Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Virtual Rootkit
Message
<blockquote data-quote="Aaron25g" data-source="post: 464054" data-attributes="member: 47497"><p>Thank you for your fast reply.</p><p>I really hope you are correct that it is paranoia but I don't think it is the case.</p><p></p><p>The X: that I am referring to is after I do a complete wipe and go into a command prompt just before initiating the windows 10 reinstallation, I find that I can open a X: drive in the command prompt that appears to contain all memory of my activity back to July 9 this year, I can force delete most of the files except a few that always remain and appear to be encrypted.</p><p></p><p>I have attached an image containing the scan that found the 2048GB drive.</p><p></p><p>Mbar finds an infection only in the first scan after a complete wipe but when it prompts to restart to clean infection all I have is a black screen with the cursor that I can move around.</p><p></p><p>I just tried scanning with mbam chameleon and like all other anti rootkit software it cannot load the anti rootkit drivers possibly due to rootkit infection. The scripts that I am finding throughout my computer are definitely related to this issue, I have attached a few small logs I have found that I feel are in someway related to this issue.</p><p></p><p>I will now perform a scan using Kaspersky TDSS killer if you feel that I should, I have used this many times before though and if I scan with checking the option to scan loaded modules, my computer will not reboot and I will have to do a reinstallation of windows 10. should I still continue with this scan?</p><p></p><p>theres one log named setupAct_offline.log that contains all the info on whats happening but its too big to upload.</p></blockquote><p></p>
[QUOTE="Aaron25g, post: 464054, member: 47497"] Thank you for your fast reply. I really hope you are correct that it is paranoia but I don't think it is the case. The X: that I am referring to is after I do a complete wipe and go into a command prompt just before initiating the windows 10 reinstallation, I find that I can open a X: drive in the command prompt that appears to contain all memory of my activity back to July 9 this year, I can force delete most of the files except a few that always remain and appear to be encrypted. I have attached an image containing the scan that found the 2048GB drive. Mbar finds an infection only in the first scan after a complete wipe but when it prompts to restart to clean infection all I have is a black screen with the cursor that I can move around. I just tried scanning with mbam chameleon and like all other anti rootkit software it cannot load the anti rootkit drivers possibly due to rootkit infection. The scripts that I am finding throughout my computer are definitely related to this issue, I have attached a few small logs I have found that I feel are in someway related to this issue. I will now perform a scan using Kaspersky TDSS killer if you feel that I should, I have used this many times before though and if I scan with checking the option to scan loaded modules, my computer will not reboot and I will have to do a reinstallation of windows 10. should I still continue with this scan? theres one log named setupAct_offline.log that contains all the info on whats happening but its too big to upload. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
