Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Still seeking assistance

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Still seeking assistance

Unread postby Vistaphobic » August 1st, 2009, 3:20 am

Per the 3-day mod's instructions, I am posting to reaffirm my desperate need of your help in disinfecting my computer. My original post is located here: viewtopic.php?f=11&t=44676&view=unread#unread

I've been browsing some hidden files and now have a somewhat better understanding of this malware's nature. It has surreptitiously turned my system into a virtual machine running some other OS in the background, presumably Linux. It has created a hidden boot sector inaccessible to the Windows OS labeled "\\?\PhysicalDrive." The hidden partition is formatted in something called Novell Netware 286. There is also a second hidden partition, "\\.\PartmgrControl" formatted in FAT16. All Windows reboots and even system restore are directed to a hidden copy of the bootable Vista disc image "\bcd\hives\bin\efi_cdboot\bcd." Thus the "virtual machine based rootkit" survives the phony factory disc image restore.

Ingenious, really. I will patiently await your help while continuing to uncover as much information as I can.

Active Member
Posts: 2
Joined: July 23rd, 2009, 1:00 am
Register to Remove

Re: Still seeking assistance

Unread postby Katana » August 1st, 2009, 9:53 am

User avatar
MRU Teacher Emeritus
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

  • Similar Topics
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 79 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware