Sfc /scannow failed at 99%. Log details included. Kindly help. Thanks!

Page 3 of 6 FirstFirst 12345 ... LastLast

  1. Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       #21

    Good point on the slots as my Ivy is 2&4 as primary slots where one usually thinks 1&3.
    Personally I do this when tracking stuff down

    SLOTCLEANING

    Now as for the slots to clean them usea strip of old credit card about 1/2 inch wide nip the corners off one end - preferably round them offhold apiece of thin lint free cloth over the end dab on some form of alcohol - isopropyl alcohol (what we swab the skin with before an injection) is good and GENTLY swipe along the slots.

    This can also be done for the GPUslot/s and do not forget to clean the contacts on the cards / sticks either.
    It is an idea toclean the contacts on the sticks / cards while you are at it but be VERY gentlewhen doing this
    Attached Thumbnails Attached Thumbnails Sfc /scannow failed at 99%. Log details included. Kindly help. Thanks!-stick.png  
      My Computer


  2. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #22

    Your graphics are interesting - but mostly normal.
    The Windows Explorer window is normal
    It shows a rundll32.exe (Application, rather than Application Extension - i.e. an exe file rather than a dll file)
    The Taskmgr window is also fine - mine shows no rundll32 entry either


    Please download the Farbar Service Scanner from

    http://www.bleepingcomputer.com/download/farbar-service-scanner/

    Right-click on the saved file and select 'Run as Administrator', and tick all the options, then click on the Scan button - copy and paste the report to your response.

      My Computer


  3. Posts : 24
    Windows 7 OEM Home Premium 64bit (SP1)
    Thread Starter
       #23

    Code:
    Farbar Service Scanner Version: 21-07-2014
    Ran by Nicholas (administrator) on 12-09-2014 at 02:42:10
    Running from "C:\Users\Nicholas\Downloads"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
    Boot Mode: Normal
    ****************************************************************
    
    Internet Services:
    ============
    
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.
    
    
    Windows Firewall:
    =============
    
    Firewall Disabled Policy: 
    ==================
    
    
    System Restore:
    ============
    
    System Restore Disabled Policy: 
    ========================
    
    
    Action Center:
    ============
    
    
    Windows Update:
    ============
    
    Windows Autoupdate Disabled Policy: 
    ============================
    
    
    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend service is OK.
    The ServiceDll of WinDefend service is OK.
    
    
    Windows Defender Disabled Policy: 
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1
    
    
    Other Services:
    ==============
    
    
    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\dhcpcore.dll => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    
    
    **** End of log ****
    Hey NoelDP
    Here's the log from FARBAR.

    Its a relief to know that the rundll32 stuff is normal.

    Not sure if this helps, but sometimes when im using my com, the ELCB trips due to lightning storms and the whole com just shuts down

    About 2+ years back, i had to RMA 1 of the 2gb ram as it was faulty(memtest instantly detected) and was causing intermitten BSoD while i running the com.
    After the RMA and new ram slotted in, everything was back to normal.

    Wonder if it might cause the registry to be corrupted
    Last edited by Leftie; 11 Sep 2014 at 14:51.
      My Computer


  4. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #24

    FarBar looks normal to me.
    Certainly, it's a possibility that a RAM problem would lead to strange results later in the life of the OS - but I would have hoped that SFC and/or CheckSUR could have isolated them.
    Neither tool is infallible, though - and there's a good chance that your problem is a result of corruption from a long time ago.

    I'm thinking in terms of a repair install here, given that history. It would certainly be quicker than attempting to chase down specific errors.
      My Computer


  5. Posts : 24
    Windows 7 OEM Home Premium 64bit (SP1)
    Thread Starter
       #25

    Hi Noel
    I guess you are right on the repair install.

    Before i take the plunge on the repair install, im hoping to have 1 last shot

    Right now im just hoping its not a deep-rootkit infection and the corruption is caused by "improper" shutdown of the computer due to lightning storms and BSoD from a few yrs back

    1)Anyway i did some trawling through the processes. - I found out i ran SURT(KB947821) from my download folder(C:-->Users-->Downloads) instead of the desktop.
    (wondering if this will affect the outcome, so will dl and save on desktop and re-run SURT again.
    Should i run it in Safe or Normal mode? )

    2)Found some weird naming folders and will be submitting them to virustotal/jotti for verification.
    Eurekalog - (AppData-->Roaming)

    Would it be of any help to dl and run hijackthis from trendmicro?

    Thanks for sticking by.
    Cheers!
    Last edited by Leftie; 13 Sep 2014 at 04:52.
      My Computer


  6. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #26

    HJT doesn't really work any more - and is extremely misleading in a x64 installation as it doesn't understand the 64-bit file structure.
    You could try running TDSSKiller instead, which is far simpler.
    SURT doesn't care where it runs from - it creates folders for itself in the partition with the largest available space when running, then (hopefully) deletes them when complete.
    I've never seen any difference between running in Normal and Safe modes.
      My Computer


  7. Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       #27

    Well I reckon a quick run of these would do no harm and even if only to eliminate stuff these might pick up



    http://www.superantispyware.com/

    http://www.malwarebytes.org/products/malwarebytes_free/

    http://www.bleepingcomputer.com/download/adwcleaner/

    download from bleeping computer – delete any rubbishthese find.

    One other you can try is this one (I only ever use the Emergency and Command line scans)
    Emsisoft Free Emergency Kit: Portable malware scanner | Free removal of Viruses, Bots, Spyware, Keyloggers and Trojans
      My Computer


  8. Posts : 24
    Windows 7 OEM Home Premium 64bit (SP1)
    Thread Starter
       #28

    @NoelDP & ICit2lol,

    Thanks for the heads up on HJT on the 64x installation!! (1 less pgm to install in com)

    Will give TDSS, adwcleaner a run, thereafter followed by SURT again.
    I'll update and see how it goes from there.

    Once again, Thanks!
      My Computer


  9. Posts : 24
    Windows 7 OEM Home Premium 64bit (SP1)
    Thread Starter
       #29

    ADWCleaner

    Have found some stuffs but i didnt clean/quarantine them as i didnt want to mess about with the registry

    Seems like false positives? but not too sure about those with "search hook".
    Anyway, from the looks of it, im guessing nothing too serious right?
    My com/pgms is still working good, net surfing is fast; without any re-directs/popups.




    Im leaning to the side the corruption is not caused by malware but by "not shutting down properly"
    Have ran both TDSS and AdwCleaner in safe mode followed by SURT in (normal mode).
    Attached are the logs.
    Is the CBS readings any better than before?
      My Computer


  10. Posts : 21,482
    Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
       #30

    I need to have a look at your COMPONENTS registry hive

    Please copy the C:\Windows\System32\config\COMPONENTS file (no extension) to your desktop and then compress it - upload the compressed file to your favoured fileshare site (preferably Dropbox or OneDrive) and post a link.
      My Computer


 
Page 3 of 6 FirstFirst 12345 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:30.
Find Us