WiredWX Hobby Weather ToolsLog in

 


firewall disabled on boot cant run security programmes

2 posters

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
Hi I ran the pc in safe mode i disable restart after failure I successfully managed to run aswMBR heres the log ,, also im not getting BSOD but i will download Blue screen view and attempt to post the log


aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-14 20:42:14
-----------------------------
20:42:14.404 OS Version: Windows x64 6.1.7601 Service Pack 1
20:42:14.404 Number of processors: 4 586 0x2A07
20:42:14.420 ComputerName: VERON-PC UserName: veron
20:42:15.761 Initialize success
20:42:24.092 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:42:24.092 Disk 0 Vendor: Hitachi_ MS2O Size: 953869MB BusType: 3
20:42:24.107 Disk 0 MBR read successfully
20:42:24.107 Disk 0 MBR scan
20:42:24.107 Disk 0 unknown MBR code
20:42:24.123 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:42:24.123 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 901543 MB offset 206848
20:42:24.154 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 1846566912
20:42:24.170 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 1951424512
20:42:24.232 Disk 0 scanning C:\Windows\system32\drivers
20:44:54.164 Service scanning
20:46:05.971 Modules scanning
20:46:05.971 Disk 0 trace - called modules:
20:46:05.986 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:46:05.986 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006ede060]
20:46:06.002 3 CLASSPNP.SYS[fffff88001fbd43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004aa3050]
20:46:06.002 Scan finished successfully
20:46:17.764 Disk 0 MBR has been saved successfully to "C:\Users\veron\Desktop\MBR.dat"
20:46:17.811 The log file has been saved successfully to "C:\Users\veron\Desktop\aswMBR.txt"


descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
==================================================
Dump File : 021413-25038-01.dmp
Crash Time : 14/02/2013 15:22:35
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000020
Parameter 2 : fffffa80`054f8160
Parameter 3 : fffffa80`054f8220
Parameter 4 : 00000000`040cd817
Caused By Driver : aswMBR.sys
Caused By Address : aswMBR.sys+759a
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75c40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\021413-25038-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 272,624
==================================================

==================================================
Dump File : 021413-44725-01.dmp
Crash Time : 14/02/2013 02:54:30
Bug Check String : SYSTEM_SERVICE_EXCEPTION
Bug Check Code : 0x0000003b
Parameter 1 : 00000000`c0000005
Parameter 2 : fffff800`02675b45
Parameter 3 : fffff880`04866b30
Parameter 4 : 00000000`00000000
Caused By Driver : fvevol.sys
Caused By Address : fvevol.sys+12bf
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75c40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\021413-44725-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 272,624
==================================================

==================================================
Dump File : 021413-46051-01.dmp
Crash Time : 14/02/2013 02:34:53
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000001
Parameter 4 : fffff880`0187e16e
Caused By Driver : iaStor.sys
Caused By Address : iaStor.sys+5116e
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75c40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\021413-46051-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 272,624
==================================================

==================================================
Dump File : 021413-44912-01.dmp
Crash Time : 14/02/2013 02:25:53
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 00000000`cfffffcf
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`018648de
Caused By Driver : iaStor.sys
Caused By Address : iaStor.sys+518de
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75c40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\021413-44912-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 270,416
==================================================

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
We need to fix the infection found with aswMBR now


  • Double click aswMBR.exe to run it like before
  • Once the scan finishes click Fix to remove the infection as illustrated below


firewall disabled on boot cant run security programmes - Page 2 AswMBR_Fix


  • Once the scan finishes click Save log to save the log to your Desktop

    firewall disabled on boot cant run security programmes - Page 2 AswMBR_SaveLog

  • Copy and paste the contents of aswMBR.txt back here for review

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
I can't run aswMBR the pc crashes in all modes back to BSOD I have the following error codes and messages.

DRIVER_IRQL_NOT_LESS_OR_EQUAL

***STOP: 0X000000D1 (0X0000000000000028, 10X0000000000002, 0X00000000000000, XFFFFF880018988DE)

*** iastor.sys - Address FFFFF880018988DE base at FFFFF88001847000 dat
4dd69c48

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
Ok. We'll have to try something drastic.

Download Farbar Recovery Scan Tool and save it to a flash drive.

Please make sure to download the 64-bit version.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

      Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt


  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst64 and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to the disclaimer.
  • Place a check next to List Drivers MD5 as well as the default check marks that are already there
  • Press Scan button.
  • type exit and reboot the computer normally
  • FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
Hi my flash drive isnt responding so I have burned the files to a writable cd can you advise me on the steps to take if there different from before.


thank you

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
veronica8910 wrote:
Hi my flash drive isnt responding so I have burned the files to a writable cd can you advise me on the steps to take if there different from before.
thank you

We'll have to get the USB working. Disconnect the power supply to the computer for about 30 secs. and see if the USB will work now.

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
thye usb is not found on my sons lap top. It makes the sound when i plug it into the laptop but it's not showing Sad tearing i's a toshiba satelite c660

Last edited by veronica8910 on 15th February 2013, 7:56 pm; edited 1 time in total

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
Ok. We'll have to run the Recovery Console to restore the computer back to it's original settings which means all your data will be lost. I can give you a Rescue Disk to allow you to boot the computer and save your important data. Please let me know if that's what you need to do?

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
I's ok I dont have any data it's still on my old pc. can you talk me through it please

thank you

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
These are the instructions for Vista but it should be the same for Windows 7.

Run the Vista Recovery Console.

1. Eject and remove any discs or memory cards from your computer.

2. Click the "Start" button on the desktop to open the Start menu, click the small arrow icon to the right of the lock icon and select "Restart".

3. Hold the "F8" key on your computer's keyboard as Windows Vista reboots.

4. Highlight and select "Repair your computer" choose your keyboard type and click "Next".

5. Choose your user name, type your password if prompted and click "OK" to access the System Recovery Options menu.

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
thanks the option I get after following your instruction are:

start up repair

system restore

system image recovery

windows memory diagnostics

comand prompt.


which do i choose?

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
veronica8910 wrote:
thanks the option I get after following your instruction are:

start up repair

system restore

system image recovery

windows memory diagnostics

comand prompt.


which do i choose?

First of all try "System Restore" and try to find a Restore point previous to when you started having problems. If that doesn't work, do "system image recovery".

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
I managed to get into the recovery console.. I was told that this would set pc back to the settings from the manufacturer.

I can now post my logs

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-16 07:57:48
-----------------------------
07:57:48.006 OS Version: Windows x64 6.1.7601 Service Pack 1
07:57:48.007 Number of processors: 4 586 0x2A07
07:57:48.007 ComputerName: VERON_PC-PC UserName: Veron_Pc
07:57:49.897 Initialize success
07:57:53.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
07:57:53.549 Disk 0 Vendor: Hitachi_ MS2O Size: 953869MB BusType: 3
07:57:53.596 Disk 0 MBR read successfully
07:57:53.600 Disk 0 MBR scan
07:57:53.602 Disk 0 unknown MBR code
07:57:53.618 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
07:57:53.632 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 901543 MB offset 206848
07:57:53.666 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 51200 MB offset 1846566912
07:57:53.680 Disk 0 Partition 4 00 12 Compaq diag NTFS 1024 MB offset 1951424512
07:57:53.722 Disk 0 scanning C:\Windows\system32\drivers
07:57:59.035 Service scanning
07:58:05.845 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
07:58:05.868 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
07:58:06.273 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
07:58:06.685 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
07:58:14.624 Modules scanning
07:58:14.631 Disk 0 trace - called modules:
07:58:14.652 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
07:58:14.658 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006fa6790]
07:58:14.664 3 CLASSPNP.SYS[fffff88001d2c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800481d050]
07:58:14.670 Scan finished successfully
07:58:30.306 Disk 0 MBR has been saved successfully to "C:\Users\Veron_Pc\Desktop\MBR.dat"
07:58:30.310 The log file has been saved successfully to "C:\Users\Veron_Pc\Desktop\aswMBR.txt"


RogueKiller V8.5.1 [Feb 12 2013] by Tigzy
mail : tigzyRKgmailcom
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Veron_Pc [Admin rights]
Mode : Remove -- Date : 02/16/2013 08:06:59
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721010DLE630 +++++
--- User ---
[MBR] fab6bcf000ca60587d54ca119c7f79e1
[BSP] e66e8c583444cb4229e19657c8230041 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 901543 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1846566912 | Size: 51200 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1951424512 | Size: 1024 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_02162013_02d0806.txt >>
RKreport[1]_S_02162013_02d0755.txt ; RKreport[2]_D_02162013_02d0806.txt


descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
I managed to get into the recovery console.. I was told that this would set pc back to the settings from the manufacturer.

That correct. Did you run the Recovery Console?

descriptionfirewall disabled on boot cant run security programmes - Page 2 EmptyRe: firewall disabled on boot cant run security programmes

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum