Author Topic: Rombertik Malware  (Read 3884 times)

0 Members and 1 Guest are viewing this topic.

August 07, 2017, 09:09:50 PM

KEW123

  • Newbie

  • Offline
  • *

  • 1
  • Reputation:
    0
    • View Profile
Rombertik Malware
« on: August 07, 2017, 09:09:50 PM »
Ran RogueKiller and found the following physical drive on my PC.

+++++ PhysicalDrive0: WDC WD10JPVX-75JC3T0 +++++
--- User ---
[MBR] 06dfb6f600a6c3ba20f2d18ddc261602
[BSP] 2175f35e62edd2d86ec14ecdd8c2ecb9 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 939907 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1926217728 | Size: 450 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1927139328 | Size: 12883 MB
User = LL1 ... OK
User = LL2 ... OK

Is this a Rombertik attack? If so, how can I get rid of it?

Reply #1August 08, 2017, 01:51:12 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Rombertik Malware
« Reply #1 on: August 08, 2017, 01:51:12 PM »
Hi KEW,

Welcome to Adlice.com Forum.
The PhysicalDrive0 is your internal hard disk, where the system is installed. This is not an infection.
For more informations, please refer to RogueKiller Documentation.

Regards.

Note : This thread has been moved to the "RogueKiller" section for clarity.