John R Bartow
jbartow at winhaven.net
Thu Oct 24 01:44:01 CDT 2013
Well, it was Win7 with a 300GB HD. But I'm going to ignore it :-)
I think this machine was hit CryptoLocker Ransomware via an unprotected
machine connecting to the network with full admin privileges. I don't know
how I get these jobs. They have NO backup!
I cleaned it up and told them to start digging through their emails for
attachments because I'm sure that if they didn't have a backup they also
never deleted anything for their outlook folders (it is probably all in the
inbox yet!) Eye-yi-yi!
-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Jim Lawrence
Sent: Wednesday, October 23, 2013 11:13 PM
To: Discussion of Hardware and Software issues
Subject: Re: [dba-Tech] Chkdsk log
According to Microsoft, describing a similar situation:
"Just ignore these errors, there is no problem with the file system.
If you have 4 million plus files or a Master File Table greater than 4GB
then there is a known problem with security descriptors and a hotfix is
available for Server 2003, for Windows XP the latest Service Pack supposedly
fixes this. See here:
The CHKDSK utility incorrectly identifies and deletes in-use security
descriptors
What you see is more likely the very same benign thing that Windows 2000 can
also experience with chkdsk, it can be safely ignored. See here:
Windows 2000 Chkdsk Reports Cleaning Unused Security Descriptors"...and so
on.
So no problem no worries. :-)
Jim
----- Original Message -----
From: "John R Bartow" <jbartow at winhaven.net>
To: "Discussion of Hardware and Software issues"
<dba-tech at databaseadvisors.com>
Sent: Wednesday, October 23, 2013 7:39:46 PM
Subject: Re: [dba-Tech] Chkdsk log
Hi Jim,
No, I just found this a bit troubling:
Cleaning up 439 unused index entries from index $SII of file 0x9.
Cleaning up 439 unused index entries from index $SDH of file 0x9.
Cleaning up 439 unused security descriptors.
John
-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Jim Lawrence
Sent: Wednesday, October 23, 2013 8:00 PM
To: Discussion of Hardware and Software issues
Subject: Re: [dba-Tech] Chkdsk log
Hi John:
Is this a trick question. ;-)
The following list seems to indicate a drive that is very clean...no major
failures or indications that some process has left orphaned blocks or
corrupted indexes. About 300GB and only one partition.
Jim
----- Original Message -----
From: "John R Bartow" <jbartow at winhaven.net>
To: "DBA-Tech" <dba-tech at databaseadvisors.com>
Sent: Tuesday, October 22, 2013 11:50:45 PM
Subject: [dba-Tech] Chkdsk log
Can anyone tell me what is wrong with this chkdks log?
Level Date and Time Source Event ID Task Category
Information 10/15/2013 8:07:13 PM Microsoft-Windows-Wininit 1001
None "
Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.
A disk check has been scheduled.
Windows will now check the disk.
CHKDSK is verifying files (stage 1 of 5)...
186624 file records processed.
File verification completed.
705 large file records processed.
0 bad file records processed.
2 EA records processed.
114 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 5)...
241520 index entries processed.
Index verification completed.
0 unindexed files scanned.
0 unindexed files recovered.
CHKDSK is verifying security descriptors (stage 3 of 5)...
186624 file SDs/SIDs processed.
Cleaning up 439 unused index entries from index $SII of file 0x9.
Cleaning up 439 unused index entries from index $SDH of file 0x9.
Cleaning up 439 unused security descriptors.
Security descriptor verification completed.
27449 data files processed.
CHKDSK is verifying Usn Journal...
36543448 USN bytes processed.
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
186608 files processed.
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
51986679 free clusters processed.
Free space verification is complete.
Windows has checked the file system and found no problems.
302621695 KB total disk space.
94291204 KB in 140587 files.
83820 KB in 27450 indexes.
0 KB in bad sectors.
299951 KB in use by the system.
65536 KB occupied by the log file.
207946720 KB available on disk.
4096 bytes in each allocation unit.
75655423 total allocation units on disk.
51986680 allocation units available on disk.
Internal Info:
00 d9 02 00 70 90 02 00 2d 9e 04 00 00 00 00 00 ....p...-.......
3a 21 00 00 72 00 00 00 00 00 00 00 00 00 00 00 :!..r...........
d0 93 13 00 50 01 12 00 f8 20 12 00 00 00 12 00 ....P.... ......
Windows has finished checking your disk.
Please wait while your computer restarts.
"
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com
_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com