Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


  • Please log in to reply
11 replies to this topic

#1 welch.david.cia.gov

welch.david.cia.gov

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 13 March 2013 - 09:48 AM

Hello, first off thanks for any-help in advance, I am David and have been having computer issues since Nov...Just bought this computer brand new from fry's, the return policy is not the greatest and Acer will take to long to repair and send back to me.

 

Please Help me with this, I have seen it a few time other places, but each one seems to be different just enough not to work for me, I ran the MBRCheck can and this is the info.....

 

 

 

 

MBRCheck, version 1.2.3
© 2010, AD
 
Command-line:
Windows Version:
Windows Information: (build 9200), 64-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Acer
System Product Name: Aspire X1935
Logical Drives Mask: 0x004000fc
 
Kernel Drivers (total 158):
  0x3A619000 \SystemRoot\system32\ntoskrnl.exe
  0x3AD61000 \SystemRoot\system32\hal.dll
  0x3A42B000 \SystemRoot\system32\kdcom.dll
  0x00C66000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00CC5000 \SystemRoot\System32\drivers\CLFS.SYS
  0x00D21000 \SystemRoot\System32\drivers\tm.sys
  0x00D44000 \SystemRoot\system32\PSHED.dll
  0x00D59000 \SystemRoot\system32\BOOTVID.dll
  0x00D63000 \SystemRoot\system32\CI.dll
  0x010CA000 \SystemRoot\System32\drivers\msrpc.sys
  0x0112D000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x011EF000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x01000000 \SystemRoot\System32\Drivers\acpiex.sys
  0x01017000 \SystemRoot\System32\Drivers\WppRecorder.sys
  0x01022000 \SystemRoot\System32\drivers\ACPI.sys
  0x0108F000 \SystemRoot\System32\drivers\WMILIB.SYS
  0x01099000 \SystemRoot\System32\drivers\msisadrv.sys
  0x00C00000 \SystemRoot\System32\drivers\pci.sys
  0x00E7E000 \SystemRoot\System32\Drivers\cng.sys
  0x00F0A000 \SystemRoot\system32\drivers\tpm.sys
  0x00F3D000 \SystemRoot\System32\drivers\vdrvroot.sys
  0x00F4A000 \SystemRoot\system32\drivers\pdc.sys
  0x00F61000 \SystemRoot\System32\drivers\partmgr.sys
  0x00F7B000 \SystemRoot\System32\drivers\spaceport.sys
  0x00FC4000 \SystemRoot\System32\drivers\volmgr.sys
  0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00E60000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00FDC000 \SystemRoot\System32\drivers\storahci.sys
  0x00A9F000 \SystemRoot\System32\drivers\storport.sys
  0x00B0E000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00B6E000 \SystemRoot\System32\drivers\fileinfo.sys
  0x00B82000 \SystemRoot\system32\drivers\WdFilter.sys
  0x016C6000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x018A9000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x018C4000 \SystemRoot\System32\drivers\pcw.sys
  0x018D5000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x018DF000 \SystemRoot\system32\drivers\ndis.sys
  0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
  0x0166F000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01A7F000 \SystemRoot\System32\drivers\tcpip.sys
  0x01CB6000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x01D1E000 \SystemRoot\system32\DRIVERS\wfplwfs.sys
  0x01D39000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01A00000 \SystemRoot\System32\drivers\volsnap.sys
  0x01DAF000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01A55000 \SystemRoot\System32\Drivers\mup.sys
  0x0169E000 \SystemRoot\System32\drivers\disk.sys
  0x00A00000 \SystemRoot\System32\drivers\CLASSPNP.SYS
  0x01DEA000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x01A6C000 \SystemRoot\System32\drivers\BasicDisplay.sys
  0x019DA000 \SystemRoot\System32\drivers\watchdog.sys
  0x0360F000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x03776000 \SystemRoot\System32\drivers\cdrom.sys
  0x037A7000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x037F5000 \SystemRoot\System32\Drivers\Null.SYS
  0x03600000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x019F8000 \SystemRoot\System32\Drivers\Beep.SYS
  0x00BC4000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x00BF3000 \SystemRoot\System32\drivers\BasicRender.sys
  0x00A80000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x010A3000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x0323D000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x03269000 \SystemRoot\System32\drivers\CompositeBus.sys
  0x03278000 \SystemRoot\system32\DRIVERS\kdnic.sys
  0x03283000 \SystemRoot\System32\drivers\umbus.sys
  0x0381E000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
  0x03D3A000 \SystemRoot\System32\drivers\USBXHCI.SYS
  0x03D91000 \SystemRoot\System32\drivers\ucx01000.sys
  0x03DC9000 \SystemRoot\System32\drivers\HECIx64.sys
  0x03295000 \SystemRoot\system32\DRIVERS\e1i63x64.sys
  0x03DDC000 \SystemRoot\System32\drivers\usbehci.sys
  0x032EB000 \SystemRoot\System32\drivers\USBPORT.SYS
  0x03800000 \SystemRoot\System32\drivers\HDAudBus.sys
  0x03366000 \SystemRoot\System32\drivers\intelppm.sys
  0x03DF2000 \SystemRoot\System32\drivers\wmiacpi.sys
  0x03382000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x033D9000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x03200000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x0321A000 \SystemRoot\System32\drivers\mssmbios.sys
  0x03DFC000 \SystemRoot\System32\drivers\swenum.sys
  0x03E62000 \SystemRoot\System32\drivers\ks.sys
  0x03EB1000 \SystemRoot\System32\drivers\rdpbus.sys
  0x03EBC000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x03ED0000 \SystemRoot\System32\drivers\usbhub.sys
  0x03F4E000 \SystemRoot\System32\drivers\USBD.SYS
  0x03F59000 \SystemRoot\System32\drivers\UsbHub3.sys
  0x03E00000 \SystemRoot\system32\drivers\HdAudio.sys
  0x04412000 \SystemRoot\system32\drivers\portcls.sys
  0x0445D000 \SystemRoot\system32\drivers\drmk.sys
  0x0447F000 \SystemRoot\system32\drivers\ksthunk.sys
  0x04485000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x04497000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x044A3000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x044C5000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x044D3000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x0452B000 \SystemRoot\system32\drivers\afd.sys
  0x045BD000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x045E7000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x04640000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
  0x04703000 \SystemRoot\System32\drivers\vwifibus.sys
  0x04710000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x04720000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x04856000 \SystemRoot\system32\drivers\csc.sys
  0x048E7000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x04901000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x0490F000 \SystemRoot\System32\drivers\npsvctrig.sys
  0x0491B000 \SystemRoot\System32\drivers\discache.sys
  0x0492C000 \SystemRoot\System32\Drivers\dfsc.sys
  0x0495F000 \SystemRoot\System32\drivers\usbccgp.sys
  0x04982000 \SystemRoot\System32\drivers\dc3d.sys
  0x04994000 \SystemRoot\System32\drivers\HIDPARSE.SYS
  0x0499C000 \SystemRoot\System32\Drivers\usbvideo.sys
  0x049D0000 \SystemRoot\system32\drivers\usbaudio.sys
  0x049EE000 \SystemRoot\System32\drivers\hidusb.sys
  0x04800000 \SystemRoot\System32\drivers\HIDCLASS.SYS
  0x0481B000 \SystemRoot\System32\drivers\kbdhid.sys
  0x04828000 \SystemRoot\System32\drivers\kbdclass.sys
  0x04837000 \SystemRoot\System32\drivers\mouhid.sys
  0x04843000 \SystemRoot\System32\drivers\mouclass.sys
  0x04792000 \SystemRoot\System32\drivers\USBSTOR.SYS
  0x04625000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x0460B000 \SystemRoot\System32\Drivers\dump_storahci.sys
  0x03FCC000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x001E3000 \SystemRoot\System32\win32k.sys
  0x04632000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x00602000 \SystemRoot\System32\TSDDD.dll
  0x0095A000 \SystemRoot\System32\cdd.dll
  0x033A3000 \SystemRoot\system32\drivers\luafv.sys
  0x03FE0000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x15660000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x156CE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x156E2000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x156FA000 \SystemRoot\system32\drivers\HTTP.sys
  0x157D6000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x15600000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x15A21000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x15A83000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x15ACE000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x15B08000 \SystemRoot\system32\drivers\Ndu.sys
  0x15B24000 \SystemRoot\system32\drivers\peauth.sys
  0x15BEF000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x15617000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x15A00000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x16000000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x1609F000 \SystemRoot\System32\DRIVERS\srv.sys
  0x1612C000 \SystemRoot\system32\drivers\WudfPf.sys
  0x16145000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x1617B000 \SystemRoot\System32\drivers\rdpvideominiport.sys
  0x16186000 \SystemRoot\System32\drivers\rdpdr.sys
  0x161B7000 \SystemRoot\system32\drivers\tsusbhub.sys
  0x161DA000 \SystemRoot\System32\drivers\condrv.sys
  0x00AAE000 \SystemRoot\System32\ATMFD.DLL
  0x161E7000 \SystemRoot\System32\drivers\usbscan.sys
  0x15A12000 \SystemRoot\System32\drivers\usbprint.sys
  0x0494D000 \SystemRoot\system32\DRIVERS\dot4usb.sys
  0x047B1000 \SystemRoot\system32\DRIVERS\Dot4.sys
  0x047D9000 \SystemRoot\System32\drivers\Dot4Prt.sys
  0x04600000 \SystemRoot\System32\drivers\WpdUpFltr.sys
 
Processes (total 71):
       0 System Idle Process
       4 System
     336 C:\Windows\System32\smss.exe
     412 csrss.exe
     464 csrss.exe
     472 C:\Windows\System32\wininit.exe
     528 C:\Windows\System32\winlogon.exe
     572 C:\Windows\System32\services.exe
     580 C:\Windows\System32\lsass.exe
     684 C:\Windows\System32\svchost.exe
     736 C:\Windows\System32\svchost.exe
     828 C:\Windows\System32\svchost.exe
     856 C:\Windows\System32\svchost.exe
     896 C:\Windows\System32\svchost.exe
     932 dwm.exe
     132 C:\Windows\System32\svchost.exe
     980 C:\Windows\System32\svchost.exe
    1208 C:\Windows\System32\svchost.exe
    1356 C:\Windows\SysWOW64\svchost.exe
    1380 C:\Windows\System32\svchost.exe
    1436 C:\Windows\System32\svchost.exe
    1456 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    1576 C:\Windows\System32\svchost.exe
    1604 C:\Program Files\Windows Defender\MsMpEng.exe
    1644 dasHost.exe
    1756 C:\Windows\System32\wlms\wlms.exe
    2084 C:\Windows\System32\svchost.exe
    2252 C:\Windows\System32\svchost.exe
    2272 C:\Windows\System32\svchost.exe
    2592 WUDFHost.exe
    1672 C:\Windows\System32\taskhostex.exe
    3100 C:\Windows\explorer.exe
    3764 C:\Windows\System32\igfxtray.exe
    3812 C:\Windows\System32\hkcmd.exe
    3848 C:\Windows\System32\igfxpers.exe
    3928 F:\TMRBLog\welch.david.cia.gov\AppData\Roaming\Spotify\spotify.exe
    3940 C:\Program Files (x86)\Fighters\PASSWORDfighter\stpass.exe
    3964 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    2220 C:\Program Files (x86)\EMET\EMET_notifier.exe
    3092 C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
    2960 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    1788 C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
    3548 C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
    3752 C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
    3516 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    3464 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    1880 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    2224 C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
    2824 C:\Windows\splwow64.exe
    2696 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    1660 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    2240 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    2488 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    3756 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    4808 C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe
    4152 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5096 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    4672 C:\Windows\System32\SearchIndexer.exe
     876 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    4964 C:\Windows\System32\audiodg.exe
    1192 C:\Windows\System32\spoolsv.exe
    5928 WUDFHost.exe
    1412 C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
    4124 C:\Windows\System32\WWAHost.exe
    2520 C:\Windows\System32\RuntimeBroker.exe
    5220 C:\Windows\WinStore\WSHost.exe
    4900 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     764 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    5616 C:\Users\Superman 1\Desktop\MBRCheck\MBRCheck.exe
    5104 C:\Windows\System32\conhost.exe
    3636 C:\Windows\System32\dllhost.exe
 
\\.\C: --> \\.\PhysicalDrive0 at offset 0x000000bb`7fe07000  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000003e`80497600  (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000007d`0014ec00  (NTFS)
\\.\W: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)
 
PhysicalDrive0 Model Number: ST1000DM003-9YN162, Rev: CC4B    
 
      Size  Device Name          MBR Status
  --------------------------------------------
    931 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
 
 
Done!


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 AM

Posted 13 March 2013 - 07:19 PM

Welcome and thanks for visiting..  Looks like a probable TDL4 infection.. Lets do these next.

 


MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

 

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Finally...

Please download aswMBR ( 511KB ) to your desktop.

  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply


Edited by boopme, 13 March 2013 - 07:25 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 13 March 2013 - 09:51 PM

Thank you for your time 1st off it is really appreciated, These are the logs that you requested...

 

 

MiniToolBox Result:

 

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Superman 1 (administrator) on 13-03-2013 at 17:54:31
Running from "C:\Users\Superman 1\Desktop\MiniToolBox"
Windows 8 Enterprise Evaluation  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
D-Link DWA-130 Wireless N USB Adapter = Wi-Fi (Connected)
Intel® 82579V Gigabit Network Connection = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Evolution-8
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : CC-B2-55-BD-6A-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : D-Link DWA-130 Wireless N USB Adapter
   Physical Address. . . . . . . . . : CC-B2-55-BD-6A-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5ca9:a8bc:9681:32d3%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 13, 2013 10:14:15 AM
   Lease Expires . . . . . . . . . . : Thursday, March 14, 2013 4:44:57 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 332182101
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-CD-9E-B0-F8-0F-41-50-B1-34
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : F8-0F-41-50-B1-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{114ABAE2-11C7-4752-B081-8FF8897E12E5}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:423:10ec:9d60:ac82(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::423:10ec:9d60:ac82%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2001:4860:4007:801::1004
 74.125.224.196
 74.125.224.197
 74.125.224.198
 74.125.224.199
 74.125.224.200
 74.125.224.201
 74.125.224.206
 74.125.224.192
 74.125.224.193
 74.125.224.194
 74.125.224.195
 
 
Pinging google.com [74.125.224.195] with 32 bytes of data:
Reply from 74.125.224.195: bytes=32 time=6ms TTL=54
Reply from 74.125.224.195: bytes=32 time=94ms TTL=54
 
Ping statistics for 74.125.224.195:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 94ms, Average = 50ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=302ms TTL=48
Reply from 98.139.183.24: bytes=32 time=413ms TTL=48
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 302ms, Maximum = 413ms, Average = 357ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...cc b2 55 bd 6a 9d ......Microsoft Hosted Network Virtual Adapter
 13...cc b2 55 bd 6a 9d ......D-Link DWA-130 Wireless N USB Adapter
 12...f8 0f 41 50 b1 34 ......Intel® 82579V Gigabit Network Connection
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 15    306 2001::/32                On-link
 15    306 2001:0:9d38:6ab8:423:10ec:9d60:ac82/128
                                    On-link
 13    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::423:10ec:9d60:ac82/128
                                    On-link
 13    281 fe80::5ca9:a8bc:9681:32d3/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
%2

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 AM

Posted 14 March 2013 - 09:26 AM

Hello, this is not a complete Mini log and you did not post the next two logs///


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 14 March 2013 - 10:24 AM

MBRCheck, version 1.2.3
© 2010, AD
 
Command-line:
Windows Version:
Windows Information: (build 9200), 64-bit
Base Board Manufacturer: Acer
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Acer
System Product Name: Aspire X1935
Logical Drives Mask: 0x004000f4
 
