Win32/Mebroot.K trojan help please

Hi there,

This is my first post here. Followed all the steps in "Windows XP Cleaning Procedure" forum.

Basically have had Win32/Mebroot.K trojan coming up for a while now (approx 1 month) on virus scan (Eset NOD32.) Didn't think too much of it as computer was functioning ok and was planning on getting a new one. Then one of my hard drives changed to "Local Disk" and wanted to format upon opening. I restarted and windows checkdisk recovered the master table and my drive label worked again and was able to open the drive. It started to happen every restart until finally the drive would not recover.

Yesterday I googled around a bit and ran into a forum on what sounded like my problem and ran Dr.Web CureIt! This is the only thing I did to try and remove the Trojan before finding this forum. It said it found 1 infection and removed it.

Today I followed all the steps in the READ & RUN ME FIRST. Malware Removal Guide. I am now posting my logs and hoping for some help.

A couple more notes. Since I ran Dr.Web CureIt! yesterday, a second drive has become inaccessable. I am hoping to save the data on these two drives (E:, D These two are physical drives that I would like to put in my new computer but obviously would like to do so only when they no longer contain a virus or trojan.

Windows XP SP3 is on F: partition right now. It is a very old version of windows and has tons of junk on it and I planned on just wiping it once I get my new computer and then merging it with C: Storage. C:Storage has all my most important files.

Thanks in advance for any help. This is my first post. I hope this is not too long winded and somewhat clear. Please let me know if there is any other info you need. I have read the forum rules and guidelines and will follow advice specifically.

 

I can't post RRlog as it is 2.88 MB. Any recommendations?

Basically it's :

Path: E:\iTunes Music\Carlos Santana\shaman
Status: Invisible to the Windows API!

over and over again. I would assume it's because I have 2 drives (approx 30gb and 40gb) of files that I can't see in windows right now.

 

Thanks for your response. I think the scans done with the programs suggested on this forum may have removed the trojan. What I'm left with though is 2 slave drives that I cannot access. Do you know how I might be able to recover these? I'm not sure what to post to show what's going on with the drives. I believe whatever I had affected the MFT of my drives. Windows Checkdisk can no longer recover them but recognizes the label from them. When I open "My computer" however, they both show as "local disks" and want me to format them whenever I try and open. Thanks again.

 

Thanks for your help. I have done a complete scan with NOD32 and the win32/mebroot.k trojan is not found anymore.

I have also posted in the software forum regarding the data loss on the 2 physical drives.

Thanks again and happy easter!