You can use MBRCheck to check Master Boot Record
Please
Download MBRCheck and save it to your computer.
* Double click on MBRCheck.exe to run it.
* When it's done press enter to exit.
* Then please post the log it produced MBRCheck_(time+date).txt
----------------------------------------------------------------------------------------------
Here is a log of a infected MBRMBRCheck, version 1.1.1
© 2010, AD
\\.\C: --> \\.\PhysicalDrive0
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
_____________________________________________________________________
To fix MBR please do the following. * Double click on MBRCheck.exe to run it.
* Type Y then hit enter, to show the options.
* Type 2 then hit enter, to restore the mbr.
* When asked for the physical number to fix, type 0 then press enter.
* When asked to select the mbr to write, type 0 then press enter.
* Then type yes and press enter to write the new code.
Then reboot your computer, once it's restarted run MBRCheck again as first instructed and post the new log.
Heres The clean log
MBRCheck, version 1.1.1
© 2010, AD
\\.\C: --> \\.\PhysicalDrive0
Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Windows XP MBR code detected