Kernel Drivers (total 149):
  0xC6681000 \SystemRoot\system32\ntoskrnl.exe
  0xC6615000 \SystemRoot\system32\hal.dll
  0xC6494000 \SystemRoot\system32\kdcom.dll
  0x00CB2000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00D11000 \SystemRoot\System32\drivers\CLFS.SYS
  0x00D6D000 \SystemRoot\System32\drivers\tm.sys
  0x00D90000 \SystemRoot\system32\PSHED.dll
  0x00DA5000 \SystemRoot\system32\BOOTVID.dll
  0x00C00000 \SystemRoot\system32\CI.dll
  0x01059000 \SystemRoot\System32\drivers\msrpc.sys
  0x010BC000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x0117E000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x0118E000 \SystemRoot\System32\Drivers\acpiex.sys
  0x011A5000 \SystemRoot\System32\Drivers\WppRecorder.sys
  0x00ECA000 \SystemRoot\System32\drivers\ACPI.sys
  0x00F37000 \SystemRoot\System32\drivers\WMILIB.SYS
  0x00F41000 \SystemRoot\System32\drivers\msisadrv.sys
  0x00F4B000 \SystemRoot\System32\drivers\pci.sys
  0x00E00000 \SystemRoot\System32\Drivers\cng.sys
  0x00E8C000 \SystemRoot\system32\drivers\tpm.sys
  0x00F88000 \SystemRoot\System32\drivers\vdrvroot.sys
  0x00F95000 \SystemRoot\system32\drivers\pdc.sys
  0x00FAC000 \SystemRoot\System32\drivers\partmgr.sys
  0x011B0000 \SystemRoot\System32\drivers\spaceport.sys
  0x00FC6000 \SystemRoot\System32\drivers\volmgr.sys
  0x00A59000 \SystemRoot\System32\drivers\volmgrx.sys
  0x00AB9000 \SystemRoot\System32\drivers\mountmgr.sys
  0x00AD3000 \SystemRoot\System32\drivers\storahci.sys
  0x00AE9000 \SystemRoot\System32\drivers\storport.sys
  0x00B58000 \SystemRoot\system32\drivers\fltmgr.sys
  0x00BB8000 \SystemRoot\System32\drivers\fileinfo.sys
  0x00A00000 \SystemRoot\system32\drivers\WdFilter.sys
  0x016BB000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x0189E000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x018B9000 \SystemRoot\System32\drivers\pcw.sys
  0x018CA000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x018D4000 \SystemRoot\system32\drivers\ndis.sys
  0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
  0x0166F000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x01A4F000 \SystemRoot\System32\drivers\tcpip.sys
  0x01C86000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x01CEE000 \SystemRoot\system32\DRIVERS\wfplwfs.sys
  0x01D09000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01D7F000 \SystemRoot\System32\drivers\volsnap.sys
  0x01A00000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01DD4000 \SystemRoot\System32\Drivers\mup.sys
  0x0169E000 \SystemRoot\System32\drivers\disk.sys
  0x01000000 \SystemRoot\System32\drivers\CLASSPNP.SYS
  0x01A3B000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x00A42000 \SystemRoot\System32\drivers\BasicDisplay.sys
  0x00BCC000 \SystemRoot\System32\drivers\watchdog.sys
  0x00C7F000 \SystemRoot\System32\drivers\cdrom.sys
  0x038A3000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x03A0A000 \SystemRoot\System32\Drivers\Null.SYS
  0x03A13000 \SystemRoot\System32\Drivers\Beep.SYS
  0x03A1B000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x03A7B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x03A87000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x03AB6000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x03AD4000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x03AEC000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x03B18000 \SystemRoot\System32\drivers\CompositeBus.sys
  0x03B27000 \SystemRoot\system32\DRIVERS\kdnic.sys
  0x03B32000 \SystemRoot\System32\drivers\umbus.sys
  0x03C39000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
  0x04155000 \SystemRoot\System32\drivers\BasicRender.sys
  0x04162000 \SystemRoot\System32\drivers\USBXHCI.SYS
  0x041B9000 \SystemRoot\System32\drivers\ucx01000.sys
  0x03C00000 \SystemRoot\System32\drivers\HECIx64.sys
  0x03B44000 \SystemRoot\system32\DRIVERS\e1i63x64.sys
  0x03C13000 \SystemRoot\System32\drivers\usbehci.sys
  0x03800000 \SystemRoot\System32\drivers\USBPORT.SYS
  0x0387B000 \SystemRoot\System32\drivers\HDAudBus.sys
  0x03B9A000 \SystemRoot\System32\drivers\intelppm.sys
  0x03C29000 \SystemRoot\System32\drivers\wmiacpi.sys
  0x03BB6000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x03BD7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x00BDD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x041F1000 \SystemRoot\System32\drivers\mssmbios.sys
  0x041FD000 \SystemRoot\System32\drivers\swenum.sys
  0x00DAF000 \SystemRoot\System32\drivers\ks.sys
  0x03891000 \SystemRoot\System32\drivers\rdpbus.sys
  0x00FDE000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x0345C000 \SystemRoot\System32\drivers\usbhub.sys
  0x034DA000 \SystemRoot\System32\drivers\USBD.SYS
  0x034E5000 \SystemRoot\System32\drivers\UsbHub3.sys
  0x03558000 \SystemRoot\system32\drivers\HdAudio.sys
  0x035B1000 \SystemRoot\system32\drivers\portcls.sys
  0x03400000 \SystemRoot\system32\drivers\drmk.sys
  0x03422000 \SystemRoot\system32\drivers\ksthunk.sys
  0x03428000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x0343A000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x044C0000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x044E2000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x044F0000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x04548000 \SystemRoot\system32\drivers\afd.sys
  0x04602000 \SystemRoot\system32\DRIVERS\RTL8192su.sys
  0x046C5000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x046EF000 \SystemRoot\System32\drivers\vwifibus.sys
  0x046FC000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x04712000 \SystemRoot\System32\drivers\usbccgp.sys
  0x04735000 \SystemRoot\System32\drivers\dc3d.sys
  0x04747000 \SystemRoot\System32\drivers\HIDPARSE.SYS
  0x0474F000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x0475F000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x04400000 \SystemRoot\system32\drivers\csc.sys
  0x047D1000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x047EB000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x04491000 \SystemRoot\System32\drivers\npsvctrig.sys
  0x0449D000 \SystemRoot\System32\drivers\discache.sys
  0x045DA000 \SystemRoot\System32\Drivers\dfsc.sys
  0x044AE000 \SystemRoot\System32\drivers\hidusb.sys
  0x04A30000 \SystemRoot\System32\drivers\HIDCLASS.SYS
  0x04A4B000 \SystemRoot\System32\drivers\kbdhid.sys
  0x04A58000 \SystemRoot\System32\drivers\kbdclass.sys
  0x04A67000 \SystemRoot\System32\drivers\mouhid.sys
  0x04A73000 \SystemRoot\System32\drivers\mouclass.sys
  0x04A82000 \SystemRoot\System32\drivers\USBSTOR.SYS
  0x04AA1000 \SystemRoot\System32\Drivers\dump_diskdump.sys
  0x04AAE000 \SystemRoot\System32\Drivers\dump_storahci.sys
  0x04AC4000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x00100000 \SystemRoot\System32\win32k.sys
  0x04AD8000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x0078D000 \SystemRoot\System32\TSDDD.dll
  0x00878000 \SystemRoot\System32\cdd.dll
  0x04AE6000 \SystemRoot\system32\drivers\luafv.sys
  0x04B0E000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x04B22000 \SystemRoot\system32\DRIVERS\nwifi.sys
  0x04B90000 \SystemRoot\system32\DRIVERS\ndisuio.sys
  0x04BA4000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x15C14000 \SystemRoot\system32\drivers\HTTP.sys
  0x15CF0000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x15D10000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x15D27000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x15D89000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x04BBC000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x15DD4000 \SystemRoot\system32\drivers\Ndu.sys
  0x15EDE000 \SystemRoot\system32\drivers\peauth.sys
  0x15FA9000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x15FB4000 \SystemRoot\System32\drivers\condrv.sys
  0x15E00000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x15E44000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x16207000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x162A6000 \SystemRoot\System32\DRIVERS\srv.sys
  0x16333000 \SystemRoot\system32\drivers\WudfPf.sys
  0x1634C000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
  0x16382000 \SystemRoot\System32\drivers\rdpvideominiport.sys
  0x1638D000 \SystemRoot\System32\drivers\rdpdr.sys
  0x163BE000 \SystemRoot\system32\drivers\tsusbhub.sys
 
Processes (total 74):
       0 System Idle Process
       4 System
     340 C:\Windows\System32\smss.exe
     412 csrss.exe
     476 csrss.exe
     484 C:\Windows\System32\wininit.exe
     540 C:\Windows\System32\winlogon.exe
     588 C:\Windows\System32\services.exe
     596 C:\Windows\System32\lsass.exe
     704 C:\Windows\System32\svchost.exe
     756 C:\Windows\System32\svchost.exe
     852 C:\Windows\System32\svchost.exe
     880 C:\Windows\System32\svchost.exe
     932 C:\Windows\System32\svchost.exe
     956 dwm.exe
     360 C:\Windows\System32\svchost.exe
     772 C:\Windows\System32\svchost.exe
    1180 C:\Windows\System32\spoolsv.exe
    1208 C:\Windows\System32\svchost.exe
    1356 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    1392 C:\Windows\SysWOW64\svchost.exe
    1412 dasHost.exe
    1444 C:\Windows\System32\svchost.exe
    1476 C:\Windows\System32\svchost.exe
    1508 C:\Program Files\Splunk\bin\splunkd.exe
    1692 C:\Windows\System32\conhost.exe
    1408 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    1536 C:\Windows\System32\svchost.exe
    1760 C:\Program Files\Windows Defender\MsMpEng.exe
    1848 C:\Windows\System32\wlms\wlms.exe
    1800 C:\Windows\System32\svchost.exe
    2304 C:\Windows\System32\svchost.exe
    2356 C:\Windows\System32\svchost.exe
    2868 WUDFHost.exe
    3052 C:\Windows\System32\taskhostex.exe
     692 C:\Windows\explorer.exe
    3136 C:\Windows\System32\igfxtray.exe
    3180 C:\Windows\System32\hkcmd.exe
    3212 C:\Windows\System32\igfxpers.exe
    3572 C:\Program Files (x86)\Fighters\PASSWORDfighter\stpass.exe
    3588 F:\TMRBLog\welch.david.cia.gov\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    3700 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    3780 C:\Program Files (x86)\EMET\EMET_notifier.exe
    3788 C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
    3804 C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
    3816 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    3836 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    3956 C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
    4016 C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
    4064 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    2504 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    3256 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    3248 C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
    3528 C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
    2604 C:\Windows\splwow64.exe
    2808 WmiPrvSE.exe
     696 C:\Program Files\Windows NT\Accessories\wordpad.exe
    3324 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    3116 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     992 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    2444 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     664 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    2520 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    1560 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    1648 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    4944 C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
    4628 C:\Program Files\Microsoft Assessment and Planning Toolkit\bin\Microsoft.AssessmentPlatform.UI.Console.exe
    1656 C:\Windows\System32\audiodg.exe
    1296 C:\Windows\System32\SearchIndexer.exe
    3472 C:\Windows\System32\SearchProtocolHost.exe
    4380 C:\Windows\System32\SearchFilterHost.exe
     504 C:\Users\Superman 1\Desktop\MBRCheck\MBRCheck.exe
    1016 C:\Windows\System32\conhost.exe
    2180 C:\Windows\System32\dllhost.exe
 
\\.\C: --> \\.\PhysicalDrive0 at offset 0x000000bb`7fe07000  (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x0000003e`80497600  (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000007d`0014ec00  (NTFS)
\\.\W: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)
 
PhysicalDrive0 Model Number: ST1000DM003-9YN162, Rev: CC4B    
 
      Size  Device Name          MBR Status
  --------------------------------------------
    931 GB  \\.\PhysicalDrive0   Windows 7 MBR code detected
            SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
 
 
Done!


