Jump to content

System Volume Inaccessible/Encrypted

akcmd
 Share

Recommended Posts

akcmd

akcmd

Posted
Posted

Good evening.

After completeing a clean install of windows 7 home (sony vaio vgn-fz298ce) I tried to run malwarebytes anti-malware and anti-rootkit programs --- the malwarebytes log came back clean but as I attempted to run the antiroot kit program a popup say "the system volume seems inaccessible or encrypted. can not continue scan."

Any help would be much appreciated

Attach log:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 5/30/2013 1:40:21 AM

System Uptime: 5/30/2013 2:03:28 AM (0 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core2 Duo CPU T5450 @ 1.66GHz | N/A | 1667/167mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 147 GiB total, 137.616 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: Mass Storage Controller

Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&2BE9D7EB&0&1AF0

Manufacturer:

Name: Mass Storage Controller

PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_9005104D&REV_00\4&2BE9D7EB&0&1AF0

Service:

.

==== System Restore Points ===================

.

RP3: 5/30/2013 1:40:37 AM - Windows Update

RP4: 5/30/2013 1:45:05 AM - Windows Update

.

==== Installed Programs ======================

.

Intel® Graphics Media Accelerator Driver

Intel® TV Wizard

Malwarebytes Anti-Malware version 1.75.0.1300

.

==== Event Viewer Messages From Past Week ========

.

5/30/2013 1:42:15 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.

.

==== End Of File ===========================

DDS log:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.7601.17514

Run by Amber at 2:08:24 on 2013-05-30

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2038.1033 [GMT -4:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\System32\svchost.exe -k secsvcs

.

============== Pseudo HJT Report ===============

.

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{BB69C729-36A0-488B-AC2D-D6EB3A94204F} : DHCPNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-30 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-5-30 701512]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-30 22856]

R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-8-3 9344]

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

.

=============== Created Last 30 ================

.

2013-05-30 13:29:44 -------- d-----w- c:\windows\Panther

2013-05-30 13:29:29 -------- d-sh--w- C:\Boot

2013-05-30 06:04:32 398336 ----a-w- c:\windows\system32\TVWizudlg.exe

2013-05-30 06:04:32 140288 ----a-w- c:\windows\system32\igfxtvcx.dll

2013-05-30 06:04:32 -------- d-----w- c:\windows\system32\Lang

2013-05-30 05:58:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-05-30 05:55:01 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f863ca03-f582-4b8f-9a58-b182f1ef880a}\mpengine.dll

2013-05-30 05:54:59 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-05-30 05:51:12 -------- d-----w- c:\users\amber\appdata\roaming\Malwarebytes

2013-05-30 05:51:06 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-30 05:51:06 -------- d-----w- c:\programdata\Malwarebytes

2013-05-30 05:51:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-30 05:50:53 -------- d-----w- c:\users\amber\appdata\local\Programs

2013-05-30 05:46:01 1002008 ----a-w- c:\windows\system32\igxpun.exe

2013-05-30 05:46:01 -------- d-----w- c:\windows\system32\x64

2013-05-30 05:45:04 826880 ----a-w- c:\windows\system32\rdpcore.dll

2013-05-30 05:45:04 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2013-05-30 05:45:04 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2013-05-30 05:41:25 2422272 ----a-w- c:\windows\system32\wucltux.dll

2013-05-30 05:41:14 88576 ----a-w- c:\windows\system32\wudriver.dll

2013-05-30 05:41:00 33792 ----a-w- c:\windows\system32\wuapp.exe

2013-05-30 05:41:00 171904 ----a-w- c:\windows\system32\wuwebv.dll

.

==================== Find3M ====================

.

.

============= FINISH: 2:08:48.64 ===============

Thank you!

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

Please do the following.

Step 1.

Download TDSSKiller from Kaspersky

http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Step 2.

Execute TDSSKiller.exe by double clicking on it if you're on XP.

If you're on Vista or Windows 7 please right click and choose "Run as Administrator"

Press Start Scan

If Malicious objects are found, please select SKIP for any infection found for now and simply send me back the log.

Once complete, a log will be produced at the root drive which is typically C:\

For example, C:\TDSSKiller.2.5.17.0_date_time_log.txt

Send that log back to me on your next reply please.

Thank you

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept