- Jul 30, 2012
- 510
I have a problem and need some Help!!
I am dual booting XP SP3 and windows 7
XP has a virtual Box with again XP SP3 installed on it.
My security configuration has EAM + CIS on both OS and only EAM on Virtual Box
My problem is,that on my XP system EAM is showing Heuristic Possible Rootkit in C:/MBR on physical drive 0,
Strange part is that on my on my virtual machine too EAM shows a Heuristic Possible Rootkit in C:/MBR on physical drive 0,
I tried to scan with the Hitman and its MBR as BOOTKIT,
Further on demand scan with TDSS killer shows nothing at all,
CIS is also not detecting anything!!
I didn’t had this rootkit/bootkit 2 days back
In these 2 days,
First I had installed Rollback Rx, because of which there was some BCD problem with my OS and system was not starting so I had to fix my BCD via some tools and not using the Installation Disc. After that again I installed Rollback Rx and it worked fine.
Rollback Rx is installed on my Virtual Machine as well.
Rest whatever application I have tired was on virtual or on sandboxie.
I think that the Rollback Rx’s activity which is to boot a window just before the start up, may be is giving EAM and Hitman a False Positive or the tool which I used to repair my BCD has caused this infection.
Is anybody else having the same issue??? If not how do you recommend to remove It.
I want to be ultra sure of the other infections spread by the rootkit/bootkit is identified and removed, so i dont mind doing some extra scan if you suggest!!
Below are the required attached File.
Thanks a lot for your concern!!
I am dual booting XP SP3 and windows 7
XP has a virtual Box with again XP SP3 installed on it.
My security configuration has EAM + CIS on both OS and only EAM on Virtual Box
My problem is,that on my XP system EAM is showing Heuristic Possible Rootkit in C:/MBR on physical drive 0,
Strange part is that on my on my virtual machine too EAM shows a Heuristic Possible Rootkit in C:/MBR on physical drive 0,
I tried to scan with the Hitman and its MBR as BOOTKIT,
Further on demand scan with TDSS killer shows nothing at all,
CIS is also not detecting anything!!
I didn’t had this rootkit/bootkit 2 days back
In these 2 days,
First I had installed Rollback Rx, because of which there was some BCD problem with my OS and system was not starting so I had to fix my BCD via some tools and not using the Installation Disc. After that again I installed Rollback Rx and it worked fine.
Rollback Rx is installed on my Virtual Machine as well.
Rest whatever application I have tired was on virtual or on sandboxie.
I think that the Rollback Rx’s activity which is to boot a window just before the start up, may be is giving EAM and Hitman a False Positive or the tool which I used to repair my BCD has caused this infection.
Is anybody else having the same issue??? If not how do you recommend to remove It.
I want to be ultra sure of the other infections spread by the rootkit/bootkit is identified and removed, so i dont mind doing some extra scan if you suggest!!
Below are the required attached File.
Thanks a lot for your concern!!