19:30:31.0330 1076  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

19:30:31.0747 1076  ============================================================

19:30:31.0747 1076  Current date / time: 2013/03/13 19:30:31.0747

19:30:31.0747 1076  SystemInfo:

19:30:31.0747 1076 

19:30:31.0748 1076  OS Version: 6.2.9200 ServicePack: 0.0

19:30:31.0748 1076  Product type: Workstation

19:30:31.0748 1076  ComputerName: EVOLUTION-8

19:30:31.0748 1076  UserName: Superman 1

19:30:31.0748 1076  Windows directory: C:\Windows

19:30:31.0748 1076  System windows directory: C:\Windows

19:30:31.0748 1076  Running under WOW64

19:30:31.0748 1076  Processor architecture: Intel x64

19:30:31.0748 1076  Number of processors: 4

19:30:31.0748 1076  Page size: 0x1000

19:30:31.0748 1076  Boot type: Normal boot

19:30:31.0748 1076  ============================================================

19:30:32.0629 1076  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:30:32.0644 1076  Drive \Device\Harddisk1\DR1 - Size: 0x1D5800000 (7.34 Gb), SectorSize: 0x200, Cylinders: 0x3BD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:30:32.0656 1076  ============================================================

19:30:32.0656 1076  \Device\Harddisk0\DR0:

19:30:32.0656 1076  MBR partitions:

19:30:32.0656 1076  \Device\Harddisk1\DR1:

19:30:32.0656 1076  MBR partitions:

19:30:32.0656 1076  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0xEABFE0

19:30:32.0656 1076  ============================================================

19:30:32.0656 1076  Initialize success

19:30:32.0656 1076  ============================================================

19:31:00.0453 4372  ============================================================

19:31:00.0454 4372  Scan started

19:31:00.0454 4372  Mode: Manual;

