System Volume Information is not accessiblle

You’re most welcome We’re here for you (y)

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by asing on Wed 09/07/2016 at 9:27:46.74.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asing\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-09-07-004459.log 3041 bytes

==== System Restore Info ======================

9/7/2016 9:29:09 AM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================
[HEADING=1]Copyright (c) 1993-2006 Microsoft Corp.[/HEADING]
[HEADING=1]This is a sample HOSTS file used by Microsoft TCP/IP for Windows.[/HEADING]
[HEADING=1]This file contains the mappings of IP addresses to host names. Each[/HEADING]
[HEADING=1]entry should be kept on an individual line. The IP address should[/HEADING]
[HEADING=1]be placed in the first column followed by the corresponding host name.[/HEADING]
[HEADING=1]The IP address and the host name should be separated by at least one[/HEADING]
[HEADING=1]space.[/HEADING]
[HEADING=1]Additionally, comments (such as these) may be inserted on individual[/HEADING]
[HEADING=1]lines or following the machine name denoted by a ‘#’ symbol.[/HEADING]
[HEADING=1]For example:[/HEADING]
[HEADING=1]102.54.94.97 rhino.acme.com # source server[/HEADING]
[HEADING=1]38.25.63.10 x.acme.com # x client host[/HEADING]
127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

C:\Users\asing\AppData\Local\BTServer.log deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\asing\AppData\Roaming\Mozilla\Firefox\Pro files\bl985qzq.default-1452382459077
user_pref(“browser.startup.homepage”, " http://google.co.uk/ ");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensi ons]
“mozilla_cc2@internetdownloadmanager.com”=“C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi” [03/10/2016 03:21 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\asing\AppData\Roaming\Mozilla\Firefox\Pro files\bl985qzq.default-1452382459077

• United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org
• Grammarly for Firefox - %ProfilePath%\extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi
• Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

• Undetermined - %AppDir%\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\asing\AppData\Roaming\Mozilla\Firefox\Pro files\bl985qzq.default-1452382459077
E3B4EA121F7BDEB0F6366E2BA9608CB5 - C:\Users\asing\AppData\Local\Citrix\Plugins\104\np appdetector.dll - Citrix Online Web Deployment Plugin 1.0.0.104
62D98B286C805E193568037B70D936D2 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_ 209.dll - Shockwave Flash

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns
ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[02/11/2016 02:49 PM]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extension s
bbjllphbppobebmjpjcijfbakobcheof - No path found

Rapport - asing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbako bcheof
Honey - asing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbko oimhnj
TubeBuddy - asing\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponh nccicb
IDM Integration Module - asing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhm bhlaek
Chrome Media Router - asing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Start Page”=" MSN "
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes “DefaultScope”=“{F6C75714-1346-4E38-A9DA-04F14D9305B8}”
HKLM\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Search
HKLM\Wow6432Node\SearchScopes “DefaultScope”=“{F6C75714-1346-4E38-A9DA-04F14D9305B8}”
HKLM\Wow6432Node\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Search
HKLM\Wow6432Node\SearchScopes{F6C75714-1346-4E38-A9DA-04F14D9305B8} - {searchTerms} - Search
HKCU\SearchScopes “DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”
HKCU\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66} - Google Search
HKCU\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - {searchTerms} - Search

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asing\AppData\Local\Microsoft\Windows\INe tCache\Content.IE5 emptied successfully
C:\Users\asing\AppData\Local\Microsoft\Windows\INe tCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\asing\AppData\Local\Microsoft\Windows\INe tCache\IE emptied successfully
C:\Users\asing\AppData\Local\Microsoft\Windows\INe tCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\ Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\asing\AppData\Local\Mozilla\Firefox\Profi les\bl985qzq.default-1452382459077\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\asing\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=392 folders=50 223149722 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\asing\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:$RECYCLE.BIN successfully emptied

==== EOF on Wed 09/07/2016 at 9:45:02.37 ======================

Zemana AntiMalware 2.30.2.75 (Installed)

