[themediumuser]

Hello everybody , today i had bad luck (downloaded malwarebytes) because i couldn't enter my local disks (c and d) it asked to open with , i solved that , now i get another virus , it's autorun.inf (backdoor.bot) or something , it detects so much the malwarebytes , but they reappear in next 30 seconds after deleted,and i can see them ... in C:\ and D:\ autorun.inf and a file named vqpd or something .pif , and in the c:\ there is a ms-dos ghixv and ghixv31231 ms-dos , and a auto-run.inf with the files names , It's content is like that :

[AutoRun]
;xgLpoNjXb gKHxBqsYiWUtcXhfdkgrMXbk yrCl lhgefd 
;uGxt ldlIjfkXs 
shell\open\deFAult=1

;ixhaiX xcPsQqLqxdyviqvWpFQcl vvVr gpvv 
OpeN =ghixv.pif
;DPWWlMEBlgt gCEWQS  rxvpnsveEkrdYqakgLlxciUsTwM drhRygLwoAxcNKoe
sHelL\OPEN\commaNd=ghixv31231.pif
;
shell\ExpLore\command = ghixv.pif
;rBeWYcdwsOJAeltPxetd 
sHeLl\auToplay\comMANd= ghixv.pif

Anybody help me please!EDIT: It changes everytime the name , when i delete them with anti virus malwarebytes! and btw i tried to enter safe mode but BLUE SCREEN OF DEATH ):

[Advertisements]

Hello themediumuser,


Let's see what scans you can run, so I can see what all is involved there.


If the system is Vista/Windows7, when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

-----------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download RogueKiller from here to your desktop.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.


A lot, but comprehensive, and will make sure we get a good view of everything.

[Jintan]

Hello themediumuser,


Let's see what scans you can run, so I can see what all is involved there.


If the system is Vista/Windows7, when running any of the scan files we use, be sure to right click the file, then select "Run as administrator" to start the scan/tool.

And To make sure you have an accurate view of files there, make sure you can View Hidden Files. Also uncheck "Hide Extensions for Known File Types"


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

-------

Click here and download OldTimer's OTL to your desktop, then click that to open the scan display. At the top click "Scan All Users", then click "Run Scan". Make no other changes at this time.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are also saved in the same location as OTL.exe. Post the contents of those back here please.

-----------

Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (again, before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

-----------

Download RogueKiller from here to your desktop.

Close all open programs
Remember to right click -> run as administrator, and click the downloaded file.
Wen RogueKiller finises it's opening scan, press the Scan button..
A RKreport.txt will be created in the same location as the RogueKiller file.
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe, and try again.

Please post the contents of the RKreport.txt.


A lot, but comprehensive, and will make sure we get a good view of everything.