19:31:00.0454 4372  ============================================================

19:31:00.0572 4372  ================ Scan system memory ========================

19:31:00.0572 4372  System memory - ok

19:31:00.0572 4372  ================ Scan services =============================

19:31:00.0648 4372  1394ohci - ok

19:31:00.0654 4372  3ware - ok

19:31:00.0659 4372  ACPI - ok

19:31:00.0664 4372  acpiex - ok

19:31:00.0669 4372  acpipagr - ok

19:31:00.0675 4372  AcpiPmi - ok

19:31:00.0680 4372  acpitime - ok

19:31:00.0720 4372  AdobeARMservice - ok

19:31:00.0726 4372  adp94xx - ok

19:31:00.0731 4372  adpahci - ok

19:31:00.0736 4372  adpu320 - ok

19:31:00.0745 4372  AeLookupSvc - ok

19:31:00.0749 4372  AFD - ok

19:31:00.0754 4372  agp440 - ok

19:31:00.0760 4372  ALG - ok

19:31:00.0782 4372  AllUserInstallAgent - ok

19:31:00.0787 4372  AmdK8 - ok

19:31:00.0792 4372  AmdPPM - ok

19:31:00.0797 4372  amdsata - ok

19:31:00.0802 4372  amdsbs - ok

19:31:00.0806 4372  amdxata - ok

19:31:00.0850 4372  AppHostSvc - ok

19:31:00.0854 4372  AppID - ok

19:31:00.0859 4372  AppIDSvc - ok

19:31:00.0863 4372  Appinfo - ok

19:31:00.0867 4372  AppMgmt - ok

19:31:00.0872 4372  arc - ok

19:31:00.0877 4372  arcsas - ok

19:31:00.0910 4372  aspnet_state - ok

19:31:00.0915 4372  AsyncMac - ok

19:31:00.0919 4372  atapi - ok

19:31:00.0963 4372  AudioEndpointBuilder - ok

19:31:00.0966 4372  Audiosrv - ok

19:31:00.0994 4372  AVFSFilter - ok

19:31:00.0997 4372  AxInstSV - ok

19:31:01.0000 4372  b06bdrv - ok

19:31:01.0002 4372  BasicDisplay - ok

19:31:01.0005 4372  BasicRender - ok

19:31:01.0010 4372  BDESVC - ok

19:31:01.0013 4372  Beep - ok

19:31:01.0016 4372  BFE - ok

19:31:01.0018 4372  BITS - ok

19:31:01.0021 4372  bowser - ok

19:31:01.0027 4372  BrokerInfrastructure - ok

19:31:01.0031 4372  Browser - ok

19:31:01.0036 4372  BthAvrcpTg - ok

19:31:01.0039 4372  BthHFEnum - ok

19:31:01.0041 4372  bthhfhid - ok

19:31:01.0045 4372  BTHMODEM - ok

19:31:01.0049 4372  bthserv - ok

19:31:01.0052 4372  c2wts - ok

19:31:01.0055 4372  cdfs - ok

19:31:01.0058 4372  cdrom - ok

19:31:01.0061 4372  CertPropSvc - ok

19:31:01.0064 4372  circlass - ok

19:31:01.0067 4372  CLFS - ok

19:31:01.0075 4372  CmBatt - ok

19:31:01.0079 4372  CNG - ok

19:31:01.0083 4372  CompositeBus - ok

19:31:01.0086 4372  COMSysApp - ok

19:31:01.0089 4372  condrv - ok

19:31:01.0111 4372  cphs - ok

19:31:01.0115 4372  CryptSvc - ok

19:31:01.0118 4372  CSC - ok

19:31:01.0121 4372  CscService - ok

19:31:01.0124 4372  dam - ok

19:31:01.0150 4372  dc3d - ok

19:31:01.0154 4372  DcomLaunch - ok

19:31:01.0157 4372  defragsvc - ok

19:31:01.0160 4372  DeviceAssociationService - ok

19:31:01.0202 4372  DeviceInstall - ok

19:31:01.0206 4372  Dfsc - ok

19:31:01.0208 4372  Dhcp - ok

19:31:01.0213 4372  discache - ok

19:31:01.0216 4372  disk - ok

19:31:01.0218 4372  dmvsc - ok

19:31:01.0222 4372  Dnscache - ok

19:31:01.0228 4372  dot3svc - ok

19:31:01.0248 4372  dot4 - ok

19:31:01.0263 4372  Dot4Print - ok

19:31:01.0278 4372  dot4usb - ok

19:31:01.0281 4372  DPS - ok

19:31:01.0286 4372  drmkaud - ok

19:31:01.0289 4372  DsmSvc - ok

19:31:01.0292 4372  DsRoleSvc - ok

19:31:01.0295 4372  DXGKrnl - ok

19:31:01.0317 4372  e1cexpress - ok

19:31:01.0320 4372  e1iexpress - ok

19:31:01.0323 4372  Eaphost - ok

19:31:01.0326 4372  ebdrv - ok

19:31:01.0329 4372  EFS - ok

19:31:01.0332 4372  EhStorClass - ok

19:31:01.0336 4372  EhStorTcgDrv - ok

19:31:01.0339 4372  ErrDev - ok

19:31:01.0355 4372  EventSystem - ok

19:31:01.0357 4372  exfat - ok

19:31:01.0360 4372  fastfat - ok

19:31:01.0364 4372  Fax - ok

19:31:01.0367 4372  fdc - ok

19:31:01.0369 4372  fdPHost - ok

19:31:01.0372 4372  FDResPub - ok

19:31:01.0375 4372  fhsvc - ok

19:31:01.0379 4372  FileInfo - ok

19:31:01.0382 4372  Filetrace - ok

19:31:01.0385 4372  flpydisk - ok

19:31:01.0388 4372  FltMgr - ok

19:31:01.0390 4372  FontCache - ok

19:31:01.0394 4372  FontCache3.0.0.0 - ok

19:31:01.0397 4372  FsDepends - ok

19:31:01.0400 4372  Fs_Rec - ok

19:31:01.0403 4372  ftpsvc - ok

19:31:01.0408 4372  fussvc - ok

19:31:01.0412 4372  fvevol - ok

19:31:01.0415 4372  FxPPM - ok

19:31:01.0418 4372  gagp30kx - ok

19:31:01.0421 4372  gencounter - ok

19:31:01.0425 4372  GPIOClx0101 - ok

19:31:01.0430 4372  gpsvc - ok

19:31:01.0442 4372  gupdate - ok

19:31:01.0446 4372  gupdatem - ok

19:31:01.0460 4372  HdAudAddService - ok

19:31:01.0463 4372  HDAudBus - ok

19:31:01.0466 4372  HidBatt - ok

19:31:01.0469 4372  HidBth - ok

19:31:01.0473 4372  hidi2c - ok

19:31:01.0476 4372  HidIr - ok

19:31:01.0479 4372  hidserv - ok

19:31:01.0482 4372  HidUsb - ok

19:31:01.0485 4372  hkmsvc - ok

19:31:01.0487 4372  HomeGroupListener - ok

19:31:01.0498 4372  HomeGroupProvider - ok

19:31:01.0516 4372  hpqcxs08 - ok

19:31:01.0519 4372  hpqddsvc - ok

19:31:01.0522 4372  HpSAMD - ok

19:31:01.0534 4372  HPSLPSVC - ok

19:31:01.0537 4372  HTTP - ok

19:31:01.0540 4372  hvservice - ok

19:31:01.0542 4372  hwpolicy - ok

19:31:01.0545 4372  hyperkbd - ok

19:31:01.0548 4372  HyperVideo - ok

19:31:01.0551 4372  i8042prt - ok

19:31:01.0560 4372  iaStorV - ok

19:31:01.0563 4372  igfx - ok

19:31:01.0566 4372  iirsp - ok

19:31:01.0569 4372  IKEEXT - ok

19:31:01.0574 4372  intelide - ok

19:31:01.0576 4372  intelppm - ok

19:31:01.0580 4372  IpFilterDriver - ok

19:31:01.0583 4372  iphlpsvc - ok

19:31:01.0586 4372  IPMIDRV - ok

19:31:01.0588 4372  IPNAT - ok

19:31:01.0591 4372  iprip - ok

19:31:01.0593 4372  IRENUM - ok

19:31:01.0596 4372  isapnp - ok

19:31:01.0600 4372  iScsiPrt - ok

19:31:01.0603 4372  kbdclass - ok

19:31:01.0606 4372  kbdhid - ok

19:31:01.0608 4372  kdnic - ok

19:31:01.0611 4372  KeyIso - ok

19:31:01.0614 4372  KSecDD - ok

19:31:01.0617 4372  KSecPkg - ok

19:31:01.0619 4372  ksthunk - ok

19:31:01.0622 4372  KtmRm - ok

19:31:01.0626 4372  LanmanServer - ok

19:31:01.0630 4372  LanmanWorkstation - ok

19:31:01.0635 4372  lltdio - ok

19:31:01.0638 4372  lltdsvc - ok

19:31:01.0641 4372  lmhosts - ok

19:31:01.0644 4372  LSI_SAS - ok

19:31:01.0648 4372  LSI_SAS2 - ok

19:31:01.0650 4372  LSI_SCSI - ok

19:31:01.0653 4372  LSI_SSS - ok

19:31:01.0656 4372  LSM - ok

19:31:01.0658 4372  luafv - ok

19:31:01.0661 4372  lunparser - ok

19:31:01.0664 4372  megasas - ok

19:31:01.0667 4372  MegaSR - ok

19:31:01.0670 4372  MEIx64 - ok

19:31:01.0672 4372  MMCSS - ok

19:31:01.0674 4372  Modem - ok

19:31:01.0677 4372  monitor - ok

19:31:01.0681 4372  mouclass - ok

19:31:01.0684 4372  mouhid - ok

19:31:01.0686 4372  mountmgr - ok

19:31:01.0688 4372  mpsdrv - ok

19:31:01.0692 4372  MpsSvc - ok

19:31:01.0695 4372  MQAC - ok

19:31:01.0698 4372  MRxDAV - ok

19:31:01.0701 4372  mrxsmb - ok

19:31:01.0703 4372  mrxsmb10 - ok

19:31:01.0705 4372  mrxsmb20 - ok

19:31:01.0708 4372  MsBridge - ok

19:31:01.0711 4372  MSDTC - ok

19:31:01.0717 4372  Msfs - ok

19:31:01.0719 4372  msgpiowin32 - ok

19:31:01.0722 4372  mshidkmdf - ok

19:31:01.0724 4372  mshidumdf - ok

19:31:01.0727 4372  msisadrv - ok

19:31:01.0730 4372  MSiSCSI - ok

19:31:01.0733 4372  msiserver - ok

19:31:01.0745 4372  MSKSSRV - ok

19:31:01.0748 4372  MsLldp - ok

19:31:01.0751 4372  MSMQ - ok

19:31:01.0768 4372  MSPCLOCK - ok

19:31:01.0770 4372  MSPQM - ok

19:31:01.0773 4372  MsRPC - ok

19:31:01.0777 4372  mssmbios - ok

19:31:01.0780 4372  MSTEE - ok

19:31:01.0783 4372  MTConfig - ok

19:31:01.0786 4372  Mup - ok

19:31:01.0788 4372  mvumis - ok

19:31:01.0798 4372  napagent - ok

19:31:01.0803 4372  NativeWifiP - ok

19:31:01.0805 4372  NcaSvc - ok

19:31:01.0808 4372  NcdAutoSetup - ok

19:31:01.0811 4372  NDIS - ok

19:31:01.0814 4372  NdisCap - ok

19:31:01.0817 4372  NdisImPlatform - ok

19:31:01.0819 4372  NdisTapi - ok

19:31:01.0822 4372  Ndisuio - ok

19:31:01.0827 4372  NdisWan - ok

19:31:01.0831 4372  NDISWANLEGACY - ok

19:31:01.0835 4372  NDProxy - ok

19:31:01.0839 4372  Ndu - ok

19:31:01.0841 4372  Net Driver HPZ12 - ok

19:31:01.0844 4372  NetBIOS - ok

19:31:01.0847 4372  NetBT - ok

19:31:01.0850 4372  Netlogon - ok

19:31:01.0852 4372  Netman - ok

19:31:01.0855 4372  netprofm - ok

19:31:01.0858 4372  NetTcpPortSharing - ok

19:31:01.0860 4372  nfrd960 - ok

19:31:01.0863 4372  NlaSvc - ok

19:31:01.0866 4372  Npfs - ok

19:31:01.0869 4372  npsvctrig - ok

19:31:01.0872 4372  nsi - ok

19:31:01.0874 4372  nsiproxy - ok

19:31:01.0878 4372  Ntfs - ok

19:31:01.0881 4372  Null - ok

19:31:01.0884 4372  nvraid - ok

