Massive Malware Infection

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Anthony_, Aug 22, 2011.

  1. Anthony_

    Anthony_ Private E-2

    I have a massive malware infection on my system. I've ran the following programs and still am having problems:

    - Malwarebytes Antimalware
    - ComboFix
    - rkill
    - Microsoft Security Essentials (only dedicated antivirus)
    - tdsskiller
    - Spybot Search & Destroy
    - Temporary File Cleaner

    ...as well as many more that I'm just forgetting. I've gotten rid of a lot of files, but now I am getting some that the above programs just aren't getting rid of. Smitfraud-C's svchost.exe, for one, and Alureon.A is another, according to MSE. I think there's another, too, but I just can't recall what it was.

    Right now my system is working fine, except after I browse the Internet briefly I will get a random BSOD that completely kills everything. Before I log onto Windows Vista SP2 it also gives me an abnormal "Please wait..." before it shows my user account (normally it just pops right up).

    Sorry I'm rambling, I'm just mad right now, because I've never had an infection on this level. I'm contemplating just reformatting and starting over it's so bad.

    Attached is the Hijackthis log. I no longer have the most recent Malwarebytes log, but I'll scan again and attach later.
     

    Attached Files:

    Anthony_, Aug 22, 2011
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Welcome to the Malware Removal Forum.

    Please read ALL of this message including the notes before doing anything.

    Pleases follow the instructions in the below link:

    READ & RUN ME FIRST. Malware Removal Guide


    and attach the requested logs when you finish these instructions.
    • **** If something does not run, write down the info to explain to us later but keep on going. ****
    • Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

    • After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!
    Helpful Notes:

    1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
    3. If you cannot seem to login to an infected user account, try using a different user account (if you have one) in either normal or safe boot mode and running only SUPERAntiSpyware and Malwarebytes while logged into this other user account. Then reboot and see if you can log into the problem user account. If you can then run SUPERAntiSpyware, Malwarebytes, ComboFix and MGtools on the infected account as requested in the instructions.
    4. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
    Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.
     
    Kestrel13!, Aug 23, 2011
    #2
  3. Anthony_

    Anthony_ Private E-2

    Attached below are my most recent logs from Spybot, Malwarebytes, and rootrepeal. I am still attempting to get MGtools, ComboFix and SUPERAntispware logs as requested in the guides, but my computer is continually getting BSODs during scans. I apologize for that.

    The Spybot and Malwarebytes scans were done in safe mode, as my the normal startup was getting BSODs at that point. The rootrepeal log was done in the normal startup before I got a BSOD about 5 minutes later.

    I'm trying to take a picture of the unique BSOD I've been getting, but my digital camera isn't loading fast enough.
     

    Attached Files:

    Last edited: Aug 23, 2011
    Anthony_, Aug 23, 2011
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    The Spybot log showed nothing to help me. What it removed were not problems anyway. Malware Bytes is outdated, you need to open up the program, let it update and rescan. Attach the new log if you are able to run it.


    I know the BSOD's are getting in the way but try and get the other tools to run as well because the information in those will be much more valuable to me.
     
    Kestrel13!, Aug 23, 2011
    #4
  5. Anthony_

    Anthony_ Private E-2

    I will see what I can do, but literally anytime I try programs other than the ones I have logs for (and those really have only worked decently in safe mode) I get a BSOD. I've been trying literally all day to get these scans done (alternating between the programs listed in the guide), but it's just repeated BSODs.

    I've read up on the Alureon rootkit and I'm not sure there's much I can do other than reformat, I just need to find my Vista CD. Do you have any experience with Alureon -- do you recommend a clean format?
     
    Anthony_, Aug 23, 2011
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I don't suppose you have a log to show what MSSE is reporting do you?

    Also, please try to run this in any mode you can, try and persevere a while with it.

    I want you to run TDSSKiller so refer to the below for how to do so.

    TDSSkiller - How to run
     
    Kestrel13!, Aug 24, 2011
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds