Adlice forum
General Category => Malware removal help => Topic started by: Kathy_9 on February 13, 2015, 02:50:48 PM
-
Could someone please look at my log and let me know if my system is clean? I was working with a helper at DSLReports Forum and one of the steps in the cleanup process was to run RogueKiller. Neither of us has come across the Unknown Bootloader before and was hoping you could help.
If you want to see what has been done so far here is a link to that thread http://www.dslreports.com/forum/r29822983-Virus-Windows-Control-Processor-Virus-Possibly-Conhost- (http://www.dslreports.com/forum/r29822983-Virus-Windows-Control-Processor-Virus-Possibly-Conhost-)
RogueKiller Log attached
Thanks,
Kathy
-
Hi Kathy,
Welcome to Adlice.com Forum.
I read the whole thread at DSLReports and this is indeed quite uncommon.
The MBR on your computer seems nonstandard.
Unknown MBRs are dumped into %programdata%/RogueKiller/debug/.
Please locate the file and attach it on your next post (you need to zip it first).
Regards.
-
I've attached the zipped file. Thank you.
-
Hi Kathy,
At first sight, the MBR and VBR codes are alright.
We will analyse them more throughly and we will get back to you as soon as possible.
Regards.
-
Thanks very much. I really appreciate the help.
-
Curson,
I saw this post about HP and non-standard MBR's and thought I'd pass it along.
https://forum.avast.com/index.php?topic=83011.10;wap2
My computer is a HP Pavilion Elite HPE-310t .
Thanks,
Kathy
-
Hello
Your MBR/VBR are actually known by RK engine... Looks like a bug, either the engine crashed or wasn't loaded.
I'd suggest to retry with new version to compare results. New version should be released today.
-
Thank you very much. I will rescan with the new version when posted. When I looked on the download page there were both 32-bit and 64-bit versions. I'm going to assume I want the 64-bit version because that's what my PC is. Does it matter which of the 64-bit versions I download?
-
In a general way, I'd say YES.
For this particular problem, NO :)
Your PC is clean anyway, that test is just if you're willing to help, that's up to you...
-
Yes, I am willing to help. You have put my mind at ease so that is the least I can do. Just let me know which one you want me to test.
Thanks,
Kathy
-
Hi Kathy,
Thanks for the feedback.
RogueKiller version 10.3.0.0 is out. Could you please give it a try to check if your MBR/VBR are now correctly recognized ?
Regards.
-
New log attached.
-
Hi Kathy,
We are unable to pinpoint why RogueKiller isn't able to properly recognize the MBR and VBR specifically on your system.
Anyway, as Tigzy stated, thoses are present in RogueKiller database and are therefore perfectly safe.
If you have anymore questions, feel free to ask.
Regards.
-
Thank you both!!
-
Hi Kathy,
You are very welcome.
All the best.
-
I forgot to mention that if you or Tigzy need me to test again, just holler.
-
Hi Kathy,
Thank you for your help. :)