Jump to content

Bigglet

Honorary Members
  • Posts

    43
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Freshly installed so this topic is no longer in business. Can be closed.
  2. Everything turned off and issues still persist. Firefox still crashing randomly, NOD32 still not working properly (compiler errors when updating database) and you name it. I think I'll just have to re-install the PC completely, takes alot less stuff to put up with and it (should?) completely erase all traces of this anoying rootkit or whatever the hell it is. Thank you alot for your time and efforts. Unless you have another solution that can fix it -- I'll just give up on it. It's not like there are many important files on it, of course it sucks to have to remove it all, but oh well.
  3. ComboFix 14-03-19.01 - Bjorn 20-03-2014 12:26:17.2.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1033.18.3071.1311 [GMT 1:00] Gestart vanuit: c:\users\Bjorn\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Bjorn\Desktop\CFScript.txt SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2014-02-20 to 2014-03-20 )))))))))))))))))))))))))))))) . . 2014-03-20 11:33 . 2014-03-20 11:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-03-20 11:33 . 2014-03-20 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-03-19 21:06 . 2014-02-17 00:32 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{596E5A52-76CE-4B32-8499-A56E63D6A62C}\mpengine.dll 2014-03-16 20:08 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui 2014-03-16 20:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe 2014-03-16 20:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll 2014-03-16 20:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll 2014-03-16 20:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2014-03-16 20:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll 2014-03-16 20:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2014-03-16 20:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2014-03-16 18:58 . 2014-03-20 05:41 -------- d-----w- c:\windows\system32\catroot2 2014-03-16 18:49 . 2014-03-20 11:21 -------- d-----w- c:\windows\system32\wbem\repository 2014-03-16 18:02 . 2014-03-16 18:49 -------- d-----w- c:\windows\SysWow64\wbem\Performance 2014-03-16 17:49 . 2014-03-16 18:53 181064 ----a-w- c:\windows\PSEXESVC.EXE 2014-03-16 17:45 . 2014-03-16 17:45 -------- d-----w- C:\RegBackup 2014-03-16 16:37 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2014-03-16 16:35 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe 2014-03-16 16:35 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe 2014-03-16 15:39 . 2014-03-16 15:39 -------- d-----w- c:\windows\Migration 2014-03-14 18:52 . 2014-03-14 18:52 -------- d-----w- c:\windows\ERUNT 2014-03-14 18:44 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll 2014-03-14 18:44 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll 2014-03-14 18:44 . 2014-02-07 01:23 3156480 ----a-w- c:\windows\system32\win32k.sys 2014-03-14 18:44 . 2014-02-04 02:32 624128 ----a-w- c:\windows\system32\qedit.dll 2014-03-14 18:44 . 2014-02-04 02:04 509440 ----a-w- c:\windows\SysWow64\qedit.dll 2014-03-14 18:44 . 2014-03-16 19:45 -------- d-----w- C:\AdwCleaner 2014-03-08 20:36 . 2014-03-16 21:32 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2014-03-08 18:38 . 2014-03-15 00:38 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-03-08 16:45 . 2014-03-16 19:54 -------- d-----w- c:\users\Bjorn\AppData\Local\ElevatedDiagnostics . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-03-14 21:54 . 2012-12-10 19:54 90015360 ----a-w- c:\windows\system32\MRT.exe 2014-03-14 21:03 . 2012-12-07 23:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-14 21:03 . 2012-12-07 23:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-02-03 11:20 . 2012-12-07 04:38 270496 ----a-w- c:\windows\system32\MpSigStub.exe 2013-12-24 23:09 . 2014-02-15 08:49 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2013-12-24 22:48 . 2014-02-15 08:49 2565120 ----a-w- c:\windows\system32\d3d10warp.dll 2013-12-21 09:53 . 2014-02-15 08:53 548864 ----a-w- c:\windows\system32\vbscript.dll 2013-12-21 08:56 . 2014-02-15 08:53 454656 ----a-w- c:\windows\SysWow64\vbscript.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched . R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2014-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-07 21:03] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-08 1064224] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 192.168.1.1 FF - ProfilePath - c:\users\Bjorn\AppData\Roaming\Mozilla\Firefox\Profiles\o21j7cth.default\ FF - prefs.js: browser.startup.homepage - www.google.nl FF - ExtSQL: !HIDDEN! 2013-05-26 19:11; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-03941931.sys AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2014-03-20 12:36:30 ComboFix-quarantined-files.txt 2014-03-20 11:36 . Pre-Run: 276.764.401.664 bytes free Post-Run: 276.691.357.696 bytes free . - - End Of File - - 7B8D05F3974E7562CF313A2470E0F8F6 A36C5E4F47E84449FF07ED3517B43A31
  4. Sigh. Feels stuff gets worse and worse every boot-up. Windows failed to boot: System start-up repair had to fix it. Probably restored to some earlier system restore point... Still have the corruption bullshit from before the repair, though.
