drmax,
Let’s check the
Master Boot Record; another location where Rootkits hide.
In the clean computer with the USB flash drive plugged in...
Please download
MBRFix:
Download MBRFix 1.3.0.0 Free - Fix or create Master Boot Record (MBR) on harddisks - Softpedia
Save to the Desktop.
Right-click the file and select: Extract here…
Once extracted, there are three files in the folder that is created.
Copy
only the
MBRFix64 application to the USB drive.
Now, open
Notepad: (Start > All Programs > Accessories > Notepad).
Copy the entire contents of the code box below.
Code:
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess
SaveMbr: Drive=0
Save this info on the flashdrive as
fixlist.txt
Once again, please enter
System Recovery Options and select:
Command Prompt
Run
FRST and press the
Fix button just once, and wait.
When done, the tool makes a log on the flashdrive called
Fixlog.txt.
Please post its contents in your reply.
Another file,
MBRDUMP.txt also appear on the flash drive.
It may look a text file, but it is not. It is a hex file! (Don't open it, it will be all gibberish.)
Please
attach the
MBRDUMP.txt in your reply.