Hi there this may be the new variant - which is a tad sneaky
Download
MBRCheck.exe to your Desktop. Run the application.
If no infection is found, it will produce a report on the desktop. Post that report in your next reply.
If an infection is found, you will be presented with the following dialog:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Type
N and press
Enter. A report will be produced on the desktop. Post that report in your next reply.
THENA second run so that I can test out the MBR
Run
MBRCheck.exe once again.
You will be presented with the following dialog:
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Enter
Y and press
Enter.
The following dialog will be presented:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice:
Enter 1 and press
EnterThe following dialog will be presented:
Enter the physical disk number to fix (0-99, -1 to cancel):
Enter
0 and press
EnterThe program will ask for the file name to dump to, type
dump.txt and Press Enter. You should see a Dumped successfully message. Type
-1 and press Enter twice to exit the program. Save the
dump.dat file to your desktop.
[color="#800080"]
[size="3"]
Step 2:[/size]
[/color]
Please attach the dump.txt file to your next post.