win 7 security 2012

Try allowing it to repair these and let's see what happens.

 

Try the repair as mentioned in the below.

http://www.howtogeek.com/howto/windows-vista/fixing-bootmgr-is-missing-error-while-trying-to-boot-windows-vista/

 

Excellent news!

Now your Windows partition is the active boot partition

Code:

Get Partition Info From WMI in K-bytes                          
==============================================================  
Bootable  Name                   Size          Type                     
FALSE     Disk #0, Partition #0  41094144      Unknown                  
FALSE     Disk #0, Partition #1  18874368000   Installable File System  
TRUE      Disk #0, Partition #2  481191319040  Installable File System  

Now what does MBRcheck show for the Iomega drive. If it still show a faked MBR. hen try the below one more time from the Recovery Console:

bootsect.exe /nt60 f: /mbr

 

When you ran the bootsect command, what prompt was showing in command prompt Window? I would bet you got this error because you were running from the CD which is write protected. Try first running a command like C: to connect to your main hard disk or f:

Then after your prompt changes to show you are on one of these drives, run the same bootrec command.

I don't understand why you are getting a message saying it is updating physical drive 0. Yes I would expect it to be drive 1. Perhaps make sure your prompt shows drive f first before you run the bootrec command, but I would expect this to fail because it will likely say bootsect is an unrecognized command since it is not present on drive f

 

Wrong question!!! It is usable; however, if you asked is it safe to use, the answer would be a definite NO! It is still infected and this can spread to other drives/PCs. MBR infections can be extremely dangerous and are frequently information stealers.

Yes this is the reason why earlier we have been saying that you need to check which drive is which. They do not always come up to be what you expect.

However if after all of this, you still have not been able to clear this MBR infection with the bootsect command, the choices are:

• Option1: find someone with a Windows XP system that has their Windows XP boot CD and boot to the Windows XP Recovery console to fix the MBR. You still will need to know the drive which can be determine by a map command. The syntax to fix the MBR in XP is different. It would be:
  • fixmbr \device\harddisk#
  • where harddisk# is what you find out from the map command.
  • Thus if map showed your Iomega drive to be harddisk 3 you would use fixmbr \device\harddisk3 to fix the mbr
  • you can read about XP Recovery Console commands in the below link:
    • http://support.microsoft.com/kb/314058
• Option2: junk it.

If you use option one, it would windup with a Windows XP MBR but I would expect this is not an issue. And it would definitely be safer than having an infected MBR.

 

You're welcome.

Yes exactly the point.

Did not look like it based on MBRcheck.

I would still see if you can save the drive using option one. As long as you are not saving/running things from the Iomega drive and especially never booting from it, it is less likely to cause a problem to another PC system. It is worth a one shot attempt to fix it using Windows XP.



If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!