Inactive System Check virus, a lot of problems
- Thread starter MjuTaS
- Start date
bootrec /fixboot still didnt work, only the fixmbr worked
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Ultimate Edition Service Pack 1 (build 7601), 32
-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`06500000
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Controlled by rootkit!
Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
Done;
Press any key to quit...
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Ultimate Edition Service Pack 1 (build 7601), 32
-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`06500000
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Controlled by rootkit!
Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
Done;
Press any key to quit...
Broni
Posts: 56,041 +516
Please download and run ListParts by Farbar (for 32-bit system)
Please download and run ListParts64 by Farbar (for 64-bit system)
Click on Scan button.
Scan result will open in Notepad.
Post it in your next reply.
Please download and run ListParts64 by Farbar (for 64-bit system)
Click on Scan button.
Scan result will open in Notepad.
Post it in your next reply.
ListParts by Farbar
Ran by Simon on 10-02-2012 at 17:57:33
Windows 7 (X86)
Running From: C:\Users\Simon\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 30%
Total physical RAM: 3327.18 MB
Available physical RAM: 2321.02 MB
Total Pagefile: 6652.64 MB
Available Pagefile: 5451.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.08 MB
======================= Partitions =========================
1 Drive c: (System) (Fixed) (Total:78.03 GB) (Free:31.39 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:387.63 GB) (Free:148.05 GB) NTFS
3 Drive e: (Reparationsskiva för Windows 7, ) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Disk nr Status Storlek Ledigt Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk nr 0 Online 465 G B 0 B
DiskPart avslutas...
Partitions of Disk Disk nr 0 Online 465 G B 0 B :
===============
Argumenten som angetts f”r kommandot „r inte giltiga.
Om du vill ha mer information om kommandot skriver du: HELP SELECT DISK
Ingen disk har valts.
****** End Of Log ******
Ran by Simon on 10-02-2012 at 17:57:33
Windows 7 (X86)
Running From: C:\Users\Simon\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 30%
Total physical RAM: 3327.18 MB
Available physical RAM: 2321.02 MB
Total Pagefile: 6652.64 MB
Available Pagefile: 5451.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.08 MB
======================= Partitions =========================
1 Drive c: (System) (Fixed) (Total:78.03 GB) (Free:31.39 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:387.63 GB) (Free:148.05 GB) NTFS
3 Drive e: (Reparationsskiva för Windows 7, ) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Disk nr Status Storlek Ledigt Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk nr 0 Online 465 G B 0 B
DiskPart avslutas...
Partitions of Disk Disk nr 0 Online 465 G B 0 B :
===============
Argumenten som angetts f”r kommandot „r inte giltiga.
Om du vill ha mer information om kommandot skriver du: HELP SELECT DISK
Ingen disk har valts.
****** End Of Log ******
Broni
Posts: 56,041 +516
Create new restore point.
Download the FixTDSS.exe
Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.
Download the FixTDSS.exe
Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
OK any security prompts.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.
ok, it restarted, got bluescreen AGAIN when it was gonna startup, used the cd and fixmbr worked but fixboot says : The volume does not contain a recognized file system. please make sure that all required file system drivers are loaded and that volume is not corrupted.
Once again i had to use " start with last knowing config that worked" to get the computer running
Once again i had to use " start with last knowing config that worked" to get the computer running
ListParts by Farbar
Ran by Simon on 10-02-2012 at 21:30:32
Windows 7 (X86)
Running From: C:\Users\Simon\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 27%
Total physical RAM: 3327.18 MB
Available physical RAM: 2424.45 MB
Total Pagefile: 6652.64 MB
Available Pagefile: 5623.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.08 MB
======================= Partitions =========================
1 Drive c: (System) (Fixed) (Total:78.03 GB) (Free:31.13 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:387.63 GB) (Free:148.05 GB) NTFS
3 Drive e: (Reparationsskiva för Windows 7, ) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Disk nr Status Storlek Ledigt Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk nr 0 Online 465 G B 0 B
DiskPart avslutas...
Partitions of Disk Disk nr 0 Online 465 G B 0 B :
===============
Argumenten som angetts f”r kommandot „r inte giltiga.
Om du vill ha mer information om kommandot skriver du: HELP SELECT DISK
Ingen disk har valts.
****** End Of Log ******
Ran by Simon on 10-02-2012 at 21:30:32
Windows 7 (X86)
Running From: C:\Users\Simon\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 27%
Total physical RAM: 3327.18 MB
Available physical RAM: 2424.45 MB
Total Pagefile: 6652.64 MB
Available Pagefile: 5623.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.08 MB
======================= Partitions =========================
1 Drive c: (System) (Fixed) (Total:78.03 GB) (Free:31.13 GB) NTFS
2 Drive d: (Backup) (Fixed) (Total:387.63 GB) (Free:148.05 GB) NTFS
3 Drive e: (Reparationsskiva för Windows 7, ) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF
Disk nr Status Storlek Ledigt Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk nr 0 Online 465 G B 0 B
DiskPart avslutas...
Partitions of Disk Disk nr 0 Online 465 G B 0 B :
===============
Argumenten som angetts f”r kommandot „r inte giltiga.
Om du vill ha mer information om kommandot skriver du: HELP SELECT DISK
Ingen disk har valts.
****** End Of Log ******
Broni
Posts: 56,041 +516
OK, we have to proceed carefully here.
Boot back to System Recovery Options.
At the command prompt type:
DISKPART
Press Enter.
Type:
LIST DISK
Press Enter.
Let me know if "Disk 0" still has a "*" next to it.
If no let me know.
If yes type:
LIST PARTITION
Press Enter.
Post what is listed there.
Boot back to System Recovery Options.
At the command prompt type:
DISKPART
Press Enter.
Type:
LIST DISK
Press Enter.
Let me know if "Disk 0" still has a "*" next to it.
If no let me know.
If yes type:
LIST PARTITION
Press Enter.
Post what is listed there.
Latest posts
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU- Squid Surprise replied
-
Apple is rolling out AirPlay support for TVs in hotel rooms- RudyBob replied
-
The Best Phones: Top Picks for Every Price Range- DanteSmith replied
-
Russia-backed hacking group suspected of attack on US water system- PurpaFur replied
