Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help - do I have bootkit/boot sector virus?


  • This topic is locked This topic is locked
3 replies to this topic

#1 fefor28

fefor28

  • Members
  • 1 posts
  • OFFLINE
  •  

Posted 01 March 2017 - 01:29 PM

Hi guys, I had some behaviour on pc that I could not explain, and I just want to make sure that I do not have mbr/bios virus. Does malwarebytes anti malware,malwarebytes anti rootkit, eset online scanner,roguekiller scan boot sector as well? Also, are there any programs that scan for bootkits? I searched on google and found mswbar,gmer and tdss killer that supposedly could find them and erase them,is it true? Could scanning with them get rid of the potential virus? I tried mswbar and it at first scan froze,second scan worked normally and it reported unknown mbr code being there,i then tried mbrfix and it reported error. next time I booted i could get in with temporary profile.

thanks.

BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:59 PM

Posted 03 March 2017 - 04:57 AM

Welcome to Bleeping Computer's Malware Removal Logs area. My name is Sintharius. I will assist you with your problem.

Below are some rules that you will need to follow while receiving my assistance:
  • I am currently in training, so my responses might be delayed. I will generally reply within 48 hours - if this is not possible, I will let you know.
  • Please do not seek assistance elsewhere without letting me know.
  • Please do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • If you wish to do other interventions, please let me know. I will assist you if possible.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the Follow this topic button, and make sure a tick is in the receive notifications and is set to Instantly. Any replies should be made in this topic by clicking the Reply to this topic button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. Please inform me if you need more time.
  • Please stay with me until I have confirmed that you are clean. Absence of symptoms does not mean that the computer is clean.
  • If you do not agree with any of the above, please let me know so I can have this topic closed.
===

We will need some logs to diagnose your computer. Please run the tool below.

Farbar Recovery Scan Tool

Please download the correct version of Farbar Recovery Scan Tool and save it to your Desktop.

32-bit version here

64-bit version here

Note 1: Don't know if your Windows is 32-bit or 64-bit? Check it out here. The Automatic detection section should give you information about your OS. If it's not, use the Manual detection section.

Note 2: Temporary disable your antivirus and/or antimalware if they flag FRST as unsafe, as the tool is safe.
  • Right click on FRST/FRST64.exe and choose Run as Administrator.
  • When the tool launches, choose Yes at the disclaimer.
  • Choose Scan.
  • The tool will produces a log named FRST.txt in the same location where the tool is run from.
  • Please copy the log and paste it here.
  • On its first run FRST will generate an Addition.txt log in the same location as the other log. Please copy and paste that along with the main log in your reply.

Edited by Sintharius, 03 March 2017 - 05:01 AM.


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:59 PM

Posted 06 March 2017 - 09:11 AM

Are you still here with me?

#4 Valinorum

Valinorum

    Shadow Hide The Hunter


  • Malware Response Instructor
  • 1,766 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:59 PM

Posted 08 March 2017 - 08:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Geek U Graduate

I close my topic(s) with no replies for more than 4 days. PM me or Moderators to reactivate. All helps are provided via forum ergo do not PM me for help.

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users