19:31:01.0886 4372  nvstor - ok

19:31:01.0889 4372  nv_agp - ok

19:31:01.0914 4372  ose64 - ok

19:31:01.0945 4372  p2pimsvc - ok

19:31:01.0948 4372  p2psvc - ok

19:31:01.0951 4372  Parport - ok

19:31:01.0953 4372  partmgr - ok

19:31:01.0956 4372  passthruparser - ok

19:31:01.0958 4372  PcaSvc - ok

19:31:01.0961 4372  pci - ok

19:31:01.0964 4372  pciide - ok

19:31:01.0967 4372  pcmcia - ok

19:31:01.0969 4372  pcw - ok

19:31:01.0972 4372  pdc - ok

19:31:01.0974 4372  PEAUTH - ok

19:31:01.0977 4372  PeerDistSvc - ok

19:31:01.0982 4372  PerfHost - ok

19:31:01.0988 4372  pla - ok

19:31:01.0991 4372  PlugPlay - ok

19:31:01.0995 4372  Pml Driver HPZ12 - ok

19:31:01.0998 4372  PNRPAutoReg - ok

19:31:02.0001 4372  PNRPsvc - ok

19:31:02.0004 4372  PolicyAgent - ok

19:31:02.0007 4372  Power - ok

19:31:02.0010 4372  PptpMiniport - ok

19:31:02.0013 4372  PrintNotify - ok

19:31:02.0017 4372  Processor - ok

19:31:02.0019 4372  ProfSvc - ok

19:31:02.0022 4372  Psched - ok

19:31:02.0026 4372  PsxDrv - ok

19:31:02.0030 4372  QWAVE - ok

19:31:02.0034 4372  QWAVEdrv - ok

19:31:02.0037 4372  RasAcd - ok

19:31:02.0040 4372  RasAgileVpn - ok

19:31:02.0043 4372  RasAuto - ok

19:31:02.0046 4372  Rasl2tp - ok

19:31:02.0056 4372  RasMan - ok

19:31:02.0059 4372  RasPppoe - ok

19:31:02.0061 4372  RasSstp - ok

19:31:02.0064 4372  rdbss - ok

19:31:02.0069 4372  rdpbus - ok

19:31:02.0071 4372  RDPDR - ok

19:31:02.0077 4372  RdpVideoMiniport - ok

19:31:02.0079 4372  RDPWD - ok

19:31:02.0082 4372  rdyboost - ok

19:31:02.0085 4372  RemoteAccess - ok

19:31:02.0088 4372  RemoteRegistry - ok

19:31:02.0091 4372  RpcEptMapper - ok

19:31:02.0093 4372  RpcLocator - ok

19:31:02.0096 4372  RpcSs - ok

19:31:02.0099 4372  rspndr - ok

19:31:02.0119 4372  RTL8192su - ok

19:31:02.0122 4372  s3cap - ok

19:31:02.0124 4372  SamSs - ok

19:31:02.0127 4372  sbp2port - ok

19:31:02.0129 4372  SBRE - ok

19:31:02.0133 4372  SCardSvr - ok

19:31:02.0135 4372  scfilter - ok

19:31:02.0138 4372  Schedule - ok

19:31:02.0141 4372  SCPolicySvc - ok

19:31:02.0143 4372  sdbus - ok

19:31:02.0146 4372  SDRSVC - ok

19:31:02.0149 4372  sdstor - ok

19:31:02.0152 4372  secdrv - ok

19:31:02.0155 4372  seclogon - ok

19:31:02.0157 4372  SENS - ok

19:31:02.0159 4372  SensorsSimulatorDriver - ok

19:31:02.0164 4372  SensrSvc - ok

19:31:02.0167 4372  SerCx - ok

19:31:02.0169 4372  Serenum - ok

19:31:02.0172 4372  Serial - ok

19:31:02.0174 4372  sermouse - ok

19:31:02.0182 4372  SessionEnv - ok

19:31:02.0184 4372  sfloppy - ok

19:31:02.0187 4372  SharedAccess - ok

19:31:02.0189 4372  ShellHWDetection - ok

19:31:02.0192 4372  simptcp - ok

19:31:02.0195 4372  SiSRaid2 - ok

19:31:02.0197 4372  SiSRaid4 - ok

19:31:02.0203 4372  SNMP - ok

19:31:02.0206 4372  SNMPTRAP - ok

19:31:02.0208 4372  spaceport - ok

19:31:02.0211 4372  SpbCx - ok

19:31:02.0214 4372  Spooler - ok

19:31:02.0217 4372  sppsvc - ok

19:31:02.0239 4372  SQLWriter - ok

19:31:02.0242 4372  srv - ok

19:31:02.0245 4372  srv2 - ok

19:31:02.0248 4372  srvnet - ok

19:31:02.0251 4372  SSDPSRV - ok

19:31:02.0253 4372  SstpSvc - ok

19:31:02.0256 4372  Stereo Service - ok

19:31:02.0259 4372  stexstor - ok

19:31:02.0262 4372  stisvc - ok

19:31:02.0265 4372  storahci - ok

19:31:02.0269 4372  storflt - ok

19:31:02.0272 4372  StorSvc - ok

19:31:02.0274 4372  storvsc - ok

19:31:02.0277 4372  storvsp - ok

19:31:02.0280 4372  svsvc - ok

19:31:02.0283 4372  swenum - ok

19:31:02.0286 4372  swprv - ok

19:31:02.0289 4372  Synth3dVsc - ok

19:31:02.0292 4372  SysMain - ok

19:31:02.0295 4372  SystemEventsBroker - ok

19:31:02.0297 4372  TabletInputService - ok

19:31:02.0300 4372  TapiSrv - ok

19:31:02.0303 4372  Tcpip - ok

19:31:02.0306 4372  TCPIP6 - ok

19:31:02.0310 4372  tcpipreg - ok

19:31:02.0314 4372  tdx - ok

19:31:02.0317 4372  Te.Service - ok

19:31:02.0320 4372  terminpt - ok

19:31:02.0322 4372  TermService - ok

19:31:02.0325 4372  Themes - ok

19:31:02.0328 4372  THREADORDER - ok

19:31:02.0330 4372  TimeBroker - ok

19:31:02.0334 4372  TlntSvr - ok

19:31:02.0336 4372  TPM - ok

19:31:02.0339 4372  TrkWks - ok

19:31:02.0342 4372  TrustedInstaller - ok

19:31:02.0345 4372  TsUsbFlt - ok

19:31:02.0348 4372  TsUsbGD - ok

19:31:02.0351 4372  tsusbhub - ok

19:31:02.0354 4372  tunnel - ok

19:31:02.0357 4372  uagp35 - ok

19:31:02.0359 4372  UASPStor - ok

19:31:02.0362 4372  UCX01000 - ok

19:31:02.0365 4372  udfs - ok

19:31:02.0370 4372  UI0Detect - ok

19:31:02.0373 4372  uliagpkx - ok

19:31:02.0376 4372  umbus - ok

19:31:02.0379 4372  UmPass - ok

19:31:02.0382 4372  UmRdpService - ok

19:31:02.0385 4372  upnphost - ok

19:31:02.0388 4372  usbaudio - ok

19:31:02.0390 4372  usbccgp - ok

19:31:02.0393 4372  usbcir - ok

19:31:02.0396 4372  usbehci - ok

19:31:02.0399 4372  usbhub - ok

19:31:02.0402 4372  USBHUB3 - ok

19:31:02.0404 4372  usbohci - ok

19:31:02.0407 4372  usbprint - ok

19:31:02.0411 4372  usbscan - ok

19:31:02.0413 4372  USBSTOR - ok

19:31:02.0417 4372  usbuhci - ok

19:31:02.0419 4372  usbvideo - ok

19:31:02.0422 4372  USBXHCI - ok

19:31:02.0425 4372  VaultSvc - ok

19:31:02.0429 4372  vdrvroot - ok

19:31:02.0434 4372  vds - ok

19:31:02.0437 4372  VerifierExt - ok

19:31:02.0440 4372  vhdmp - ok

19:31:02.0442 4372  vhdparser - ok

19:31:02.0445 4372  viaide - ok

19:31:02.0448 4372  Vid - ok

19:31:02.0451 4372  vmbus - ok

19:31:02.0453 4372  VMBusHID - ok

19:31:02.0455 4372  vmbusr - ok

19:31:02.0458 4372  vmicheartbeat - ok

19:31:02.0460 4372  vmickvpexchange - ok

19:31:02.0463 4372  vmicrdv - ok

19:31:02.0466 4372  vmicshutdown - ok

19:31:02.0469 4372  vmictimesync - ok

19:31:02.0471 4372  vmicvss - ok

19:31:02.0473 4372  vmms - ok

19:31:02.0476 4372  VMSMP - ok

19:31:02.0479 4372  VMSP - ok

19:31:02.0481 4372  VMSVSP - ok

19:31:02.0484 4372  volmgr - ok

19:31:02.0487 4372  volmgrx - ok

19:31:02.0490 4372  volsnap - ok

19:31:02.0493 4372  vpci - ok

19:31:02.0496 4372  vpcivsp - ok

19:31:02.0499 4372  vsmraid - ok

19:31:02.0502 4372  VSPerfDrv110 - ok

19:31:02.0504 4372  VSS - ok

19:31:02.0507 4372  VSTXRAID - ok

19:31:02.0510 4372  vwifibus - ok

19:31:02.0512 4372  vwififlt - ok

19:31:02.0515 4372  vwifimp - ok

19:31:02.0518 4372  W32Time - ok

19:31:02.0521 4372  W3SVC - ok

19:31:02.0524 4372  WacomPen - ok

19:31:02.0526 4372  Wanarp - ok

19:31:02.0529 4372  Wanarpv6 - ok

19:31:02.0531 4372  WAS - ok

19:31:02.0535 4372  wbengine - ok

19:31:02.0537 4372  WbioSrvc - ok

19:31:02.0540 4372  Wcmsvc - ok

19:31:02.0542 4372  wcncsvc - ok

19:31:02.0545 4372  WcsPlugInService - ok

19:31:02.0547 4372  Wd - ok

19:31:02.0550 4372  WdBoot - ok

19:31:02.0553 4372  Wdf01000 - ok

19:31:02.0556 4372  WdFilter - ok

19:31:02.0558 4372  WdiServiceHost - ok

19:31:02.0561 4372  WdiSystemHost - ok

19:31:02.0563 4372  WebClient - ok

19:31:02.0567 4372  Wecsvc - ok

19:31:02.0569 4372  wercplsupport - ok

19:31:02.0572 4372  WerSvc - ok

19:31:02.0574 4372  WFPLWFS - ok

19:31:02.0577 4372  WiaRpc - ok

19:31:02.0580 4372  WIMMount - ok

19:31:02.0583 4372  WinDefend - ok

19:31:02.0588 4372  WinHttpAutoProxySvc - ok

19:31:02.0591 4372  Winmgmt - ok

19:31:02.0594 4372  WinRM - ok

19:31:02.0600 4372  WlanSvc - ok

19:31:02.0603 4372  wlidsvc - ok

19:31:02.0605 4372  WLMS - ok

19:31:02.0608 4372  WmiAcpi - ok

19:31:02.0612 4372  wmiApSrv - ok

19:31:02.0615 4372  WMPNetworkSvc - ok

19:31:02.0619 4372  wpcfltr - ok

19:31:02.0622 4372  WPCSvc - ok

19:31:02.0626 4372  WPDBusEnum - ok

19:31:02.0630 4372  WpdUpFltr - ok

19:31:02.0635 4372  ws2ifsl - ok

19:31:02.0638 4372  wscsvc - ok

19:31:02.0640 4372  WSearch - ok

19:31:02.0644 4372  WSService - ok

19:31:02.0647 4372  wuauserv - ok

19:31:02.0650 4372  WudfPf - ok

19:31:02.0653 4372  WUDFRd - ok

19:31:02.0655 4372  wudfsvc - ok

19:31:02.0658 4372  WUDFWpdFs - ok

19:31:02.0661 4372  WwanSvc - ok

19:31:02.0670 4372  ================ Scan global ===============================

19:31:02.0671 4372  [Global] - ok

19:31:02.0672 4372  ================ Scan MBR ==================================

19:31:02.0697 4372  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

19:31:02.0894 4372  \Device\Harddisk0\DR0 - ok

19:31:02.0897 4372  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

19:31:04.0434 4372  \Device\Harddisk1\DR1 - ok

19:31:04.0434 4372  ================ Scan VBR ==================================

19:31:04.0437 4372  [ 51FCBA3A53E90925FC10392910F475A2 ] \Device\Harddisk1\DR1\Partition1

