Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: File Infector Virus


22 Apr 2013   #1

Windows 7 Professional
 
 
File Infector Virus

Does reformatting all the hard disk partition deleted the file infector virus.?

My System SpecsSystem Spec
.

22 Apr 2013   #2

Windows 7 Ultimate x64
 
 

As long as the virus is on the partition.....
My System SpecsSystem Spec
22 Apr 2013   #3

Windows 7 Professional
 
 

I think so Parman. because when i run an application in the computer an .exe file is created in the startup folder. What do you think Parman?
My System SpecsSystem Spec
.


22 Apr 2013   #4

Windows 7 Home Premium
 
 

cngerra,

Let's see if we can get to the root of the problem...

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement
Select the version that applies to your system: 32-bit or 64-bit. (See: Note (at the end))
Click the dark-blue button that applies.
Save to the Desktop.

Close all windows and browsers.
Right-click RogueKiller and select: Run as Administrator

Press: SCAN

When done, a report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.
(Please do not delete anything!)

Note:
To find out if the system is 32 or 64 bit:
Click: Start
Type System in the Start Search box
Click System in the Programs list.

The operating system is displayed as follows:
For a 64-bit version operating system, under System > System type, it shows:
64-bit Operating System

For a 32-bit version operating system, it shows:
32-bit Operating System
My System SpecsSystem Spec
22 Apr 2013   #5

Windows 7 Professional
 
 

cottonball

Will I do this before i reformat my computer??
My System SpecsSystem Spec
22 Apr 2013   #6
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Yes, do that before reformatting.

Cottonball just wants to see what the "file infector" is, so you'll be aware of it before infecting your newly reformatted disk again
My System SpecsSystem Spec
22 Apr 2013   #7

Windows 7 Professional
 
 

Thanks guys I will do it.
My System SpecsSystem Spec
22 Apr 2013   #8

Windows 7 Home Premium
 
 

Some file infectors can: They bring with them a risk for Rootkits, etc.

Formatting an existing partition doesn't rewrite the MBR...
My System SpecsSystem Spec
23 Apr 2013   #9

Windows 7 Professional
 
 

What I'm worrying is that this box appears...


Attached Images
 
My System SpecsSystem Spec
23 Apr 2013   #10

Windows 7 Professional
 
 

Hi everyone this is the result of the scan.


RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : RogueKiller - Geeks to Go Forums
Website : Download RogueKiller (Official website)
Blog : tigzy-RK

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Christopher [Admin rights]
Mode : Scan -- Date : 04/23/2013 19:56:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 14ea7d3f16d242e19efba6e0a2248586
[BSP] c4fdb928998d49d79e915565f2da3e3d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512000000 | Size: 465403 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04232013_02d1956.txt >>
RKreport[1]_S_04232013_02d1956.txt
My System SpecsSystem Spec
Reply

 File Infector Virus




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:06 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33