the system had some Backdoor.Win32.Sinowal.knf
the system was fixed via the TDSSkiller and then fixMBR in aswMBR
yet result is
aswMBR
13:01:11.921 Disk 0 scanning sectors +976768065 13:01:11.953 Disk 0 PE file @ sector 976768090 !
GMER’s MBR
device: opened successfully user: MBR read successfully kernel: MBR read successfully user & kernel MBR OK copy of MBR has been found in sector 976768065
when the drive is checked in other system it appears clean too
is the baddie still there or not ?
attached are logs just rename to .zip
so the questions are :
what else use to check if it’s clean
if it’s not clean how to clean 