Help with Virus Removal

You may have a faked partition:
Partition Disk #0, Partition #2
Partition Size 8.93 GB (9,585,033,216 bytes)

Go to the below link and follow the instructions for running TDSSKiller from Kaspersky

• TDSSkiller - How to run

Be sure to attach your log from TDSSKiller

Please also download MBRCheck to your desktop.

See the download links under this icon http://forums.majorgeeks.com/chaslang/images/MGDownloadLoc.gif

• Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

 

You should back up your important files and data, then:

Preferably from a clean computer, I need you to download: gparted-live-0.11.0-7.iso (114 MB)
Create a bootable CD for GParted. You can useImgBurn to accomplish this.
If you need help on how to use ImgBurn, please view this guide by dr.m -- Using ImageBurn to Burn an ISO image
Now boot off of the newly created GParted CD.
http://img717.imageshack.us/img717/6546/gpartedsplash01107.th.png
You should be here...
Press ENTER
http://img819.imageshack.us/img819/7286/gpartedkeymaps.th.png
By default, do not touch keymap is highlighted. Leave this setting alone and just press ENTER.
http://img404.imageshack.us/img404/9840/gpartedlanguage.th.png
Choose your language and press ENTER. English is default [33]
http://img140.imageshack.us/img140/7958/gpartedgui.th.png
Once again, at this prompt, press ENTER
You will now be taken to the main GUI screen below
http://img32.imageshack.us/img32/1122/gpartedo.th.png
According to your logs, the partition that you want to delete is 8.93 GB
Click the trash can icon to delete and then click Apply.
You should now be here confirming your actions:
http://img233.imageshack.us/img233/1533/gpartedsteps.th.png
Now you should be here:
http://img696.imageshack.us/img696/8471/gpartedsuccessclose.th.png
Is boot next to your OS drive? According to your logs, your OS drive is the 187.70 GB sized partition.
http://img194.imageshack.us/img194/7753/gpartedboot.th.png
If boot is not next to your OS drive under Flags, right-mouse click the OS drive while in Gparted and select Manage Flags
In the menu that pops up, place a checkmark in boot like the picture below:
http://img196.imageshack.us/img196/3483/gpartedmanageflagsboot.th.png
Now press the Close button to save these changes.
Now double-click the http://img822.imageshack.us/img822/641/gpartedexit.png button.
You should receive a small pop up like this:
http://img88.imageshack.us/img88/8986/gpartedexitreboot.png
Choose reboot and then press OK.

Now reboot from the Windows 7 Recovery Disc and execute the following commands:

• bootrec /fixmbr
• bootrec /fixboot
• exit

Once back in Windows...
http://img707.imageshack.us/img707/6703/generalxpicon.gif Re-run another scan withMBRCheck and attach its latest log. (How to attach)

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).Make sure that you watch for the license agreement for TrendMicro HijackThis and click on the Accept button TWICE to accept ( yes twice ).

Then attach the below logs:

* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Ok, then just tell me what issues you are still having, if any.

 

I didn't find any malware. I think you should post in the software forum for further assistance.