Author Topic: Where do I post log to ask for help in interpreting it?  (Read 4904 times)

0 Members and 1 Guest are viewing this topic.

September 16, 2016, 06:06:55 PM

Cavewoman

  • Newbie

  • Offline
  • *

  • 2
  • Reputation:
    0
    • View Profile
Where do I post log to ask for help in interpreting it?
« on: September 16, 2016, 06:06:55 PM »
Thanks... it isn't clear where I should post a log to ask for help in reading it and understanding iif I have a problem.  Modified - Well, I will post it here and see if anyone can help me... do I have to have a Premium membership to ask if my log is bad or false positive etc.?  Thanks.  Concerning to me is this: 


+++++ PhysicalDrive1: Generic USB Mass Storage USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

and these:  ¤¤¤ Registry : 5 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MFE_RR (\??\C:\Users\JANETN~1\AppData\Local\Temp\mfe_rr.sys) -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MFE_RR (\??\C:\Users\JANETN~1\AppData\Local\Temp\mfe_rr.sys) -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MFE_RR (\??\C:\Users\JANETN~1\AppData\Local\Temp\mfe_rr.sys) -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-48374935-302220466-2132095104-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowVideos : 0  -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-48374935-302220466-2132095104-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowVideos : 0  -> Found

Thanks for any help that can be given.  I'm able to troubleshoot PC problems but not adept at reading this kind of info. 

My PC is Windows 7 Home Premium, One Inspiron 2330. 
« Last Edit: September 16, 2016, 06:14:28 PM by Cavewoman »

Reply #1September 16, 2016, 08:01:41 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Where do I post log to ask for help in interpreting it?
« Reply #1 on: September 16, 2016, 08:01:41 PM »
Hi Cavewoman,

Welcome to Adlice.com Forum.
A better place for this thread is the "RogueKiller" section, I will move it there.

The MBR reading errors occuring with the USB Device are perfectly normal since they don't have one.
The [Suspicious.Path] and [PUM.StartMenu] detections are legit, as well as the [Hj.Shortcut] one.

For more information, please read RogueKiller Documentation.

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity

Reply #2September 16, 2016, 08:21:14 PM

Cavewoman

  • Newbie

  • Offline
  • *

  • 2
  • Reputation:
    0
    • View Profile
Re: Where do I post log to ask for help in interpreting it?
« Reply #2 on: September 16, 2016, 08:21:14 PM »
Hello Curson - thank you so much for the quick reply.  So you know, I did actually refer to the Official Document... but still wasn't 100% clear that the things found on the log were okay.

So it sounds like I don't need to remove anything then.

At this point I wonder if I'm having a hard drive about to fail or something... not having numerous scans show anything... but having all kinds of weird things happening that made me sure I had some kind of virus/rootkit/something.   (sudden severe last forever shutdown time, computer freezes/audio buzzing, but the most concerning one is that all of my Restore Points had disappeared... thought I got it fixed and created new restore points and had it scheduled... and then bam, the next day not only were they gone, the whole System Restore has been fully disabled, no matter what troubleshooting path I go down). 

Not sure where to go from here, but at least I can feel confident about the Roguekiller results!    Again - glad this forum was here to double check the results and do so appreciate the quick response!


Reply #3September 16, 2016, 09:19:20 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Where do I post log to ask for help in interpreting it?
« Reply #3 on: September 16, 2016, 09:19:20 PM »
Hi Cavewoman

Quote from: Cavewoman
Hello Curson - thank you so much for the quick reply.  So you know, I did actually refer to the Official Document... but still wasn't 100% clear that the things found on the log were okay.
So it sounds like I don't need to remove anything then.
You are very welcome.
Yes, you don't need to remove anything.

Quote from: Cavewoman
At this point I wonder if I'm having a hard drive about to fail or something... not having numerous scans show anything... but having all kinds of weird things happening that made me sure I had some kind of virus/rootkit/something.   (sudden severe last forever shutdown time, computer freezes/audio buzzing, but the most concerning one is that all of my Restore Points had disappeared... thought I got it fixed and created new restore points and had it scheduled... and then bam, the next day not only were they gone, the whole System Restore has been fully disabled, no matter what troubleshooting path I go down).
These behaviours can be caused by mutliple thinks but your system or FS seems damaged.

Quote from: DD
Not sure where to go from here, but at least I can feel confident about the Roguekiller results!    Again - glad this forum was here to double check the results and do so appreciate the quick response!
I can help you determine if your HDD is failing.

Please download smartmontools (x64) and save it on your desktop.
Launch the command prompt windows (cmd) with admin rights and copy/paste the following command :
Code: [Select]
chkdsk C: /V > "%USERPROFILE%\Desktop\FSCheck.log" && "%USERPROFILE%\Desktop\smartctl.exe" -al selftest /dev/hda > %USERPROFILE%\Desktop\HDDinfo.logDon't close the command prompt windows until the two files are generated !

Two new files named respectively HDDinfo.log and FSCheck.log should has been created on your desktop.
Please attach them with your next reply.

Regards.