bad virus, need help, appreciate any attention to my problem.

  1. How was it detected? What was scanning, you yourself or the back-ground scanner?
    Did the message come from the avast Network Shield or Webshield or were you alerted via an avast Webreputation alert ? When did the message occur on a download, unzipping, opening a file, mail or mail-attachment, etc.?
    A capture of the message screen as image can be helpful or what the message says and
    where the suspicious file was detected.

My cpu usage was maxed out with no applications running, it was processes from windows explorer that was doing this. I ran the free avast software and it found about 7 infected
files. I deleted all I could and I am left with two that can not be deleted ( ‘MBR\.\PHYSICALDRIVE0\Partition1’ and C:$Boot).

  1. What was the source of the file, where did the file come from?.: e.g. address, URL, source.

I dont know

  1. When was it downloaded or received?

I noticed it today

  1. What is the exact file name with extension.

MBR\.\PHYSICALDRIVE0\Partition1 and C:$Boot

  1. What was the exact wording of the message that the AV program came up with? This is important for later. Right click the asvast ball and left-click show last pop-up message!

it said it needed to reboot before being able to delete

  1. Now go back and do nothing yet. Scan the particular file once again with your AV product.
    A. The message is in the same wording: maybe positive alert
    B. If the message is not in the same wording or the scan does not find up anything this could be a false positive.

Scanned multiple times, same thing happens.

  1. Check with an on line scanner or update to Virustotal for a second opinion. VT resides at http://www.virustotal.com/index.html
    You can do an URL scan or file-scan. Also give the MD5 hash that is given further down the scan result page under additional information. This can help to identify the malware file.
    Other scan results can be found for a suspicious URL or link at: http://vscan.urlvoid.com/file/
    for filescans alternative scanners are: VirSCAN http://virscan.org/
    Metascan http://www.metascan-online.com/
    or you can ask on the forums to have the URL or link in question scanned with
    various scanners. A FP is more likely if the file is only flagged by avast and GData.

My pc is having a lot of trouble working right now so I came straight here

  1. Go get informed ask a Virus Encyclopedia or Virus Central. Remember Google is your best friend, also put a question on a forum.

Ive read a few similar problems people were having but Im pretty computer illiterate and I don’t really know what Im doing.

Attach your basic logs. (MBAM, FRST and aswMBR…!!)
Instructions: https://forum.avast.com/index.php?topic=53253.0

Hi there, initially we will hit it with a dedicated tool as this looks like a boot kit

Download the latest version of TDSSKiller from here and save it to your Desktop.

[*]Doubleclick on TDSSKiller.exe to run the application

https://dl.dropbox.com/u/73555776/tdss%20start.JPG

[*]Then click on Change parameters.

https://dl.dropbox.com/u/73555776/tdss%20Change%20param.JPG

[*]Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.

[*]Click the Start Scan button.

[*]If a suspicious object is detected, the default action will be Skip, click on Continue.

https://dl.dropbox.com/u/73555776/tdss%20threat.JPG

[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

[*]Get the report by selecting Reports

https://dl.dropbox.com/u/73555776/tdss%20report.JPG

[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

THEN

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select additions at the bottom
[*]Press Scan button.

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach both logs generated.