On your Desktop you should have MBR dump file:
C:\Documents and Settings\Faster\Desktop\
MBR.datIf is not there, then re-run aswMBR and it will be created.
Please zip/rar with password "virus" and upload file here:
http://www.wikisend.comPost me please download link.
----- next -----Please download
Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version. - Double-click to run it. When the tool opens click Yes to disclaimer.
- Under Optional Scan ensure "List BCD" and "Driver MD5" are ticked.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
----- Rootkit Removal -----Step#1Please download
TDSSKiller and save it to your desktop
Execute
TDSSKiller.exe by doubleclicking on it.
- Press Start Scan
- If Suspicious object is detected, the default action will be Skip, click on Continue.
- If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example,
C:\TDSSKiller.<version_date_time>log.txtPlease post the contents of that log in your next reply.
----------
Step#2Please download
Malwarebytes AntiRootkit and save it to your desktop.
http://www.malwarebytes.org/products/mbar/Full instructions how to use MBAR
http://www.bleepingcomputer.com/virus-removal/how-to-use-malwarebytes-anti-rootkit Please note: This is a beta version so please be sure to read the disclaimer and note of it.- Unzip/unrar MBAR in a folder to your Desktop
- Open the folder where the contents were unzipped to run mbar.exe
- Click on Next > then on Update button to download fresh definitions.
- When database updates click Next
- In the following window ensure "Targets" scan for Drivers; Sectors; System are ticked. Then select "Scan button"
- If an infection/s are found ensure "Create Restore Point" is checked, then select the "Cleanup Button" to remove threats.
Or if you are sure any entries should not be kept, just untick them. A list of infected files will be listed.
- The Clean up procedure will be Scheduled for process.
- When complete pop-up will show you. Select the Yes button and the system should re-boot to complete the cleaning process.
>> Please attach the two following logs from the mbar folder:
system-log.txtand
mbar-log-year-month-day (hour-minute-second).txt. ----- next -----> In your next reply please attach here:
- MBR.dat download link
- FRST and Attach reports
- TDSSKiller log
- system and mbar logs