Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I remove a virus from my MBR


  • Please log in to reply
1 reply to this topic

#1 tgiaimo

tgiaimo

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:59 PM

Posted 03 August 2014 - 06:07 PM

I user trend RootkitBusterV5.0-1171 it found MBR

 

File or MBR C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp\718D5742.TMP Unable to fix false File or MBR C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp\9289564E.TMP Unable to fix false File or MBR C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp\B06E1F43.TMP Unable to fix false File or MBR C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp\C1CE9F40.TMP Unable to fix false Operating System Hook ZwAlertResumeThread; hooked by Unable to fix false Operating System Hook ZwAlertThread; hooked by Unable to fix false Operating System Hook ZwAllocateVirtualMemory; hooked by Unable to fix false Operating System Hook ZwAlpcConnectPort; hooked by Unable to fix false Operating System Hook ZwAssignProcessToJobObject; hooked by Unable to fix false Operating System Hook ZwCreateMutant; hooked by Unable to fix false Operating System Hook ZwCreateSymbolicLinkObject; hooked by Unable to fix false Operating System Hook ZwCreateThread; hooked by Unable to fix false Operating System Hook ZwCreateThreadEx; hooked by Unable to fix false Operating System Hook ZwDebugActiveProcess; hooked by Unable to fix false Operating System Hook ZwDuplicateObject; hooked by Unable to fix false Operating System Hook ZwFreeVirtualMemory; hooked by Unable to fix false Operating System Hook ZwImpersonateAnonymousToken; hooked by Unable to fix false Operating System Hook ZwImpersonateThread; hooked by Unable to fix false Operating System Hook ZwLoadDriver; hooked by Unable to fix false Operating System Hook ZwMapViewOfSection; hooked by Unable to fix false Operating System Hook ZwOpenEvent; hooked by Unable to fix false Operating System Hook ZwOpenProcess; hooked by Unable to fix false Operating System Hook ZwOpenProcessToken; hooked by Unable to fix false Operating System Hook ZwOpenSection; hooked by Unable to fix false Operating System Hook ZwOpenThread; hooked by Unable to fix false Operating System Hook ZwProtectVirtualMemory; hooked by Unable to fix false Operating System Hook ZwResumeThread; hooked by Unable to fix false Operating System Hook ZwSetContextThread; hooked by Unable to fix false Operating System Hook ZwSetInformationProcess; hooked by Unable to fix false Operating System Hook ZwSetSystemInformation; hooked by Unable to fix false Operating System Hook ZwSuspendProcess; hooked by Unable to fix false Operating System Hook ZwSuspendThread; hooked by Unable to fix false Operating System Hook ZwTerminateProcess; hooked by Unable to fix false Operating System Hook ZwTerminateThread; hooked by Unable to fix false Operating System Hook ZwUnmapViewOfSection; hooked by Unable to fix false Operating System Hook ZwWriteVirtualMemory; hooked by Unable


Edited by hamluis, 03 August 2014 - 06:30 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 technonymous

technonymous

  • Members
  • 2,474 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:59 PM

Posted 03 August 2014 - 07:33 PM

Edit: What does Norton report?

 

http://us.norton.com/security_response/writeup.jsp?docid=2011-121607-4952-99


Edited by technonymous, 03 August 2014 - 07:41 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users