Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: File Infector Virus

22 Apr 2013   #1
cngerra

Windows 7 Professional
 
 
File Infector Virus

Does reformatting all the hard disk partition deleted the file infector virus.?


My System SpecsSystem Spec
.

22 Apr 2013   #2
Parman

Windows 7 Ultimate x64
 
 

As long as the virus is on the partition.....
My System SpecsSystem Spec
22 Apr 2013   #3
cngerra

Windows 7 Professional
 
 

I think so Parman. because when i run an application in the computer an .exe file is created in the startup folder. What do you think Parman?
My System SpecsSystem Spec
.


22 Apr 2013   #4
cottonball

Windows 7 Home Premium
 
 

cngerra,

Let's see if we can get to the root of the problem...

Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement
Select the version that applies to your system: 32-bit or 64-bit. (See: Note (at the end))
Click the dark-blue button that applies.
Save to the Desktop.

Close all windows and browsers.
Right-click RogueKiller and select: Run as Administrator

Press: SCAN

When done, a report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply.
(Please do not delete anything!)

Note:
To find out if the system is 32 or 64 bit:
Click: Start
Type System in the Start Search box
Click System in the Programs list.

The operating system is displayed as follows:
For a 64-bit version operating system, under System > System type, it shows:
64-bit Operating System

For a 32-bit version operating system, it shows:
32-bit Operating System
My System SpecsSystem Spec
22 Apr 2013   #5
cngerra

Windows 7 Professional
 
 

cottonball

Will I do this before i reformat my computer??
My System SpecsSystem Spec
22 Apr 2013   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Yes, do that before reformatting.

Cottonball just wants to see what the "file infector" is, so you'll be aware of it before infecting your newly reformatted disk again
My System SpecsSystem Spec
22 Apr 2013   #7
cngerra

Windows 7 Professional
 
 

Thanks guys I will do it.
My System SpecsSystem Spec
22 Apr 2013   #8
cottonball

Windows 7 Home Premium
 
 

Some file infectors can: They bring with them a risk for Rootkits, etc.

Formatting an existing partition doesn't rewrite the MBR...
My System SpecsSystem Spec
23 Apr 2013   #9
cngerra

Windows 7 Professional
 
 

What I'm worrying is that this box appears...


Attached Images
 
My System SpecsSystem Spec
23 Apr 2013   #10
cngerra

Windows 7 Professional
 
 

Hi everyone this is the result of the scan.


RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : RogueKiller - Geeks to Go Forums
Website : Download RogueKiller (Official website)
Blog : tigzy-RK

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Christopher [Admin rights]
Mode : Scan -- Date : 04/23/2013 19:56:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 14ea7d3f16d242e19efba6e0a2248586
[BSP] c4fdb928998d49d79e915565f2da3e3d : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512000000 | Size: 465403 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04232013_02d1956.txt >>
RKreport[1]_S_04232013_02d1956.txt
My System SpecsSystem Spec
Reply

 File Infector Virus




Thread Tools





Similar help and support threads
Thread Forum
File Name.exe and svchost.exe virus?
Hello. My friend borrowed my laptop earlier this morning and he returned it to me after 3 hours. Upon checking my laptop status, I saw to new processes: File name.exe and svchost.exe. I end it's processes and check the msconfig. I saw two new checked start-up entry: svchost.exe and Windows...
System Security
Host File considered a virus?
I scanned my computer with smadav antivirus and it found a virus it says that C:\\system32\drivers\etc\hosts is a virus. Is it really? Should I delete it or leave it alone?
System Security
Hidden Virus File
I recently developed a virus on my computer. I did a MSCONFIG and found the malicious file in the start-up and ‘Disabled’ it so it did not run when I started my computer. Next, I wanted to delete this file so found its location in C:\Users\Appdata\...etc. However, when I got to the final folder...
System Security
CBS Log file help and Windows corrupt after virus
I recently had a virus/trojan which i cleaned but now it seems so many files have been affected. When i switch on my computer explorer.exe doesnt start. Then i try start it manually and it starts and closes quickly, i try again and nothing. Then i do a system restore to way back, and i start...
System Security
All File Downloads Fail with message "File contains virus"
Just recently every file I try to download either in IE9 or Firefox 6.0 gets deleted as soon as the download completes. In IE9 I get the message "<filename> contained a virus and was dleted". In Firefox there is no message but the file is not in the destination folder. I did have AVG 2012...
System Security
It’s NOT Koobface! New multi-platform infector
More - It
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 10:58.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App