Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Almost ready to trash this system


  • Please log in to reply
15 replies to this topic

#1 cainst

cainst

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 22 May 2012 - 10:14 PM

Someone else was allowed to use this computer for a while and they must have put malware on it or something. First, all of my original desktop icons are missing only replaced by programs I downloaded to help fix this issue. Second, It takes forever for the system to boot up and then programs show started in task manager, but don't show up on screen or in task tray for 10 - 15 minutes if at all. Third, the system just seems to all of a sudden stop-(no desktop icon response, no taskbar response, no sound coming from harddisk, no anything) then all of a sudden everything seems to start functioning. This happens over and over. Fourth, couldn't get IE to run. Fifth, noticed a ton of windows updates that were needed on return of computer. Please help.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:52 PM

Posted 23 May 2012 - 09:16 PM

Let's see, if we can recover your missing features.
Download and run UnHide
Let me know, if it worked.

Then....

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 24 May 2012 - 08:27 PM

Thanks for your help, Broni.
Unhide didn't seem to work.

Results of screen317's Security Check version 0.99.24
Windows Vista x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
AVG 2012
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.6
CCleaner
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

#4 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 24 May 2012 - 08:30 PM

The contents of the notepad file created by unhide:

Unhide by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Unhide.exe can be found at this link:
http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 05/24/2012 07:32:31 PM
Windows Version: Windows Vista

Please be patient while your files are made visible again.

Processing the C:\ drive
Finished processing the C:\ drive. 665766 files processed.

Processing the D:\ drive
Finished processing the D:\ drive. 30542 files processed.

Processing the F:\ drive
Finished processing the F:\ drive. 0 files processed.

Processing the G:\ drive
Finished processing the G:\ drive. 0 files processed.

Processing the H:\ drive
Finished processing the H:\ drive. 0 files processed.

Processing the I:\ drive
Finished processing the I:\ drive. 0 files processed.

The C:\Users\james\AppData\Local\Temp\smtmp\ folder does not exist!!
Unhide cannot restore your missing shortcuts!!
Please see this topic in order to learn how to restore default
Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.
- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
No registry changes detected.

Restarting Explorer.exe in order to apply changes.

Program finished at: 05/24/2012 08:19:06 PM
Execution time: 0 hours(s), 46 minute(s), and 34 seconds(s)

#5 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 24 May 2012 - 10:36 PM

Farbar Service Scanner Version: 17-05-2012
Ran by james (administrator) on 24-05-2012 at 20:31:30
Running from "C:\Users\james\Downloads"
Microsoft® Windows Vista™ Home Basic (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2012-05-06 23:31] - [2012-05-06 23:31] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 18-01-2012
Ran by james (administrator) on 24-05-2012 at 20:35:05
Microsoft® Windows Vista™ Home Basic (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface luid=loopback_0 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_2 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_1 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled
set interface luid=ethernet_4 forwarding=disabled advertise=disabled mtu=0 metric=0 metric=0 nud=disabled basereachabletime=0 retransmittime=0 routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : home-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : knology.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : knology.net
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-19-D1-54-4F-DC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8896:622f:1a67:755e%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.105(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 22, 2012 9:26:22 PM
Lease Expires . . . . . . . . . . : Friday, May 25, 2012 7:29:05 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 201333201
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:28ec:39ef:3f57:ff96(Preferred)
Link-local IPv6 Address . . . . . : fe80::28ec:39ef:3f57:ff96%9(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . : knology.net
Description . . . . . . . . . . . : isatap.knology.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.105%10(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dlinkrouter.knology.net
Address: 192.168.0.1:53

Name: google.com
Addresses: 173.194.37.46, 173.194.37.35, 173.194.37.41, 173.194.37.40
173.194.37.38, 173.194.37.33, 173.194.37.36, 173.194.37.32, 173.194.37.39
173.194.37.34, 173.194.37.37



Pinging google.com [173.194.37.37] with 32 bytes of data:



Reply from 173.194.37.37: bytes=32 time=32ms TTL=54

Reply from 173.194.37.37: bytes=32 time=31ms TTL=54



Ping statistics for 173.194.37.37:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 31ms, Maximum = 32ms, Average = 31ms

Server: dlinkrouter.knology.net
Address: 192.168.0.1:53

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=39ms TTL=52

Reply from 209.191.122.70: bytes=32 time=38ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 38ms, Maximum = 39ms, Average = 38ms

Server: dlinkrouter.knology.net
Address: 192.168.0.1:53

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Reply from 127.0.0.1: bytes=32 time=3ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 3ms, Maximum = 3ms, Average = 3ms

===========================================================================
Interface List
8 ...00 19 d1 54 4f dc ...... Intel® PRO/100 VE Network Connection
1 ........................... Software Loopback Interface 1
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
10 ...00 00 00 00 00 00 00 e0 isatap.knology.net
11 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.105 276
192.168.0.105 255.255.255.255 On-link 192.168.0.105 276
192.168.0.255 255.255.255.255 On-link 192.168.0.105 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.105 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.105 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
9 18 ::/0 On-link
1 306 ::1/128 On-link
9 18 2001::/32 On-link
9 266 2001:0:5ef5:79fb:28ec:39ef:3f57:ff96/128
On-link
8 276 fe80::/64 On-link
9 266 fe80::/64 On-link
10 281 fe80::5efe:192.168.0.105/128
On-link
9 266 fe80::28ec:39ef:3f57:ff96/128
On-link
8 276 fe80::8896:622f:1a67:755e/128
On-link
1 306 ff00::/8 On-link
9 266 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [227328] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [227328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/23/2012 09:36:09 PM) (Source: CNET TechTracker) (User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/23/2012 09:36:07 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/23/2012 09:36:07 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established

Error: (05/22/2012 10:20:30 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 18.0.1025.168, time stamp 0x4f9b3c24, faulting module mshtml.dll, version 7.0.6000.16982, time stamp 0x4b2b7af4, exception code 0xc0000005, fault offset 0x000756f2,
process id 0xcdc, application start time 0xchrome.exe0.

Error: (05/22/2012 09:36:41 PM) (Source: CNET TechTracker) (User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/22/2012 09:36:39 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/22/2012 09:36:39 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established

Error: (05/22/2012 09:35:45 PM) (Source: CNET TechTracker) (User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/22/2012 09:35:44 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/22/2012 09:35:44 PM) (Source: CNET TechTracker) (User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established


System errors:
=============
Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.


Microsoft Office Sessions:
=========================
Error: (05/23/2012 09:36:09 PM) (Source: CNET TechTracker)(User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/23/2012 09:36:07 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/23/2012 09:36:07 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established

Error: (05/22/2012 10:20:30 PM) (Source: Application Error)(User: )
Description: chrome.exe18.0.1025.1684f9b3c24mshtml.dll7.0.6000.169824b2b7af4c0000005000756f2cdc01cd3892e129bcd0

Error: (05/22/2012 09:36:41 PM) (Source: CNET TechTracker)(User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/22/2012 09:36:39 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/22/2012 09:36:39 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established

Error: (05/22/2012 09:35:45 PM) (Source: CNET TechTracker)(User: james)james
Description: result: Scan Failed - General scan failure
computer: home-PC
scanned on: 5/12/2012 3:35 PM

Error: (05/22/2012 09:35:44 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

The server was busy and could not check for updates.

Error: (05/22/2012 09:35:44 PM) (Source: CNET TechTracker)(User: james)james
Description: Unable to complete request due to error:

A connection with the server could not be established


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2176)
CCleaner (Version: 3.18)
CNET TechTracker (Version: 2.1.0)
ESET Online Scanner v3
Glary Utilities 2.45.0.1481 (Version: 2.45.0.1481)
Google Chrome (Version: 19.0.1084.52)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Soft Data Fax Modem with SmartCP
SpywareBlaster 4.6 (Version: 4.6.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 2036.63 MB
Available physical RAM: 982.86 MB
Total Pagefile: 4306.58 MB
Available Pagefile: 3039.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.97 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:140.67 GB) (Free:82.81 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:8.38 GB) (Free:3.51 GB) NTFS
3 Drive e: (CD_ROM) (CDROM) (Total:2.53 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest home
james


**** End of log ****

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.25.01

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.16982
james :: HOME-PC [administrator]

Protection: Enabled

5/24/2012 8:39:16 PM
mbam-log-2012-05-24 (20-39-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 392287
Time elapsed: 56 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Re-running the aswMBR file. System crashd on first scan and upon reboot performed a chkdsk scan. Not sure what happened!

#6 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 25 May 2012 - 12:09 AM

aswMBR caused another system crash.

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:52 PM

Posted 25 May 2012 - 10:32 AM

I see number of these errors:

Error: (05/24/2012 08:17:19 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume \Device\HarddiskVolume2.


Click Start button and in "Start search" type:
cmd
Hold CTRL and SHIFT buttons and press Enter.
Command prompt window will open.
Paste this in:
chkdsk /f /r (<------watch for "spaces")
Press Enter.
Restart the computer.
Chkdsk will run.

Let me know if it reported any errors.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 25 May 2012 - 10:05 PM

It ran and showed what I think were errors but I don't see a log file of the results. Run it again?

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:52 PM

Posted 25 May 2012 - 10:11 PM

At this point it's be better to run hard drive diagnostics....

Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), and make the CD bootable.
For Toshiba hard drives, see here: http://storage.toshiba.com/storage-services-support/warranty-support/software-utilities#diagnostic

Note : If you do not know how to set your computer to boot from CD follow the steps here

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 26 May 2012 - 01:30 PM

results of test below, but didn't create a bootable disc. Perhaps I ran the wrong test.

Test Option: QUICK TEST
Model Number: WDC WD1600JS-00NCB1
Unit Serial Number: WD-WCANMA964712
Firmware Number: 10.02E02
Capacity: 160.04 GB
SMART Status: PASS
Test Result: PASS
Test Time: 02:20:11, May 26, 2012

Test Option: EXTENDED TEST
Model Number: WDC WD1600JS-00NCB1
Unit Serial Number: WD-WCANMA964712
Firmware Number: 10.02E02
Capacity: 160.04 GB
SMART Status: PASS
Test Result: FAIL
Test Error Code: 08-Error was detected while repairing bad sectors.
Test Time: 13:27:22, May 26, 2012

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:52 PM

Posted 26 May 2012 - 01:57 PM

Which tool did you download?
Extended test failed.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#12 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 26 May 2012 - 02:45 PM

Data lifeguard tools 11 for windows

#13 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:52 PM

Posted 26 May 2012 - 05:23 PM

It looks like you need to backup your data and replace the drive.

Test Error Code: 08-Error was detected while repairing bad sectors.

...means that some sectors can't be repaired.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#14 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 26 May 2012 - 05:26 PM

what do I do next

#15 cainst

cainst
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:52 PM

Posted 26 May 2012 - 05:29 PM

...sorry! didn't see the comment about replacing the drive. What would be the proper steps to backing up the drive? Do i need to by a passport type drive for temp backup?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users