  5. After a reboot, everything went back to normal; ran another TDSSKiller with loaded modules and came up with the same stuff as 2 posts above, under a different name this time. However, Malware-bytes boots again; but the database was missing or corrupt and needed a new download. Same for NOD32 which is giving me compilation errors again. censored this thing. I want to get rid of it. 20:10:29.0535 0x0b68 ============================================================ 20:10:29.0535 0x0b68 Scan finished 20:10:29.0535 0x0b68 ============================================================ 20:10:29.0545 0x1160 Detected object count: 1 20:10:29.0545 0x1160 Actual detected object count: 1 20:10:55.0675 0x1160 WatAdminSvc ( ForgedFile.Multi.Generic ) - skipped by user 20:10:55.0675 0x1160 WatAdminSvc ( ForgedFile.Multi.Generic ) - User select action: Skip 20:10:58.0925 0x0e74 Deinitialize success
  6. So, just bluescreened during a administrator in-depth NOD32 scan. Something to do with memory was the error? Rebooted in a different shitty resolution; can't open screen settings now -> EXPLORER.EXE: Server execution failed. (?) Malwarebytes came up with a critical error right up on boot; http://imgur.com/FhcGnpp for the screenshot Running TDSSKiller again as admin now, without the 'loaded modules' option checked, though. No threats found, sadly.. The scan took forever though compared to the others (20 minutes!). My firefox does however seem to be crashing alot when I play a video. Sometimes it doesn't boot up at all and crashes itself repeatedly... I guess that's where the combofix thing comes in handy.
  7. Hello Gringo, I've not had access to the infected computer ever since I ran the TDSSKiller last time. I got home and ran it again a couple of times; this time it produced a result: 18:36:25.0118 0x0354 ============================================================ 18:36:25.0118 0x0354 Scan finished 18:36:25.0118 0x0354 ============================================================ 18:36:25.0128 0x0df8 Detected object count: 1 18:36:25.0128 0x0df8 Actual detected object count: 1 18:36:53.0960 0x0df8 nvlddmkm ( ForgedFile.Multi.Generic ) - skipped by user 18:36:53.0960 0x0df8 nvlddmkm ( ForgedFile.Multi.Generic ) - User select action: Skip 18:36:58.0840 0x0ed8 Deinitialize success I'll wait with the ComboFix thing until the next reply.
  8. 10:35:42.0468 0x06c4 ============================================================ 10:35:42.0468 0x06c4 Scan finished 10:35:42.0468 0x06c4 ============================================================ 10:35:42.0478 0x06a8 Detected object count: 0 10:35:42.0478 0x06a8 Actual detected object count: 0 Derp...