19:31:04.0438 4372  \Device\Harddisk1\DR1\Partition1 - ok

19:31:04.0438 4372  ============================================================

19:31:04.0438 4372  Scan finished

19:31:04.0438 4372  ============================================================

19:31:04.0446 3400  Detected object count: 0

19:31:04.0446 3400  Actual detected object count: 0



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 AM

Posted 14 March 2013 - 10:28 AM

After the MBR check was their an option /chice to click a FIX or FIXMBR button/


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 14 March 2013 - 10:39 AM

i think so yes

 

 

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Superman 1 (administrator) on 13-03-2013 at 17:54:31
Running from "C:\Users\Superman 1\Desktop\MiniToolBox"
Windows 8 Enterprise Evaluation  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
D-Link DWA-130 Wireless N USB Adapter = Wi-Fi (Connected)
Intel® 82579V Gigabit Network Connection = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Evolution-8
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : CC-B2-55-BD-6A-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : D-Link DWA-130 Wireless N USB Adapter
   Physical Address. . . . . . . . . : CC-B2-55-BD-6A-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5ca9:a8bc:9681:32d3%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 13, 2013 10:14:15 AM
   Lease Expires . . . . . . . . . . : Thursday, March 14, 2013 4:44:57 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 332182101
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-CD-9E-B0-F8-0F-41-50-B1-34
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
   Physical Address. . . . . . . . . : F8-0F-41-50-B1-34
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{114ABAE2-11C7-4752-B081-8FF8897E12E5}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:423:10ec:9d60:ac82(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::423:10ec:9d60:ac82%15(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2001:4860:4007:801::1004
 74.125.224.196
 74.125.224.197
 74.125.224.198
 74.125.224.199
 74.125.224.200
 74.125.224.201
 74.125.224.206
 74.125.224.192
 74.125.224.193
 74.125.224.194
 74.125.224.195
 
 
Pinging google.com [74.125.224.195] with 32 bytes of data:
Reply from 74.125.224.195: bytes=32 time=6ms TTL=54
Reply from 74.125.224.195: bytes=32 time=94ms TTL=54
 
Ping statistics for 74.125.224.195:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 94ms, Average = 50ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=302ms TTL=48
Reply from 98.139.183.24: bytes=32 time=413ms TTL=48
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 302ms, Maximum = 413ms, Average = 357ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...cc b2 55 bd 6a 9d ......Microsoft Hosted Network Virtual Adapter
 13...cc b2 55 bd 6a 9d ......D-Link DWA-130 Wireless N USB Adapter
 12...f8 0f 41 50 b1 34 ......Intel® 82579V Gigabit Network Connection
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 15    306 2001::/32                On-link
 15    306 2001:0:9d38:6ab8:423:10ec:9d60:ac82/128
                                    On-link
 13    281 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::423:10ec:9d60:ac82/128
                                    On-link
 13    281 fe80::5ca9:a8bc:9681:32d3/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/13/2013 11:54:30 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 10.0.9200.16519 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 11d0
 
Start Time: 01ce201c1a9850e2
 
Termination Time: 10
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 6d58cf39-8c0f-11e2-be76-f80f4150b134
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (03/13/2013 06:58:08 AM) (Source: Microsoft Office 15) (User: )
Description: Application: outlook.exe; IdentityType: LiveId; HasToken: 0; AutoOrgId: 0; Roaming: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x803d0013; CorrelationId: {36295853-6841-4EF7-BA62-74067773CFE6}; OlsErrorCode: 0x9; AllProductReleaseIds (from store):
 
Error: (03/13/2013 06:58:08 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {36295853-6841-4EF7-BA62-74067773CFE6}
 
Error: (03/13/2013 05:40:33 AM) (Source: Splunkweb) (User: )
Description: File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\win32\win32serviceutil.py", line 785, in SvcRun
    self.SvcDoRun()
  File "C:\Program Files\Splunk\bin\SplunkWebService.py", line 40, in SvcDoRun
    root.run(blocking=False)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\root.py", line 539, in run
    i18n.init_js_cache(flush_files=True)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\lib\i18n.py", line 741, in init_js_cache
    os.unlink(os.path.join(CACHE_PATH, fn))<type 'exceptions.WindowsError'>(32, 'The process cannot access the file because it is being used by another process', 'C:\\Program Files\\Splunk\\var\\run\\splunk\\appserver\\i18n\\version')
 
Error: (03/13/2013 03:41:51 AM) (Source: Splunkweb) (User: )
Description: File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\win32\win32serviceutil.py", line 785, in SvcRun
    self.SvcDoRun()
  File "C:\Program Files\Splunk\bin\SplunkWebService.py", line 40, in SvcDoRun
    root.run(blocking=False)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\root.py", line 539, in run
    i18n.init_js_cache(flush_files=True)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\lib\i18n.py", line 741, in init_js_cache
    os.unlink(os.path.join(CACHE_PATH, fn))<type 'exceptions.WindowsError'>(32, 'The process cannot access the file because it is being used by another process', 'C:\\Program Files\\Splunk\\var\\run\\splunk\\appserver\\i18n\\version')
 
Error: (03/12/2013 11:18:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
 
Error: (03/12/2013 08:13:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/12/2013 07:46:22 AM) (Source: Application Error) (User: )
Description: Faulting application name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Faulting module name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Exception code: 0xc0000005
Fault offset: 0x0000f379
Faulting process id: 0x119c
Faulting application start time: 0xhppiw.exe0
Faulting application path: hppiw.exe1
Faulting module path: hppiw.exe2
Report Id: hppiw.exe3
Faulting package full name: hppiw.exe4
Faulting package-relative application ID: hppiw.exe5
 
Error: (03/12/2013 07:30:13 AM) (Source: Application Error) (User: )
Description: Faulting application name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Faulting module name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Exception code: 0xc0000005
Fault offset: 0x0000f379
Faulting process id: 0xa28
Faulting application start time: 0xhppiw.exe0
Faulting application path: hppiw.exe1
Faulting module path: hppiw.exe2
Report Id: hppiw.exe3
Faulting package full name: hppiw.exe4
Faulting package-relative application ID: hppiw.exe5
 
Error: (03/12/2013 07:29:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Faulting module name: hppiw.exe, version: 3.0.0.61, time stamp: 0x51246127
Exception code: 0xc0000005
Fault offset: 0x0000f379
Faulting process id: 0xb70
Faulting application start time: 0xhppiw.exe0
Faulting application path: hppiw.exe1
Faulting module path: hppiw.exe2
Report Id: hppiw.exe3
Faulting package full name: hppiw.exe4
Faulting package-relative application ID: hppiw.exe5
 
 
System errors:
=============
Error: (03/13/2013 04:48:00 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:48:00 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:45:01 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:45:01 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:45:01 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:45:01 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:44:09 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 04:44:09 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 02:40:20 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
Error: (03/13/2013 02:40:20 PM) (Source: IPRIP) (User: )
Description: IPRIP was unable to add a route to the system route table.
The data is the error code.
 
