Help with Black Internet trojan (iv)

Discussion in 'Malware Help (A Specialist Will Reply)' started by Rosendal, Jun 28, 2010.

  1. Rosendal

    Rosendal Private E-2

    Hello, everybody.

    I've been wrestling with a couple of Black Internet trojans in the last couple of days (from the 26th), just like the guy in http://forums.majorgeeks.com/showthread.php?p=1502890 and other threads, except that I use Vista.

    I have run remover.exe with the output,

    Bootkit Remover version 1.0.0.1
    (c) 2009 eSage Lab
    www.esagelab.com

    \\.\C: -> \\.\PhysicalDrive0
    MD5: 33651d4929a84a7ab9d65c115ce1bdc0
    \\.\D: -> \\.\PhysicalDrive0

    Size Device Name MBR Status
    --------------------------------------------
    298 GB \\.\PhysicalDrive0 Unknown boot code

    Unknown boot code has been found on some of your physical disks.
    To inspect the boot code manually, dump the master boot sector:
    remover.exe dump <device_name> [output_file]
    To disinfect the master boot sector, use the following command:
    remover.exe fix <device_name>


    Press any key to quit...

    and I have run MGtools, logfile is attached.

    I have one physical harddisk with two partitions on it, and all my data is backed up.

    Thanks in advance for the help :)

    Rosendal
     

    Attached Files:

    Rosendal, Jun 28, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Try to be in normal mode now when we complete the below.


    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    After clicking Fix exit HJT.

    Please go to Add/Remove programs and uninstall the following software:

    • Java(TM) 6 Update 17
    • Java(TM) 6 Update 4
    • Java(TM) SE Development Kit 6 Update 4
    Now reboot your machine and install the most current and up to date version of Java available here at the below link:

    Java Runtime 6

    Next...

    • Click Start, Run and copy and paste the below into the Run box and click OK.
    • Now reboot your PC and after reboot continue with the below instructions.
    • Run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).
    Then attach the below logs:
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    Last edited by a moderator: Jun 28, 2010
    Kestrel13!, Jun 28, 2010
    #2
  3. Rosendal

    Rosendal Private E-2

    Hey, thanks for the attempt, but apparently something was messed up from my side which made the computer completely abandon ship and give up on me, and now I can't access Windows at all.

    I'll try my luck with a reinstallation, and go to the proper subforum if I need help with something connected with that :)
     
    Rosendal, Jun 28, 2010
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    OK, well just post back if you decide not to reinstall after all.
     
    Kestrel13!, Jun 28, 2010
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds