Hello, I'll move this topic to the malware removal forum.
Try this please. You will need a USB drive.
to the desktop of your clean computer
- Run GETxPUD.exe
- A new folder will appear on the desktop.
- Open the GETxPUD folder and click on the get&burn.bat
- The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
- Click on Start and follow the prompts to burn the image to a CD.
- Remove the USB & CD and insert it in the sick computer
- Boot the Sick computer with the CD you just burned
- The computer must be set to boot from the CD
- Gently tap F12 and choose to boot from the CD
- Follow the prompts
- A Welcome to xPUD screen will appear
- Press File
- Expand mnt
- sda1,2...usually corresponds to your HDD
- sdb1 is likely your USB
- Click on the folder that represents your USB drive (sdb1 ?)
- Press Tool at the top
- Choose Open Terminal
- Type the following and press enter:
dd if=/dev/sda of=mbr.bin bs=512 count=1
- Press Enter
- After it has finished a file will be located on your USB drive named mbr.bin
- Remove the USB drive and insert it back in your working computer and navigate to mbr.bin, zip it up and attach it to your next reply.
This will allow me to have a look at the MasterBootRecord of your drive and see if it is infected.
"Now faith is the substance of things hoped for, the evidence of things not seen."
Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome
Malware analyst @ Emsisoft