[VIRUS] Unable to resolve MBR:Backboot-G [Rtk] *MBR0


  1. tjeharriet
    Posts : 5
    Windows 10
       New #1

    [VIRUS] Unable to resolve MBR:Backboot-G [Rtk] *MBR0


    Hi all,

    My computer is under attack and random pop ups keeps appearing. I previously installed MalwareBytes, it is always showing me that it is helping me to block Trojan every few seconds. I did a scan using it and it did not show that I have any virus.

    1. I tried AVG and did the deep scanning, and this time the virus showed up. However, when I click resolve, nothing happens.

    2. I tried to follow some tutorials by typing the command code in cmd administrator to boot in safe mode, however I can't seem to get back to the stage where my windows reboots normally.

    Will appreciate if anyone is kind enough to advice :)

    I've also attached the image of error

    Thanks alot in advance!
    Attached Thumbnails Attached Thumbnails [VIRUS] Unable to resolve MBR:Backboot-G [Rtk] *MBR0-capture.png  
      My Computer
    Quote Quote

  3. Caledon Ken
    Posts : 30,192
    Windows 11 Pro x64 Version 23H2
       New #2

    Hi tjeharriet. Welcome to the TenForums @tjeharriet

    If you use Malwarebytes you have to add a check mark to scan RootKits. If it is still installed please make the change

    You could also try their tool specific tool.

    https://www.malwarebytes.com/antirootkit/

    Not sure what you mean boot normally, are you stuck in safe mode or this pest is just causing a troublesome boot.

    Are you able to start Windows?
      My Computer
    Quote Quote

  4. tjeharriet
    Posts : 5
    Windows 10
    Thread Starter
       New #3

    Thank you @Caledon Ken.

    I will try your suggestion :)

    My Windows starts in Windows Boot Manager (The page before I click Windows 10 to go to the screen to choose safe mode)

    Previous I ran a command to trigger Boot by clicking F8. Now I cant reverse that move.

    I am able to start windows 10
      My Computer
    Quote Quote

  6. Caledon Ken
    Posts : 30,192
    Windows 11 Pro x64 Version 23H2
       New #4

    What command did you run please?
      My Computer
    Quote Quote

  7. tjeharriet
    Posts : 5
    Windows 10
    Thread Starter
       New #5

    Malwarebytes
    Free Antivirus Replacement & Anti-Malware Tool | Malwarebytes

    Code:
    -Log Details-
Scan Date: 10/3/18
Scan Time: 11:33 PM
Log File: a364d09a-c721-11e8-89cf-309c23cff04b.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.7163
License: Trial

-System Information-
OS: Windows 10 (Build 17134.286)
CPU: x64
File System: NTFS
User: DESKTOP-UMP721T\Harriet

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Cancelled
Objects Scanned: 137367
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 1 min, 26 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.NetMeterX, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nfstat, Quarantined, [4556], [575960],1.0.7163

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
PUP.Optional.NetMeterX, C:\WINDOWS\SYSTEM32\DRIVERS\NFSTAT.SYS, Quarantined, [4556], [575960],1.0.7163

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
    Last edited by Brink; 03 Oct 2018 at 10:48. Reason: code box
      My Computer
    Quote Quote

  8. tjeharriet
    Posts : 5
    Windows 10
    Thread Starter
       New #6

    I've followed your instructions regarding malwarebytes and the logs above is what i get.

    I've use this command

    bcdedit /set {current} bootmenupolicy Legacy

    i found it on Enable or Disable F8 Advanced Boot Options in Windows 10 | Windows 10 Tutorials

    I also tried the disable command, but sadly it does not work.

    On a side note, do you think it is faster if i just reinstall windows 10?
      My Computer
    Quote Quote

  9. clam1952
    Posts : 856
    Windows 10 Pro 21H2 build 19045.2193 Dual Boot Linux Mint
       New #7

    Probably not as it's a rootkit installed in the mbr and takes over before you get to Windows, need to fix the mbr, not done any of this for years but tdsskiller should get rid of it, wait for confirmation from someone with more recent experience with rootkits first though.
      My Computers
    Quote Quote

  10. Caledon Ken
    Posts : 30,192
    Windows 11 Pro x64 Version 23H2
       New #8

    The log you posted says rootkit is still disabled in Malwarebytes.

    [VIRUS] Unable to resolve MBR:Backboot-G [Rtk] *MBR0-image.png
      My Computer
    Quote Quote

  12. tjeharriet
    Posts : 5
    Windows 10
    Thread Starter
       New #9

    I've already checked the Rootkit box.

    maybe this virus is too strong that it switch off the check?

    But I have also reinstalled Windows 10. Hopefully it will solve the issue.

    Thank you for your prompt responses and help. :)
      My Computer
    Quote Quote

  13. TairikuOkami
    Posts : 5,452
    Windows 11 Home
       New #10

    You can also try those (last updated in 2018):

    Download Bitdefender Rootkit Remover 3.0.2.2.014

    Download TDSSKiller 3.1.0.17
      My Computer
    Quote Quote

 

  Related Discussions
Hi, I recently noticed some changes to Windows Security. No longer is there a delete option after taking actions against a Virus. If the action result shows the Virus is blocked does the Virus still remain on the System ? If so is there any...
Unable to Start Windows Defender Anti-Virus?.
in AntiVirus, Firewalls and System Security

My PC is running the 64bit version of Windows 10 Home Edition version 1903 build 18362.388 and I keep everything updated to the latest versions. The last two years or so I have used the paid for version of Kaspersky Internet Security 2020. I use a...
Kodi Tab Virus - Nothing showing from Virus Scan
in AntiVirus, Firewalls and System Security

Windows 10 was working fine until, somebody downloaded Kodi on the affected machine and Kodi was behaving as if a permanent TAB key was being inputted on the keyboard (i.e. left to right across rows permanently) - when trying to select anything on...
I am at a loss of what I can do except send this laptop, to the manufactory Lenovo, and I hate to do this. Runs at 100%cpu with any browser I use, I use the Chrome, it is worse, then I use Edge, it gets back to100% real fast also . What I have done...
Trade exchange virus + Unable to access router settings
in AntiVirus, Firewalls and System Security

Hello everyone! I am facing Trade Exchange virus which creates additional tabs while using browser. I did some research on internet and have tried few methods (Malwarebytes & Adware Removal Tool), but to no help. I read somewhere that this...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 15:54.
Find Us




Windows 10 Forums