Hi
akwit,
I am now getting Trojans every couple of minutes!!!
That must be because we found it and tried to analyze it.
Step 1Run
MBRCheck.exe once again.
You will be presented with the following dialog:
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Enter
Y and press
Enter.
The following dialog will be presented:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Enter 2 and press
Enter The following dialog will be presented:
Enter the physical disk number to fix (0-99, -1 to cancel):
Enter >>
0<< and press
Enter The following dialog will be presented:
Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel
Please select the MBR code to write to this drive:
Enter >>
5<< and press
Enter The following dialog will be presented:
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue:
Type
YES and press
Enter (Must type the full word, YES). You will be inform if successfully wrote a new MBR code!
And last the following dialog will be presented:
Done! Press ENTER to exit...
Press
Enter. A report will be produced on the desktop. Post that report in your next reply.
Step 2After you post report restart your system and hopefully it will boot normally. Download new version of Combofix and run it as you tried before. Post Combofix log after the scan
Step 3Please don't forget to include these items in your reply:- MBRCheck log
- Combofix log
It would be helpful if you could post each log in separate post