Need Help. zeroacess.rootkit/trojan.agent svchost/virus,etc

soultak92 · Aug 7, 2012

I have read through many forums through the last couple days regarding these issues. trying all of these malware removal programs:
AVG Free
MalwareBytes
aswMBR
bootkit_remover (boot_cleaner)
FixZeroAcess
RougueKiller
TDSSKiller

using all of these to no avail. I have also gone into system repair and tried that.
I was able to fix all the issues at one point where AVG and Malware did not detect any intrusions until 2 days later when the problems started occurring again.

Issues:
-Under my processes in Windows Task Manage, svchost.exe(winrscmde) would use off 900,000K of my memory slowing my computer down immensly
-I also got the google redirect virus where eveytime i tried to click on a link it would re direct me to an advertisement page
-Most recently my computer crashed with a blue screen

Any help would be appreciated

Thanks

soultak92 · Aug 7, 2012

UPDATE
I ran HitmanPro which found the virus, i proceeded to remove it and restarted my computer (I did not save the log from this action)
Once my computer was restarted i re ran HitmanPro, RougeKiller, TDSSKiller and aswMBR and they alll found no virus or rootkit.
I ran Malwarebytes, which found Trojan.Agent (C:\\Windows\svchost.exe.) so the virus still appears to be on my computer?

soultak92 · Aug 7, 2012

MalwareBytes quarantined the virus.
Issue is resolved.
Will post again if it comes back within the next couple days.

Kestrel13! · Aug 8, 2012

I very much doubt that Malware Bytes alone can deal with the WHOLE problem. If you want to allow me to dig deeper. ..

http://img827.imageshack.us/img827/1263/frst.gif For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.

As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.

Use the arrow keys to select the Repair your computer menu item.

Choose your language settings, and then click Next.

Select the operating system you want to repair, and then click Next.

Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.

Restart your computer.

If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.

Click Repair your computer.

Choose your language settings, and then click Next.

Select the operating system you want to repair, and then click Next.

Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt

Click to expand...

Select Command Prompt

In the command window type in notepad and press Enter.

The notepad opens. Under File menu select Open.

Select "Computer" and find your flash drive letter and close the notepad.

In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

The tool will start to run.

When the tool opens click Yes to disclaimer.

Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply. (How to attach)

Log in or Sign up

Need Help. zeroacess.rootkit/trojan.agent svchost/virus,etc

soultak92 Private E-2

soultak92 Private E-2

Attached Files:

mbam-log-2012-08-07 (14-25-24).txt

soultak92 Private E-2

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member