  9. MBAR crashed during that scan. I just did a quick driver scan to follow up, it finds a differently named rootkit .sys file -- the same as in the OP -- nvlddmkm.sys I'll just await instructions - I've exited MBAR without cleaning it up. - Both of the files were so called "Forged Files". Afterwards I've re-ran the scan a couple of times, and it finds nothing anymore.. I'll just wait for a reply cause I'm dazzled by the skill these censoreding things have. Is it safe to assume I should change all my passwords and not use this PC to log-in to any password-protected sites anymore, or does a rootkit not compromise this?
  10. So, am currently in safe-mode, back with the screwed up resolution, running MBAR which has, again, detected a rootkit present. \system32\drivers\ndis.sys [unknown.Rootkit.Driver] What should I do?
  11. I really don't know what's causing all this stuff. I just rebooted after some windows updates - it boots in 640x480 resolution again. Now, I checked device manager and the screen resolution tab - max resolution I can put it to is 1280x1024 Device manager gives me 3 exclamation marks: Graphic card (NVIDA GeForce 8800GTS) - when opening properties it shows the following message: Windows cannot verify the digital signature for the drivers required for this device. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. (Code 52) Same goes for a device called the WAN Miniport (PPT), under the network adapters tab -- I don't even know what this is? Aside from that windows update keeps coming up with 1 important update every boot; Update for Windows 7 for x64-based Systems (KB2868116) (not sure if it's this one all the time, though)
  12. No bluescreen this time, after reboot my ESET NOD32 fails to load - "Virus scanner initialization failed. Most of the ESET NOD32 Antivirus modules will not function properly." Firefox still crashing... I ran the checkdisk option in the program you provided, and came up with the following log (errors found): Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. All rights reserved. C:\Users\Bjorn\AppData\Local\Temp\Rar$EXa0.413\Tweaking.com - Windows Repair> CD /D C:\ C:\> chkdsk C: The type of the file system is NTFS. The volume is in use by another process. Chkdsk might report errors when no corruption is present. WARNING! F parameter not specified. Running CHKDSK in read-only mode. CHKDSK is verifying files (stage 1 of 3)... 0 percent complete. (0 of 193024 file records processed) 0 percent complete. (16591 of 193024 file records processed) 1 percent complete. (19303 of 193024 file records processed) 2 percent complete. (38605 of 193024 file records processed) 3 percent complete. (57908 of 193024 file records processed) 5 percent complete. (96512 of 193024 file records processed) 6 percent complete. (115815 of 193024 file records processed) 7 percent complete. (135117 of 193024 file records processed) 8 percent complete. (154420 of 193024 file records processed) 9 percent complete. (173722 of 193024 file records processed) 193024 file records processed. File verification completed. 1023 large file records processed. 0 bad file records processed. 2 EA records processed. 59 reparse records processed. CHKDSK is verifying indexes (stage 2 of 3)... 11 percent complete. (4367 of 278804 index entries processed) 12 percent complete. (9095 of 278804 index entries processed) 13 percent complete. (13824 of 278804 index entries processed) 14 percent complete. (18552 of 278804 index entries processed) 15 percent complete. (23280 of 278804 index entries processed) 16 percent complete. (28008 of 278804 index entries processed) 17 percent complete. (32736 of 278804 index entries processed) 18 percent complete. (37464 of 278804 index entries processed) 19 percent complete. (42192 of 278804 index entries processed) 20 percent complete. (46920 of 278804 index entries processed) 21 percent complete. (51649 of 278804 index entries processed) 22 percent complete. (56377 of 278804 index entries processed) 23 percent complete. (61105 of 278804 index entries processed) 24 percent complete. (65833 of 278804 index entries processed) 25 percent complete. (70561 of 278804 index entries processed) 26 percent complete. (75289 of 278804 index entries processed) 27 percent complete. (80017 of 278804 index entries processed) 28 percent