Jump to content

emanuelenasta

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I'm only paranoic, I fear that it can return lol
  2. Hi, I low level formatted ALL disks and the usb with iso, I flash another usb with rufis, and now seems legit the os... I run the sfc scannow this is a part of the log: 00000219 Warning: Overlap: Directory \??\C:\Program Files (x86)\ is owned twice or has its security set twice Original owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} 2021-04-14 22:36:10, Info CSI 0000021a Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\ is owned twice or has its security set twice Original owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} 2021-04-14 22:36:10, Info CSI 0000021b Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ is owned twice or has its security set twice Original owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} 2021-04-14 22:36:10, Info CSI 0000021c Warning: Overlap: Directory \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ is owned twice or has its security set twice Original owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-shell32, version 10.0.19041.906, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} CSI 000001e0 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\drivers\en-US\ is owned twice or has its security set twice Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35} 2021-04-14 22:36:01, Info CSI 000001e1 Warning: Overlap: Directory \??\C:\WINDOWS\SysWOW64\wbem\en-US\ is owned twice or has its security set twice Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35} 2021-04-14 22:36:01, Info CSI 000001e2 Warning: Overlap: Directory \??\C:\WINDOWS\help\mui\0409\ is owned twice or has its security set twice Original owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-Foundation-Default-Security.Resources, version 10.0.19041.1, arch Host= amd64 Guest= x86, culture [l:5]'en-US', nonSxS, pkt {l:8 b:31bf3856ad364e35}
  3. I insert os disk, Malwarebyte on this os recognizes anything.
  4. First at all, thanks for your time. This is the scan. Addition.txt FRST.txt
  5. I had reinstalled w10, I'm sending you the new farbar scan and the diskpart
  6. This is after low level formatting hard drive (ssd and hdd and usb flash)
  7. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2021 Ran by SYSTEM on MININT-PEQD04 (14-04-2021 17:43:25) Running from X:\Users\Default\Downloads Platform: WIN_10 (X64) Language: English (United States) Boot Mode: Recovery ATTENTION: Could not load system hive. ATTENTION: System hive is missing. ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ATTENTION: Software hive is missing. ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (All) ========= (If an entry is included in the fixlist, the file/folder will be moved.) ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) ==================== KnownDLLs (Whitelisted) ========================= ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION C:\Windows\explorer.exe IS MISSING <==== ATTENTION C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION C:\Windows\System32\services.exe IS MISSING <==== ATTENTION C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION C:\Windows\System32\dnsapi.dll IS MISSING <==== ATTENTION C:\Windows\SysWOW64\dnsapi.dll IS MISSING <==== ATTENTION C:\Windows\System32\dllhost.exe IS MISSING <==== ATTENTION C:\Windows\SysWOW64\dllhost.exe IS MISSING <==== ATTENTION C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} IS MISSING <==== ATTENTION C:\Windows\System32\InputHost.dll IS MISSING <==== ATTENTION C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 10% Total physical RAM: 32681.12 MB Available physical RAM: 29290.74 MB Total Virtual: 32681.12 MB Available Virtual: 29274.13 MB ==================== Drives ================================ Drive d: () (Removable) (Total:0 GB) (Free:0 GB) Drive x: (Boot) (Fixed) (Total:0.32 GB) (Free:0.32 GB) NTFS Drive y: (HBCD_PE_x64) (Removable) (Total:57.62 GB) (Free:56.19 GB) NTFS ==================== MBR & Partition Table ==================== Could not read MBR for disk 0. Could not read MBR for disk 1. ========================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 57.6 GB) (Disk ID: 04BCA205) Partition 1: (Active) - (Size=57.6 GB) - (Type=07 NTFS) Could not read MBR for disk 5. ==================== End of FRST.txt ========================
  8. I have a 2 week ago full backup made with aomei, is a desktop assembled, ssd, yes
  9. Hi, I got a strange virus ... when I connect to Internet, I got a black screen and I can do nothing. I reflash windows 10, I format all disk normally and with Aomei partition Assistant, I rebuild the MBR, I do the sfc /safescan and I got many errors, I do the cleanup image, the bootfix I can't do (Permission Denied, I tried many ways but nothing), what can I do? (I flash the w10 from usb burned by rufus, I used also Huion w10 pe). Malwerebytes doesn't recognize it, but some many times the screen became black and I must reflash the os. Thanks you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.