 
Microsoft Office Sessions:
=========================
Error: (03/13/2013 11:54:30 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.1651911d001ce201c1a9850e210C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE6d58cf39-8c0f-11e2-be76-f80f4150b134
 
Error: (03/13/2013 06:58:08 AM) (Source: Microsoft Office 15)(User: )
Description: Application: outlook.exe; IdentityType: LiveId; HasToken: 0; AutoOrgId: 0; Roaming: 0; LvuxSqm: 0; SppReady: 1; CurrentHr: 0x803d0013; CorrelationId: {36295853-6841-4EF7-BA62-74067773CFE6}; OlsErrorCode: 0x9; AllProductReleaseIds (from store):
 
Error: (03/13/2013 06:58:08 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x9; CorrelationId: {36295853-6841-4EF7-BA62-74067773CFE6}
 
Error: (03/13/2013 05:40:33 AM) (Source: Splunkweb)(User: )
Description: File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\win32\win32serviceutil.py", line 785, in SvcRun
    self.SvcDoRun()
  File "C:\Program Files\Splunk\bin\SplunkWebService.py", line 40, in SvcDoRun
    root.run(blocking=False)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\root.py", line 539, in run
    i18n.init_js_cache(flush_files=True)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\lib\i18n.py", line 741, in init_js_cache
    os.unlink(os.path.join(CACHE_PATH, fn))<type 'exceptions.WindowsError'>(32, 'The process cannot access the file because it is being used by another process', 'C:\\Program Files\\Splunk\\var\\run\\splunk\\appserver\\i18n\\version')
 
Error: (03/13/2013 03:41:51 AM) (Source: Splunkweb)(User: )
Description: File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\win32\win32serviceutil.py", line 785, in SvcRun
    self.SvcDoRun()
  File "C:\Program Files\Splunk\bin\SplunkWebService.py", line 40, in SvcDoRun
    root.run(blocking=False)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\root.py", line 539, in run
    i18n.init_js_cache(flush_files=True)
  File "C:\Program Files\Splunk\Python-2.7\Lib\site-packages\splunk\appserver\mrsparkle\lib\i18n.py", line 741, in init_js_cache
    os.unlink(os.path.join(CACHE_PATH, fn))<type 'exceptions.WindowsError'>(32, 'The process cannot access the file because it is being used by another process', 'C:\\Program Files\\Splunk\\var\\run\\splunk\\appserver\\i18n\\version')
 
Error: (03/12/2013 11:18:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestF:\Download\Software applications\program applications\software\esetsmartinstaller_enu.exe
 
Error: (03/12/2013 08:13:08 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.91_none_d6c3f1519bae0514\MFC80U.DLL
 
Error: (03/12/2013 07:46:22 AM) (Source: Application Error)(User: )
Description: hppiw.exe3.0.0.6151246127hppiw.exe3.0.0.6151246127c00000050000f379119c01ce1f30558cfce4C:\Users\Superman 1\AppData\Local\Temp\7zS1863\hppiw.exeC:\Users\Superman 1\AppData\Local\Temp\7zS1863\hppiw.exe9b1680e1-8b23-11e2-be69-f80f4150b134
 
Error: (03/12/2013 07:30:13 AM) (Source: Application Error)(User: )
Description: hppiw.exe3.0.0.6151246127hppiw.exe3.0.0.6151246127c00000050000f379a2801ce1f2e1163f4e4C:\Users\Superman 1\AppData\Local\Temp\7zS0BFA\hppiw.exeC:\Users\Superman 1\AppData\Local\Temp\7zS0BFA\hppiw.exe59466673-8b21-11e2-be69-f80f4150b134
 
Error: (03/12/2013 07:29:02 AM) (Source: Application Error)(User: )
Description: hppiw.exe3.0.0.6151246127hppiw.exe3.0.0.6151246127c00000050000f379b7001ce1f2de84c73ffC:\Users\Superman 1\AppData\Local\Temp\7zS0B15\hppiw.exeC:\Users\Superman 1\AppData\Local\Temp\7zS0B15\hppiw.exe2eef7583-8b21-11e2-be69-f80f4150b134
 
 
=========================== Installed Programs ============================
 
 Tools for .Net 3.5 (Version: 3.11.50727)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Acrobat XI Pro (Version: 11.0.00)
Adobe AIR (Version: 3.6.0.6090)
Adobe Download Assistant (Version: 1.2.5)
AIO_Scan (Version: 130.0.365.000)
Altova MissionKit® 2013 sp1 (x64) Enterprise Edition (Version: 2013.00.01)
Blend for Visual Studio 2012 (Version: 5.0.30709.0)
Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0)
BufferChm (Version: 140.0.298.000)
C4200 (Version: 140.0.425.000)
c4200_Help (Version: 82.0.210.000)
Copy (Version: 140.0.298.000)
Definition update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Destinations (Version: 140.0.253.000)
DeviceDiscovery (Version: 140.0.298.000)
DocProc (Version: 140.0.185.000)
Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298)
Entity Framework Designer for Visual Studio 2012 - enu (Version: 11.1.20702.00)
Google Chrome (Version: 25.0.1364.172)
Google Update Helper (Version: 1.3.21.135)
GPBaseService2 (Version: 140.0.297.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.11352)
HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.298.000)
HPSSupply (Version: 140.0.297.000)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intel® Network Connections Drivers (Version: 17.2)
Intel® Processor Graphics (Version: 9.17.10.2932)
LocalESPC (Version: 8.59.25584)
LocalESPCui for en-us (Version: 8.59.25584)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (Version: 2.0.20710.0)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft LightSwitch for Visual Studio 2012 Core (Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (Version: 11.0.50727)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft NuGet - Visual Studio 2012 (Version: 2.0.30625.9003)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (Version: 11.0.50709.17929)
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017)
Microsoft Report Viewer Add-On for Visual Studio 2012 (Version: 11.1.2802.16)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight 4 SDK (Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK (Version: 5.0.61118.0)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2012 Devenv (Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1)
Microsoft Visual Studio Premium 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - enu (Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 (Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0529)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017)
PASSWORDfighter (Version: 1.1.8)
PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1)
Prerequisites for SSDT  (Version: 11.0.2100.60)
PS_AIO_Software_min (Version: 140.0.425.000)
Scan (Version: 140.0.253.000)
Shop for HP Supplies (Version: 14.0)
Snagit 11 (Version: 11.1.0)
SolutionCenter (Version: 140.0.299.000)
Status (Version: 140.0.342.000)
Toolbox (Version: 140.0.596.000)
TrayApp (Version: 140.0.297.000)
Update for  (KB2504637) (Version: 1)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2760512) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2760556) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2727105) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760311) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2727079) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2768356) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2752090) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2767856) 64-Bit Edition
Update for Microsoft Visual Studio 2012 (KB2781514) (Version: 11.0.51219)
Update for Microsoft Word 2013 (KB2760244) 64-Bit Edition
Update for Microsoft Word 2013 (KB2767854) 64-Bit Edition
VideoPerformer
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (Version: 1.0.8514.0)
WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (Version: 4.1.61829.0)
WebReg (Version: 140.0.297.017)
WhoCrashed 4.01
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (Version: 8.59.25584)
Windows Runtime Intellisense Content - en-us (Version: 8.59.25584)
Windows Software Development Kit (Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 17%
Total physical RAM: 16261.2 MB
Available physical RAM: 13435.11 MB
Total Pagefile: 50565.2 MB
Available Pagefile: 47304.94 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.22 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Enterprise 8) (Fixed) (Total:181.51 GB) (Free:86.51 GB) NTFS
2 Drive e: (LBCC/HSA School) (Fixed) (Total:250 GB) (Free:179.19 GB) NTFS
3 Drive f: (Superman Home) (Fixed) (Total:250 GB) (Free:209.91 GB) NTFS
6 Drive j: (Lexar) (Removable) (Total:7.32 GB) (Free:5.95 GB) FAT32
7 Drive w: (CIA/DHSA Work) (Fixed) (Total:250 GB) (Free:184.86 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\EVOLUTION-8
 
Administrator            Guest                    Superman 1               
 
 
**** End of log ****


#8 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 14 March 2013 - 10:42 AM

ok just ran it and it says FixMBR  fix is not an option 



#9 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 14 March 2013 - 10:46 AM

This happens a lot as well don't know if its the problem, part of the problem, are something all together different.

 my .dll just leak away 

 

Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. 

 

 DETAIL -

 49 user registry handles leaked from \Registry\User\S-1-5-21-2810427346-4053687199-1466736813-1001:

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\TrustedPeople

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\TrustedPeople

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\TrustedPeople

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\trust

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\trust

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\trust

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\SmartCardRoot

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\SmartCardRoot

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\SmartCardRoot

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Root

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Root

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Root

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\CA

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\CA

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\CA

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\CA

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Disallowed

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Disallowed

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Disallowed

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\Disallowed

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\MY

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\SystemCertificates\MY

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 132 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 856 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates

Process 580 (\Device\HarddiskVolume4\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2810427346-4053687199-1466736813-1001\Software\Policies\Microsoft\SystemCertificates



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 AM

Posted 14 March 2013 - 10:50 AM

Ok then we will need to make a new post and get a deeper look to fix this with specialized tools.

 

New topic title..Windows 7 MBR code

 

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.


Include this link back to here...

http://www.bleepingcomputer.com/forums/t/488435/windows-7-mbr-code-detected-sha1-4379a3d43019b46fa357f7dd6a53b45a3ca8fb79/#entry3002844


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 welch.david.cia.gov

welch.david.cia.gov
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 14 March 2013 - 11:00 AM

ok it will be this afternoon sometime, but I will get that done. I do thank you for all the help.

 

 

David



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:36 AM

Posted 14 March 2013 - 11:17 AM

You're welcome


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users