09-07-2009 10:51 AM
Step 8 is the confusing one for me as I do not know EXACTLY what to type????? Subsequently my machine "seems" to be running fine and NAV is not picking up anything but when I tried to run a defrag and chck for disk errors, I received a message saying that the NTFS boot sector is unreadable! I am thinking that this is a result of not completing the Recovery console step when removing the virus.
Please can someone help me as I have battled for 12 hours now. A month ago fossy710 had a similar problem but I do not know if that solution will be the same for me
Look forward to your expert advice
Solved! Go to Solution.
09-07-2009 12:24 PM
09-07-2009 10:35 PM
When you come online again we will require a GMER scan. Please scan ONLY
After it is downloaded to your desktop, right click on the icon, go to properties, and click unblock and apply.
You will be able to attache the log produced to your next post by using the "add attachments" link below the orange post button.
09-08-2009 12:04 PM
You have a rotscx rootkit infection. Quads will be along later to request a different kind of log to enable him to find all of the files.
It will be a three part remediation that will require you to follow his directions exactly. It will take a bit of patience, but the repairs where the user followed directions have been successful.
09-08-2009 07:59 PM
1. Download Combofix to your Desktop, http://www.bleepingcomputer.com/combofix/how-to-us
Don't use yet.
2. I have Personal Messaged you the script between the lines, look for the yellow envelope at the upper right hand side. Copy the Script.
3. Open Notepad and paste it in to notepad with the first line being killall::
4. Save the script as "CFScript.txt" CFScript.txt is what you see on your desktop after saving.
5. Disable Nortons Auto-Protect and Firewall.
6. Drag and drop CFScript.txt on top of Combofix.exe, like when you drop files into the recycle bin.
7. Combofix will start, When it is scanning don't move the mouse cursor inside the box, can cause freezing.