New
#1
Hi.
Avast have a boot scan feature which you should try. Defo@boot infects the MBR, so it can't be removed while you're in the operating system.
Running a Boot-time Scan in Avast Antivirus | Official Avast Support
If that doesn't work, have a look at the steps here:
https://www.precisesecurity.com/virus/threatdefoboot
.
Last edited by simrick; 22 Jun 2018 at 21:37.
Thanks. I have already tried Avast Boot Scan. Previously it was in MBR in my other hard disk which I had to ultimately formatted. In my this disk, I think this is not in MBR but a log file in System. I simply want to delete or replace this file. I think deleting this file should not make any problem for PC. I have tried TDSS .killer though not in safe mode and it did not detect this.
Okay, I guess my question would be: How did this event end up on your new drive? Is the new drive a clone or restored image of the old one?
I think you should be able to do this (but be sure to have an image made first, in case you have any problems):
Double-click the log file to open it in Event Viewer.
In the right pane under Actions, select Clear Log.
I've never done this myself, so not sure how much will be cleared, but you can try it. If it works, and it's cleared, and then it reappears, I'd say you still have a problem.
Thanks. Your and my thoughts are just similar. I already cleared all logs but you can yourself check that lots of logs of around 68 kb each reappear. Though this virus was showing in a log file and it may not be harmful but I was not at ease seeing my system affected with virus. So finally I went back to restore my system images one by one and then in third attempt, the image I restored was clean. For information , TDSSkiller, zero access tool and defender could not pick up virus in this file.