Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Bootkit? Trojan? System/Registry/Drivers Acting Strange and SLOW

Started by miked719 , Mar 19 2012 11:26 PM

  • Please log in to reply

#1
miked719
Posted 19 March 2012 - 11:26 PM

miked719

    New Member

  • Member
  • Pip
  • 2 posts
MY MACHINE:
Sony VAIO
Model: VPCEH25FM/B
640GB HD (can only format to get 598GB)
4GB Ram

Primary OS: Windows 7 x64 SP 1.
Ubuntu Installed
Windows 8 Trail Also Installed

Kapersky AV 2012 (Factory CD installed)
No File Encryption Software Installed

PROBLEM
--------------------------------

I'm not sure exactly what I have I think it's some kind of bootkit. My bios / hard drive and drivers I don't believe are correct. I can't use 40GB of my hard drive (no idea where the space went).

When I use @ActiveBootDisk, it it shows an unformatable A: and a small unalloted parition before and after the main disk drive.

There are a lot of start up services I don't recogonize and am unable to access various files (permission errors). I ran a few programs not sure which ones will help, see any logs that may shine some light as to what is going. Thank you so much for any help you can offer!!!

SOFTWARE SCANS
----------------------------------
I ran the following programs and have the logs attached (normal boot in windows 7 64 bit):

Kapersky v 12 Antivirus
TRSSKiller (screenshot and Log)
RougeKiller
HijackThis
DDS
OTL
aswMBR
GMER (however most options were greyed out)

------------------------------------

https://www.virustot...sis/1332221312/
(Attachment is Clean -- See Above)

Attached File  Scan Logs.zip   113.47KB   216 downloads

Edited by miked719, 19 March 2012 - 11:39 PM.

  • 0

Advertisements

#2
miked719
Posted 20 March 2012 - 12:57 PM

miked719

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I believe I found the problem:

TR/Crypt.ZPACK.Gen

Using Piriform Defraggler (to see what files are where) and EaseUS Parition Magic 9.0 I was able to set the hidden drive active and can now see the "Recovery" drive which is first on the system. However there are a ton of files so it's hard to tell which are clean and which are not

See the image below:

The H: Recovery
and/or the I: System Reserved

Load before my OS and contain the problematic files. Also the end of my disk reloads the files after each boot

J:END

So even with a format it keeps coming back. Any clue how to get rid of this??

Attached Thumbnails

  • Screenshot_3.png
  • Screenshot_2.png

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP