Fix with FRST

• Open notepad (Start =>All Programs => Accessories => Notepad).
• Please copy the entire contents of the code box below.
  (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt
  
  
  Code: Alles auswählenAufklappen

  ATTFilter

  HKLM-x32\...\Run: [B64Fu7wxCKTba7x] D:\Users\Volker\AppData\Roaming\ArchiverforWin.exe
  HKLM-x32\...\Winlogon: [Userinit] D:\Users\Volker\AppData\Roaming\ArchiverforWin.exe
  HKLM-x32\...\Winlogon: [Shell] D:\Users\Volker\AppData\Roaming\ArchiverforWin.exe
  D:\Users\Volker\AppData\Roaming\ArchiverforWin.exe
           

  
  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  
  Now please enter System Recovery Options again.
  
  
• Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
• The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Start the computer in normal mode.




Scan with aswMBR

Please download aswMBR.exe to your desktop.

• Double-click the aswMBR.exe to run it
• When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
• Now click on the Scan button to start scan
• On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply

Note: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record).



Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

• Execute TDSSKiller.exe by doubleclicking on it.
• Klick Change parameters, check Detect TDLFS file system, click OK.
• Press Start Scan
  
• If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  
• Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Zitat:

Zitat von Psychotic

Now please enter System Recovery Options again.

[*]Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.[*]The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.[/LIST]

Start the computer in normal mode.

This is how far I get, and then I have the white screen again, so somehow this is not working with FRST

Any other idea ?

After booting in Ubuntu again I can confirm that the exe files is still there in the Roaming folder, although the log file said not found ...
The tool is looking for the file on the wrong Drive, it must be D: not C: although the fixlist.txt actually has the D: specified..