complete. (84745 of 278804 index entries processed) 29 percent complete. (89474 of 278804 index entries processed) 30 percent complete. (94202 of 278804 index entries processed) 31 percent complete. (98930 of 278804 index entries processed) 32 percent complete. (103658 of 278804 index entries processed) 33 percent complete. (108386 of 278804 index entries processed) 34 percent complete. (113114 of 278804 index entries processed) 35 percent complete. (117842 of 278804 index entries processed) 36 percent complete. (122570 of 278804 index entries processed) 37 percent complete. (127299 of 278804 index entries processed) 38 percent complete. (132027 of 278804 index entries processed) 39 percent complete. (136755 of 278804 index entries processed) 40 percent complete. (141483 of 278804 index entries processed) 41 percent complete. (146211 of 278804 index entries processed) 42 percent complete. (150939 of 278804 index entries processed) 43 percent complete. (155667 of 278804 index entries processed) 44 percent complete. (160395 of 278804 index entries processed) 45 percent complete. (165124 of 278804 index entries processed) 46 percent complete. (169852 of 278804 index entries processed) 47 percent complete. (174580 of 278804 index entries processed) 48 percent complete. (179308 of 278804 index entries processed) 49 percent complete. (184036 of 278804 index entries processed) 50 percent complete. (188764 of 278804 index entries processed) 51 percent complete. (193492 of 278804 index entries processed) 52 percent complete. (198220 of 278804 index entries processed) 53 percent complete. (202949 of 278804 index entries processed) 54 percent complete. (207677 of 278804 index entries processed) 55 percent complete. (212405 of 278804 index entries processed) 56 percent complete. (217133 of 278804 index entries processed) 57 percent complete. (221861 of 278804 index entries processed) 58 percent complete. (226589 of 278804 index entries processed) 59 percent complete. (231317 of 278804 index entries processed) 278804 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 3)... 70 percent complete. (13567 of 193024 file SDs/SIDs processed) 71 percent complete. (27752 of 193024 file SDs/SIDs processed) 72 percent complete. (41936 of 193024 file SDs/SIDs processed) 73 percent complete. (56120 of 193024 file SDs/SIDs processed) 74 percent complete. (70305 of 193024 file SDs/SIDs processed) 75 percent complete. (84489 of 193024 file SDs/SIDs processed) 76 percent complete. (98673 of 193024 file SDs/SIDs processed) 77 percent complete. (112858 of 193024 file SDs/SIDs processed) 78 percent complete. (127042 of 193024 file SDs/SIDs processed) 79 percent complete. (141227 of 193024 file SDs/SIDs processed) 80 percent complete. (155411 of 193024 file SDs/SIDs processed) 81 percent complete. (169595 of 193024 file SDs/SIDs processed) 82 percent complete. (183780 of 193024 file SDs/SIDs processed) 193024 file SDs/SIDs processed. Security descriptor verification completed. 42891 data files processed. CHKDSK is verifying Usn Journal... 99 percent complete. (0 of 35518264 USN bytes processed) 100 percent complete. (35512320 of 35518264 USN bytes processed) 35518264 USN bytes processed. Usn Journal verification completed. The master file table's (MFT) BITMAP attribute is incorrect. The Volume Bitmap is incorrect. Windows found problems with the file system. Run CHKDSK with the /F (fix) option to correct these. 488282111 KB total disk space. 215037044 KB in 134725 files. 94220 KB in 42892 indexes. 0 KB in bad sectors. 310375 KB in use by the system. 65536 KB occupied by the log file. 272840472 KB available on disk. 4096 bytes in each allocation unit. 122070527 total allocation units on disk. 68210118 allocation units available on disk. C:\>
  13. Zzz, bluescreened during the process, trying again...
  14. I'm still getting alot of 'corruption' errors... My rar volumes still appear corrupted, NOD32 updates sometimes go through, but often end with 'file corrupted' or 'general compiler error' or 'Undocumented serious error (1106)' I don't know what's causing it, and I don't know what the rootkit has caused, can't even find out what it was as malwarebytes sets it as 'unknown rootkit driver' PC is still far from performing the way it should..
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.