A fully updated Norton Internet Secuity allowed in this malware. I didn't click to install this "Malware Defense", but still, now NIS won't load, internet's down, and MBAM won't run either in Safe Mode or Normal Mode. System Restore just hangs either in Safe Mode or Normal Mode. NIS will do a virus scan in Safe Mode but detects nothing wrong. Yet in Normal Mode the system hangs in about 5 minutes.
From reading the very very patient DragonMaster Jay in this forum, he seems to have helped invisible016 with the same bug -- H8SRTd -- I seem to have. I ranSysProtLog and here's a snippet:
Kernel Modules:
Module Name: \systemroot\system32\drivers\H8SRTpuxjrudujx.sys
Service Name: H8SRTd.sys
Module Base: ---
Module End: ---
hȋdden: Yes
Here is my question: I have a clean Norton Ghost image backup and I want to minimize chance of this virus surviving the Ghost Recovery.
Drive is bootable Primary "C" Drive, 55 GB, with a small 212 MB "Unknown Partition" for HP recovery files.
I'm restoring the bootable "C" Drive, and want to keep the Unknown Partition alone. I'll use the "Restore MBR" (Master Boot Record).
Can this malware survive the normal Ghost Recovery if I also restore the MBR?
Or, should I try and delete the malware, with your help, before using my Ghost image?
Or, is there a way to scrub the hard drive (while leaving alone the small Unknown Partition) to disinfect the drive before running Ghost?
Thanks
From reading the very very patient DragonMaster Jay in this forum, he seems to have helped invisible016 with the same bug -- H8SRTd -- I seem to have. I ranSysProtLog and here's a snippet:
Kernel Modules:
Module Name: \systemroot\system32\drivers\H8SRTpuxjrudujx.sys
Service Name: H8SRTd.sys
Module Base: ---
Module End: ---
hȋdden: Yes
Here is my question: I have a clean Norton Ghost image backup and I want to minimize chance of this virus surviving the Ghost Recovery.
Drive is bootable Primary "C" Drive, 55 GB, with a small 212 MB "Unknown Partition" for HP recovery files.
I'm restoring the bootable "C" Drive, and want to keep the Unknown Partition alone. I'll use the "Restore MBR" (Master Boot Record).
Can this malware survive the normal Ghost Recovery if I also restore the MBR?
Or, should I try and delete the malware, with your help, before using my Ghost image?
Or, is there a way to scrub the hard drive (while leaving alone the small Unknown Partition) to disinfect the drive before running Ghost?
Thanks