Virus still on my system after reinstall ..

ailqk · #1 04-29-12, 11:03

Hi folks,before 1 week i were infected with some kind of monitoring software (RAT i believe).
My browser opened porn sites,when i watched film my subtitles were changed suddenly.
I do scans with avast is/mbam with no infected results.
So i decided to reinstall my Windows 7 with . (I do only reinstall and left my other partition D:\ unformatted with my important files in,but this does not resolve my problem the strange things still happen.)
One morning when turned my pc on i recieved this error message (btw i have access at safe,else i got this error) :

I also recieve this error at the tray incase im logged with the administrator and the only user account :

If i try to open any file with extension different from .exe/any document extension i get this error :

I think that may be some bootkit virus,how i can get rid of it ?

Kestrel13! · #2 04-30-12, 06:28

Try the below:

Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop on the PC with the infection.

Open up this newly created folder and then open the "files" folder (...\windows repair v1.5.7\files)
From here, locate the fix_exe_hijack.inf file and then Right-mouse click it one time, then choose "Install".
Once you have done this, you should now be able to open applications again.
Let me know if that helped, and see if you are able to follow the below procedures.

READ & RUN ME FIRST. Malware Removal Guide

ailqk · #3 04-30-12, 08:55

Hey Kestrel13!,thanks for your help,but does not resolve my problem.
Im sure that i have virus which is attached to BIOS/MBR or just came again from the unformatted partition.
How do i remove it ?

Kestrel13! · #4 04-30-12, 17:20

Are you able to run these?

I want you to run TDSSKiller so refer to the below for how to do so.

TDSSkiller - How to run

Please also download MBRCheck to your desktop

Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
It will show a Black screen with some information that will contain either the below line if no problem is found:
- Done! Press ENTER to exit...
Or you will see more information like below if a problem is found:
- Found non-standard or infected MBR.
- Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.

ailqk · #5 05-01-12, 04:57

There are the logs you need :

Kestrel13! · #6 05-01-12, 08:25

Those logs are just fine.

Now run what you are able to of these procedures:

READ & RUN ME FIRST. Malware Removal Guide

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Just cannot reinstall System	Luckyjfl	Hardware	7	04-30-09 15:02
failed reinstall of system restore	hzhzhz	Software	1	03-22-09 10:59
New System: Do I need to reinstall windows?	impudentcrusader	Hardware	4	03-18-06 13:20
How to reinstall your operating system	Major Attitude	Backup, format or restore your PC	0	01-06-04 19:42

The Following User Says Thank You to Kestrel13! For This Useful Post:
ailqk (05-01-12)