---

Scan Result : Completed
Scan Date : 2016/9/7
Operating System : Windows 10 64-bit
Processor : 8X Intel(R) Core™ i7-6700 CPU @ 3.40GHz
BIOS Mode : UEFI
CUID : 122D7E691206E3D059EE69
Scan Type : Deep Scan
Duration : 35m 55s
Scanned Objects : 288025
Detected Objects : 1
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
Firefox Global Setting
Status : Scanned
Object : %programfiles%\mozilla firefox\cck2.cfg
MD5 : 19AA76FE7494B72D3CDDDA682E196E2D
Publisher : -
Size : 4313
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Global Setting
File - %programfiles%\mozilla firefox\cck2.cfg
[HEADING=1]Cleaning Result[/HEADING]
Cleaned : 1
Reported as safe : 0
Failed : 0

RogueKiller V12.6.1.0 (x64) [Sep 6 2016] (Free) by Adlice Software
mail : Support Form | Contact • Adlice Software
Feedback : http://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : asing [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete – Date : 09/07/2016 10:33:01 (Duration : 00:15:00)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3799958336-243299179-1538509029-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : MSN → Replaced ( http://www.microsoft.com/isapi/redir...r=6&ar=msnhome )
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3799958336-243299179-1538509029-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : MSN → Replaced ( http://www.microsoft.com/isapi/redir...r=6&ar=msnhome )
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\Tcpip\Parameters\Interfaces{c70aa751-e228-4ee5-be0e-848e89a14d64} | DhcpNameServer : 172.18.13.1 () → Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\Tcpip\Parameters\Interfaces{c9d2afb8-3469-479d-b58e-f159b8947d53} | DhcpNameServer : 172.18.11.1 () → Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\T cpip\Parameters\Interfaces{c70aa751-e228-4ee5-be0e-848e89a14d64} | DhcpNameServer : 172.18.13.1 () → Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\T cpip\Parameters\Interfaces{c9d2afb8-3469-479d-b58e-f159b8947d53} | DhcpNameServer : 172.18.11.1 () → Replaced ()

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 – C:\Windows\TEMP\DeleteFolderTask.exe → ERROR [1]

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUP][CHROME:Addon] Default : Honey [bmnlcjabgnpnenekpadlanbbkooimhnj] → Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1ER162 +++++
— User —
[MBR] a4c3af2652880c64196a763911e6f758
[BSP] 7350a70fa97f6e5184204d5834c4d0d4 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 939515 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1925414912 | Size: 853 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1927161856 | Size: 12872 MB
User = LL1 … OK
User = LL2 … OK

+++++ PhysicalDrive1: USB Device +++++
— User —
[MBR] 70144bcb8a0c4bfab0d441f869aee9c2
[BSP] ec038f3ca5091360f60d743d6f1c7fdb : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 3120 | Size: 14878 MB
User = LL1 … OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic- Compact Flash +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SD/MMC +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- MS/MS-PRO +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Generic- xD-Picture +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

So now I’m having trouble signing into this site on my PC for some reason… I just need to download the frst file but cannot do that without signing into the site..

Ok, what is it that you mean? You were signed in to make that last post.

I made that post from my mobile…I cannot seem to sign in on the PC as everytime I enter the details the page just refreshes and I’m still not logged in..

I think that is an issue with this site, I had the same issue a couple weeks back. I had to follow a link through my email… Let me look into this…

You can download it as a guest from here: https://www.mediafire.com/?auepg43pp8hm9by

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Ok you should be good to login now Try again and let me know if you still experience issues logging in.

If you just put the site as pchelpforum.net and attempt to log it it will d that.

Try https://www.pchelpforum.net

Seems to work with out any issue (unless I misspell).

That worked like charm.. Thanks

I also fixed a backend issue on the server, so there should be no more issues logging in We await your logs and status on FRST Fix

That’s excellent, I have the fixlist.txt downloaded but the other file that I have FRST.txt and not FRST/FRST64.txt. Would this still work? or that just meant that you can have either FRST or FRST64?

You need FRST.exe for 32-bit OS and FRST64.exe for 64-bit.

Sent from my SM-G935T using Tapatalk