Found non-standard or infected MBR - Logs Attached

Yes run the below to provide us with more of the info we require:

READ & RUN ME FIRST. Malware Removal Guide


Also do you have your Windows XP boot CD?

 

Skip RootRepeal and continue.

 

Your log from MBRcheck indicates that you may have a master boot record infection. Since you do not have a Windows XP CD, you will have to make one containing the Recovery Console only.



Preferably from a clean computer, I need you to download the below:

• Windows XP Recovery Console rc.iso

Create a bootable CD for the aboe ISO files. You can use ImgBurn do this.



Now reboot from the Windows XP Recovery Console CD and execute the following commands. ( you may need to change to boot order in your BIOS to get it to boot from the CD if not prompted. You must make sure you boot from the CD. )

• fixmbr
• exit

Once back in Windows, rerun MBRcheck and attach a new log.

 

It can be any computer as long as you can burn the ISO image file on it.

 

Typically this works without a problem. The warning you are getting is likely due to the fact that you have an HP PC and they have an HP Recovery Partition to restore your PC to factory state from. Many vendors do this instead of doing the right thing and giving you the CD/DVDs needed to fix your PC when problems arise.

Repairing the MBR could make the Recovery Partition no longer usable. But it may have no effect on it whats so ever. Since the malware could have already corrupted the ability to use this partition, it may not matter.

So here are your choices:

• Live with the malware. Not recommended and dangerous to your security.
• Back up important data ( somewhere external to this PC) to avoid possible loss and then continue with one of the below choices
  1. Restore the PC from the HP Recovery Partition to put it back into the state it was shipped. This erases all you current settings and saved data.
  2. Try using the method of running fixmbr. If it works, everything will be in tact the way you last had it.

 

You're welcome. Your log is good now. Are you having any more malware problems?

 

Not malware. Speak to google. Empty your browser caches and history. Or try posting in the Software Forum.




If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!