Inactive Can't get rid of this trojan/hijacker

Status
Not open for further replies.
Open Notepad
Copy and paste following text into Notepad:
Code:
@ECHO OFF
START 
boot_cleaner.exe fix \\.\PhysicalDrive0
EXIT
Go FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
Then in the FILE NAME box type fix.bat.
Save fix.bat to your Desktop.

Run fix.bat by double clicking.
You may see a black box appear; this is normal.

When done, run boot_cleaner.exe again and post its output.
 
When i went to SAVE AS it did not have SAVE AS TYPE to ALL FILES as an option. So when i ran fix.bat it gave me an error that said "Windows cannot find "/par". Make sure you typed the name correctly, then try again. But it may have ran. Another paragraph came up and the box quickly closes after that.



Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows Vista Ultimate Edition Service Pack 2 (build 6002)
, 64-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Controlled by rootkit!

Boot code on some of your physical disks is hidden by a rootkit.
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]


Done;
Press any key to quit...
 
It didn't work either.

I'm afraid you're facing backing up your data, formatting a hard drive and reinstalling Windows.
I'm sorry but I don't see any other option.
 
I was afraid of that. Would it possibly get worse if i do nothing more for it, just use it as it is?

I do ghost my HD with another one about every 6 months. So i could move all the most recently saved files to it.

Is there a chance doing that could infect the other HD?

Also, with reformatting, there is no chance the MBR would still be bad?
 
Formatting the drive will take care of infected MBR.

Move all files you want to external drive.

Scan that drive with your AV program AFTER you format your regular hard drive and reinstall Windows.
I don't think there will be any infected files there but it's better to be safe.
 
Status
Not open for further replies.
Back