ratiofaker virus killing my system (help please)

Hi i went to this website: {snip}
and downloaded the ratiofaker program found here: {snip}

but it ended up being a virus and putting my system in safe mode. I cannot do system restore or anything. Eset does not detect anything on scans.I have a paper endline and my pc is messed now.
when windows starts up it is fine but after 2 mins or so my start menu bar gets removed and so does the status and task bar and my desktop icons.
I checked in safemode and it runs a .dll at start up that is called MServer, i delete it from start up but it just comes back again under a different .dll name.

thanks for your time and i look forward to your reply.

EC edit: Removed possibly unsafe links

 

It looks like a dropper/downloader for a backdoor or a bot. You'll have to contact ESET support with a log of ESET's SysInspector.

 

Hi, I wouldn't write to ESET tech support for this simple problem. Better will be contact some forum specialized on malware removing.

Yes, the base downloaded file can be trojan downloader/dropper, but loaded files will be written in registry and loaded in processes.

 

I was able to log into windows and look at nod32's log and i found out that the following happened....

C:\Users\Raul\AppData\Local\Temp\wr-1-1645.exe
Win32/TrojanDownloader.Small.IAW trojan quarantined - deleted RaulCrainic-PC\Raul Crainic Event occurred on a new file created by the application: C:\Users\Raul Crainic\Downloads\ratiofaker1.75-setup.exe. The file was moved to quarantine. You may close this window.

C:\Users\Raul\AppData\Local\Temp\setupb.exe probably a variant of Win32/TrojanDownloader.Small.NZM trojan quarantined - deleted Event occurred on a new file created by the application: C:\Users\Raul Crainic\Downloads\ratiofaker1.75-setup.exe. The file was moved to quarantine. You may close this window.

C:\Users\Raul Crainic\AppData\Local\Temp\wr-1-1645.exe Win32/TrojanDownloader.Small.IAW trojan quarantined - deleted RaulCrainic-PC\Raul Crainic Event occurred on a new file created by the application: C:\Users\Raul Crainic\Downloads\ratiofaker1.75-setup.exe. The file was moved to quarantine. You may close this window.

what should i do next? i searched the internet for some fixes to these viruses but no luck.

 

I think you should follow up on your post at CastleCops and let their malware experts help you out.

 

nevermind i got sick of looking for "so called" solutions and just formatted my comp.
case closed

 

No honour amongst the thieves. Double pirate?

 

Extracted the undetected trojan and chucked it ESET's way. Looks like a Virtumonde trojan to me.

 

Excerpts from the website the guy was trying to download his free software from.

Now excuse me while I go and laugh my arse off.