Virus still on my system after reinstall ..

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by ailqk, Apr 29, 2012.

  1. ailqk

    ailqk Private E-2

    Hi folks,before 1 week i were infected with some kind of monitoring software (RAT i believe).
    My browser opened porn sites,when i watched film my subtitles were changed suddenly.
    I do scans with avast is/mbam with no infected results.
    So i decided to reinstall my Windows 7 with . (I do only reinstall and left my other partition D:\ unformatted with my important files in,but this does not resolve my problem the strange things still happen.)
    One morning when turned my pc on i recieved this error message (btw i have access at safe,else i got this error) :
    [​IMG]


    I also recieve this error at the tray incase im logged with the administrator and the only user account :

    [​IMG]

    If i try to open any file with extension different from .exe/any document extension i get this error :

    [​IMG]

    I think that may be some bootkit virus,how i can get rid of it ?
     
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Try the below:

    Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop on the PC with the infection.

    • Open up this newly created folder and then open the "files" folder (...\windows repair v1.5.7\files)
    • From here, locate the fix_exe_hijack.inf file and then Right-mouse click it one time, then choose "Install".
    • Once you have done this, you should now be able to open applications again.
    • Let me know if that helped, and see if you are able to follow the below procedures.



    READ & RUN ME FIRST. Malware Removal Guide
     
  3. ailqk

    ailqk Private E-2

    Hey Kestrel13!,thanks for your help,but does not resolve my problem.
    Im sure that i have virus which is attached to BIOS/MBR or just came again from the unformatted partition.
    How do i remove it ?
     
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Are you able to run these?

    I want you to run TDSSKiller so refer to the below for how to do so.

    TDSSkiller - How to run


    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
     
  5. ailqk

    ailqk Private E-2

    There are the logs you need :
     

    Attached Files:

  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds