This morning my father's workstation would not boot into Windows 7. I installed the boot scan tool from Avast! onto a USB and ran it. Here were the results:
4 of the 5 items were successfully deleted/quarantined, etc.
The 5th item, the first in that list, is a Master Boot Record rootkit.
I am still unable to boot into Windows 7.
When booting, it will show the splash screen with the Windows flag, but seconds after showing said screen the computer restarts and is stuck in the loop.
System repair will freeze with a full progress-bar.
Safe mode freezes at loading the classpnp.sys driver, then subsequently reboots.
After running a Windows 7 boot disk system repair, it states the problem could not be fixed.
At this point I have booted into the computer using a Linux Mint live cd (that I'm currently using to type this) from which my father extracted the majority of important and sensitive files. The HDD has two partitions, one for system files and programs, one for data. The Data partition is 4GB and could be copied to an external drive or flash USB, then the drive could be reformatted.
However, I'm inquiring to see if there is any way to save the current install without reformatting even though I cannot currently boot into the Windows 7 operating system.
Or, rather, can the rootkit be extracted/removed from the MBR without booting into an operating system. As in, say, a boot-time USB rootkit removal software? I cannot seem to find anything of this kind.
Edited by Eskimio, 15 July 2014 - 12:31 PM.