had a virus come thru that posed as an anti-virus program, went into safe mode and did a system restore, windows logged back in and the restore had gotten rid of the program but left a dropper and i am getting 3-4 trojan horse alerts every minute from fake .dll files being made, also and https site comes up with a weak algorithm warning. Have attached both GMER scans and latest resident shield detection list

Hello xXrejectedXx,

According to the scan result analysis it seems that your computer is infected by MBR rootkit.

In order to get rid of this kind of infection please restore master boot record in offline mode. You may do it using AVG Rescue CD.

Right after the MBR is restored, please scan your computer with updated AVG Rescue CD to kill all remains of infection.

After all above mentioned procedures are done, please provide us with new Gmer and AVG scan results so we can confirm that your computer is clean.

Thank you.

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

Hi xXrejectedXx,

If you, like many others on the Forum, have a difficulty in obtaining or using ("Do you know your Administrator Password?") the Windows Recovery CDs. This post discusses the Alternatives in more detail, as referred to by Nemethste, “You may do it using AVG Rescue CD”.

I went thru and ran the rescue cd and reset the mbr, then did a scan thru the cd and said it fixed the infections. when i booted windows back up it came up with another resident shield detection and now it isnt letting me login to anything on the internet and now keeps kicking me from servers on online games, res shield keeps comming up with trojan horse crypts, generics and zero access detections

Hello xXrejectedXx,

Please provide us with new diagnostic files, so we can check if rootkit remained or what exactly had happened.

Thank you.

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

ok these are the scans, sorry for the delay but have had issues gettin onto the internet with this computer ie th virus throwing up fake https sites

also have this scan from aswMBR and have used bitdefender bootkit to scan the mbr and both have come up saying there is nothing in the mbr

Hello xXrejectedXx,

It seems that your computer become infected by various viruses of the most dangerous kind.

In order to resolve Zbot infection please download and run this tool. (Don't forget to change power management settings to not to sleep).

Reset access tool will resolve issues with permissions.

Also please note that the best solution may be to backup important documents and re-install Windows, since it appears to be severely damaged by infection.

Thank you.

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

has gotten rid of all but a trojan horse zero access infection in one system file, will upload gmer scans and computer scan tomorrow

can only get the autostart scan ang avg computer scan
the rootkit scan log wont save tried 3 times