXtreme 57xx Gigabit Controller
    1...........................Software Loopback Interface 1
    18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 25
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.12 281
    192.168.1.12 255.255.255.255 On-link 192.168.1.12 281
    192.168.1.255 255.255.255.255 On-link 192.168.1.12 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.12 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.12 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    13 58 ::/0 On-link
    1 306 ::1/128 On-link
    13 58 2001::/32 On-link
    13 306 2001:0:4137:9e76:3819:2eee:3f57:fef3/128
    On-link
    12 281 fe80::/64 On-link
    13 306 fe80::/64 On-link
    13 306 fe80::3819:2eee:3f57:fef3/128
    On-link
    12 281 fe80::893d:6533:cd1:25f0/128
    On-link
    1 306 ff00::/8 On-link
    13 306 ff00::/8 On-link
    12 281 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (06/10/2012 08:14:40 AM) (Source: Microsoft-Windows-RestartManager) (User: whocares)whocares
    Description: Application or service 'Apple Mobile Device' could not be restarted.

    Error: (06/10/2012 08:14:40 AM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
    Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/10/2012 06:47:06 AM) (Source: Application Error) (User: )
    Description: Faulting application name: avp.exe, version: 12.0.0.374, time stamp: 0x4db46f59
    Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadc
    Exception code: 0xc000070a
    Fault offset: 0x00099c97
    Faulting process id: 0x9a8
    Faulting application start time: 0xavp.exe0
    Faulting application path: avp.exe1
    Faulting module path: avp.exe2
    Report Id: avp.exe3

    Error: (06/10/2012 04:37:15 AM) (Source: Application Error) (User: )
    Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
    Faulting module name: IMM32.DLL, version: 6.1.7600.16385, time stamp: 0x4a5bda07
    Exception code: 0xc0000005
    Fault offset: 0x00001468
    Faulting process id: 0x46c
    Faulting application start time: 0xsvchost.exe0
    Faulting application path: svchost.exe1
    Faulting module path: svchost.exe2
    Report Id: svchost.exe3

    Error: (06/10/2012 02:47:52 AM) (Source: MsiInstaller) (User: whocares)whocares
    Description: Product: Firebird SQL Server - MAGIX Edition -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2203. The arguments are: C:\Windows\Installer\45fd02.ipi, -2147287035,

    Error: (06/09/2012 01:55:23 PM) (Source: Application Error) (User: )
    Description: Faulting application name: avp.exe, version: 12.0.0.374, time stamp: 0x4db46f59
    Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadc
    Exception code: 0xc0000005
    Fault offset: 0x00051ffe
    Faulting process id: 0x640
    Faulting application start time: 0xavp.exe0
    Faulting application path: avp.exe1
    Faulting module path: avp.exe2
    Report Id: avp.exe3

    Error: (06/09/2012 01:28:37 PM) (Source: SideBySide) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (06/09/2012 10:15:31 AM) (Source: Application Error) (User: )
    Description: Faulting application name: TFService.exe, version: 4.10.1.14, time stamp: 0x4b4fa1c8
    Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
    Exception code: 0xc0000005
    Fault offset: 0x00052bfe
    Faulting process id: 0x6d4
    Faulting application start time: 0xTFService.exe0
    Faulting application path: TFService.exe1
    Faulting module path: TFService.exe2
    Report Id: TFService.exe3

    Error: (06/08/2012 02:22:11 PM) (Source: Application Error) (User: )
    Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
    Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
    Exception code: 0xc000070a
    Fault offset: 0x00099c97
    Faulting process id: 0x458
    Faulting application start time: 0xsvchost.exe0
    Faulting application path: svchost.exe1
    Faulting module path: svchost.exe2
    Report Id: svchost.exe3

    Error: (06/06/2012 09:45:54 PM) (Source: Application Error) (User: )
    Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
    Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdadb
    Exception code: 0xc000070a
    Fault offset: 0x00099c97
    Faulting process id: 0x454
    Faulting application start time: 0xsvchost.exe0
    Faulting application path: svchost.exe1
    Faulting module path: svchost.exe2
    Report Id: svchost.exe3


    System errors:
    =============
    Error: (06/10/2012 09:52:32 AM) (Source: Tcpip) (User: )
    Description: The system detected an address conflict for IP address 192.168.1.12 with the system
    having network hardware address 24-AB-81-B5-C7-1F. Network operations on this system may
    be disrupted as a result.

    Error: (06/10/2012 08:14:40 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service failed to start due to the following error:
    %%14001

    Error: (06/10/2012 08:01:52 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (06/10/2012 08:00:25 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (06/10/2012 07:50:06 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (06/10/2012 06:25:13 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (06/10/2012 05:57:32 AM) (Source: Service Control Manager) (User: )
    Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (06/10/2012 05:56:46 AM) (Source: Service Control Manager) (User: )
    Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (06/10/2012 04:39:15 AM) (Source: Service Control Manager) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error:
    %%1056

    Error: (06/10/2012 04:37:15 AM) (Source: Service Control Manager) (User: )
    Description: The WinHTTP Web Proxy Auto-Discovery Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


    Microsoft Office Sessions:
    =========================
    Error: (06/10/2012 08:14:40 AM) (Source: Microsoft-Windows-RestartManager)(User: whocares)whocares
    Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217826560

    Error: (06/10/2012 08:14:40 AM) (Source: SideBySide)(User: )
    Description: Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    Error: (06/10/2012 06:47:06 AM) (Source: Application Error)(User: )
    Description: avp.exe12.0.0.3744db46f59ntdll.dll6.1.7600.163854a5bdadcc000070a00099c979a801cd470f6d03aae1C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exeC:\Windows\SYSTEM32\ntdll.dllc409f5f7-b302-11e1-a3d9-00142228a8df

    Error: (06/10/2012 04:37:15 AM) (Source: Application Error)(User: )
    Description: svchost.exe6.1.7600.163854a5bc100IMM32.DLL6.1.7600.163854a5bda07c00000050000146846c01cd46fc2a44b3a0C:\Windows\system32\svchost.exeC:\Windows\system32\IMM32.DLL9ff17312-b2f0-11e1-a3d9-00142228a8df

    Error: (06/10/2012 02:47:52 AM) (Source: MsiInstaller)(User: whocares)whocares
    Description: Product: Firebird SQL Server - MAGIX Edition -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2203. The arguments are: C:\Windows\Installer\45fd02.ipi, -2147287035, (NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (06/09/2012 01:55:23 PM) (Source: Application Error)(User: )
    Description: avp.exe12.0.0.3744db46f59ntdll.dll6.1.7600.163854a5bdadcc000000500051ffe64001cd467dbbdbee36C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exeC:\Windows\SYSTEM32\ntdll.dll6e2466ee-b275-11e1-9e5d-00142228a8df

    Error: (06/09/2012 01:28:37 PM) (Source: SideBySide)(User: )
    Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"D:\iTunes64Setup.exe

    Error: (06/09/2012 10:15:31 AM) (Source: Application Error)(User: )
    Description: TFService.exe4.10.1.144b4fa1c8ntdll.dll6.1.7600.163854a5bdadbc000000500052bfe6d401cd46508378ae50C:\Program Files\ThreatFire\TFService.exeC:\Windows\SYSTEM32\ntdll.dllb73e7140-b256-11e1-b985-00142228a8df

    Error: (06/08/2012 02:22:11 PM) (Source: Application Error)(User: )
    Description: svchost.exe6.1.7600.163854a5bc100ntdll.dll6.1.7600.163854a5bdadbc000070a00099c9745801cd45bc559f5e2dC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll0220d55d-b1b0-11e1-be04-ef1ff779ac0a

    Error: (06/06/2012 09:45:54 PM) (Source: Application Error)(User: )
    Description: svchost.exe6.1.7600.163854a5bc100ntdll.dll6.1.7600.163854a5bdadbc000070a00099c9745401cd446560d7c7ccC:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlla9cdfe38-b05b-11e1-9f3d-523c83bb993e


    ========================= Memory info: ===================================

    Percentage of memory in use: 43%
    Total physical RAM: 2046.14 MB
    Available physical RAM: 1157.81 MB
    Total Pagefile: 4092.28 MB
    Available Pagefile: 2966.27 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1940.3 MB

    ========================= Partitions: =====================================

    1 Drive c: () (Fixed) (Total:74.53 GB) (Free:32.38 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\SOWHAT

    Administrator Guest h
    whocares


    **** End of log ****
     
  3. soldier4mine

    soldier4mine TS Rookie Topic Starter

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-06-10 10:18:35
    -----------------------------
    10:18:35.372 OS Version: Windows 6.1.7600
    10:18:35.372 Number of processors: 2 586 0x403
    10:18:35.388 ComputerName: SOWHAT UserName:
    10:18:37.307 Initialize success
    10:23:42.677 AVAST engine defs: 12061000
    10:24:11.849 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
    10:24:11.849 Disk 0 Vendor: WDC_WD800BD-22MRA1 10.01E01 Size: 76319MB BusType: 3
    10:24:12.224 Disk 0 MBR read successfully
    10:24:12.224 Disk 0 MBR scan
    10:24:12.239 Disk 0 Windows 7 default MBR code
    10:24:12.270 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76318 MB offset 63
    10:24:12.567 Disk 0 scanning sectors +156299440
    10:24:13.191 Disk 0 scanning C:\Windows\system32\drivers
    10:26:30.674 Service scanning
    10:26:41.438 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
    10:26:41.547 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
    10:26:41.765 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
    10:26:42.389 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
    10:26:59.893 Modules scanning
    10:29:32.196 Disk 0 trace - called modules:
    10:29:32.289 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys
    10:29:32.305 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8625e030]
    10:29:32.321 3 CLASSPNP.SYS[8978859e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x8615e030]
    10:29:32.867 AVAST engine scan C:\
    10:31:42.347 Disk 0 MBR has been saved successfully to "C:\Users\h\Desktop\MBR.dat"
    10:31:42.362 The log file has been saved successfully to "C:\Users\h\Desktop\aswMBR.txt"
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're going to have to say more than "2nd hard drive" to get help anywhere! If you think you my have malware that is causing problems, then , please follow these steps: Preliminary Virus and Malware Removal.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ====================================================
    Each computer forum decides what scans they want a user to run in order to help determine the cause of a problem. If you ran scans set up in another forum but want me t review them, I will decline and ask that you run the above instead.

    We do ask that you only have an active thread for the same problem at the same time in one forum so as not to tie up multiple helpers with just your problems. We are aware of some of the things malware can cause on a system, so please try to describe what's happening.
    ====================================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't follow directions given to someone else
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    Threads are closed after 5 days if there is no reply.
     
  5. soldier4mine

    soldier4mine TS Rookie Topic Starter

    Farbar Service Scanner Version: 09-06-2012
    Ran by whocares (administrator) on 10-06-2012 at 09:20:13
    Running from "C:\Users\h\Desktop"
    Microsoft Windows 7 Ultimate (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo IP is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Action Center:
    ============

    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    File Check:
    ========
    C:\Windows\system32\nsisvc.dll => MD5 is legit
    C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
    C:\Windows\system32\dhcpcore.dll => MD5 is legit
    C:\Windows\system32\Drivers\afd.sys => MD5 is legit
    C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
    C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
    C:\Windows\system32\dnsrslvr.dll => MD5 is legit
    C:\Windows\system32\mpssvc.dll
    [2009-07-13 16:53] - [2009-07-13 18:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

    C:\Windows\system32\bfe.dll
    [2009-07-13 16:54] - [2009-07-13 18:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

    C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
    C:\Windows\system32\SDRSVC.dll
    [2009-07-13 16:23] - [2009-07-13 18:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

    C:\Windows\system32\vssvc.exe
    [2009-07-13 16:24] - [2009-07-13 18:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

    C:\Windows\system32\wscsvc.dll => MD5 is legit
    C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\Windows\system32\wuaueng.dll
    [2009-07-13 17:15] - [2009-07-13 18:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

    C:\Windows\system32\qmgr.dll
    [2009-07-13 16:30] - [2009-07-13 18:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

    C:\Windows\system32\es.dll => MD5 is legit
    C:\Windows\system32\cryptsvc.dll => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit


    **** End of log ****
     
  6. soldier4mine

    soldier4mine TS Rookie Topic Starter

    ok I just seen the response thank you and I will do it now
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    We were posting at the same time. I can't give you any help unless I know what the problem is.

    Please STOP posting logs from another forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...