system
January 13, 2018, 11:53am
1
I’ve got virus named MBR:\.\PHYSICALDRIVE0 Name Hurri i’m tried to delete it and it wont work and it says 0xc0000002 not implemented
so what i should do i’ve try to reinstal my windows but still have this virus
same problem like this threat : https://forum.avast.com/index.php?topic=134584.0
Pondus
January 13, 2018, 12:09pm
2
what tool have you run that detect this? … if it has a log, attach it
Instructions >> https://forum.avast.com/index.php?topic=194892.0
system
January 13, 2018, 12:21pm
3
I’ve install avast few minute ago and just notification that say your computer had rootkit threat hurri i’ve tried scan with tdsskiller it show nothing it say there is no rootkit in my computer when avast suggesting scan boot-time i do it and try delete the virus but wont then got code with 0xc0000002 not implemented now got no idea what should i do now
Thx for fast respond
Pondus
January 13, 2018, 12:27pm
4
got no idea what should i do now............
Link to instructions posted above
system
January 13, 2018, 1:24pm
5
here is my log of MBAM scanning sorry about late
system
January 13, 2018, 1:28pm
6
Here is my scanning of FRST and Addition
system
January 13, 2018, 1:38pm
7
i had force close game/application before it this make contact with malware??
sorry for #badEnglish
Open Notepad (click Start button → type notepad.exe → press Enter )
Copy text from code block below and paste it into Notepad
HKU\S-1-5-21-3035136888-3769285933-599706858-1000\...\Run: [MicrosoftRuntime] => C:\Users\Ari\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe [1457 2018-01-01] ()
CHR HomePage: Default -> hxxp://public-box.ru/start
CHR StartupUrls: Default -> "hxxp://public-box.ru/start","hxxp://go.mail.ru/?chverfix=1&fr=chverfix_sg"
VirusTotal: C:\Users\Ari\AppData\Roaming\libraries\MicrosoftRuntimeUpdate.vbe
C:\Users\Ari\AppData\Roaming\libraries
Go to File → Save As
Make sure that UTF-8 is selected as Encoding (left side of Save button)
Save it as fixlist.txt on Desktop
Open again FRST and click on button Fix
Wait until FRST finishes
fixlog.txt should be genereted and opened. Attach it your post and wait further instructions.
What is the system status now?
system
January 13, 2018, 9:38pm
11
Emm my system now getting better than before i do it a scan twice with mbam then the result my computer now clear avast no popup a rootkit hurri notification
Ooh yeah by the way i had so much bluescreen of the dead (page_fault_in_nonpaged_area) and force close issue is it fixed?
I don’t understand. You are getting constant bluescreens or?