Help with rootkit MBR:\\.\PHYSICALDRIVE0

Hey!
i had problems with this rootkit being detected by avast. but it couldn’t delete it.
after the boottime scan. still not gone. so i decided to install windows 7 since i was still running vista.
i figured it should work after formatting and reinstalling windows, but 20 minutes after the installation was finished and avast was running i got the error again!
so how di i get rid of this when formatting and reinstalling windows doesn’t work
Please help!

Svend

Follow this guide, and attach all logs…not copy and paste
http://forum.avast.com/index.php?topic=53253.0

Then one of the trained malware removers will help you when they arrive…

here is the OTL logs

and the aswMBR log

This is relatively easy to fix…

Go to Control Panel
Select Administrative tools
Select Computer management
Select Storage
Select Disc management
Right click the 1Mb partition and select delete

Re-run aswMBR and post the log please

seems to work.
and another quick quistion. i just reinstalled windows, and there is a hell lot of crap in the windows.old map. is it saft to just delete all of it?

If there is nothing in there that you need then yes it can be deleted

You did have an MBR infection at some stage but it dopes not appear to have stuck

so it should be fine now? :slight_smile:
and well. thx for the help!

Just run OTL and hit the cleanup button to remove it and all its files ;D