My MBR seems to be infected by, what appaers to be, “Sinowal@bmr” virus. I ran avast! Internet Security a couple of times, but it couldn’t remove it. I ran it while the Windows XP is up, and I performed several boot-time scans. No luck
To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI
Essexboy will look at the logs when he arrive here later today…usually 8:00am - 11:59am uk time
It found no viruses in MBR, but found one in a completely different file, an executable downloaded from the internet.
I have removed the infected executable file by Malwarebytes’ Anti-Malware.
And that was it, the virus in MBR is now also gone. I checked it several times with avast! Internet Security and Malwarebytes’ Anti-Malware.
I don’t understand what really happened, but I guess that the infected executable file was contaminating my MBR. The trouble is, avast couldn’t find this file, and was repairing MBR only. I could be wrong.
Malwarebytes is not geared for MBR infections - it may indicate TDSS variants though. You must bear in mind that MBAM complements Avast inasmuch as it looks for known file names as opposed to signatures and behaviour which is Avasts forte… The packing and disguising of malware now is an art as the race between AV programmers and malware programmers hots up
Did you upload the dropper file to Avast for inclusion and analysis ?