Recurrent, Well-hidden, virulent malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Kitdan, Feb 15, 2011.

  1. Kitdan

    Kitdan Private E-2

    I have re-installed Windows about 5 times due to the same problems occurring.

    Initially, the computer seems a little slow, booting is slow, shut-down is slow, IE and other internet software slows to a crawl.

    Soon, the computer rarely shuts down, getting stuck at the "Open Software / Force shut down" screen. Finally, I start noticing bandwidth issues. Other computers on the wireless network have no bandwidth despite this computer not appearing to be using the internet, until the computer shuts down, and then the bandwidth is returned. Networks that the computer connect to are named with an additional number, such as "Network 2," which I have been told is a method malware uses to conceal VPNs or other networks it creates and hides. Usually, I reinstall windows at this point, as no antivirus can find any problems, nor can I find any solutions to the problems. Inevitably, the problems return after a month or two of using the computer. Also, I've noticed that my read/write permissions are being changed on various aspects of my hard drive - specifically, AppData, but there are other directories. I've changed them back, and then they get changed again.

    I have previously run the requested software prior to coming to your forum. I am including the most recent logs.

    Thanks in advance for all of your help!
     

    Attached Files:

    Kitdan, Feb 15, 2011
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    It does not sound like you are having malware problems. However to continue I need a better log from MGtools as your log is extremely incomplete. You need to remember to shutdown your protection while running scans!!!! Your ComboFix logs shows that you still had Comodo running and it appears to have interferres somewhat. It may have also interferred with MGtools so shut down ALL of Comodo before doing the below.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\MGlogs.zip
     
    chaslang, Feb 16, 2011
    #2
  3. Kitdan

    Kitdan Private E-2

    Thank you for the prompt reply! Please find attached the log as requested.
     

    Attached Files:

    Kitdan, Feb 16, 2011
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Similar to your other logs, there are no infections showing. The problems you mentioned in your first post sound more like you are having problems with Windows itself which means you would be better off posting in the Software Forum. However just to be safe, let's run two more scans and check the logs.



    Download TDSSKiller from Kaspersky to your directly onto your Desktop
    • Now double click the TDSSkiller.exe file to run it ( if using Vista or Windows 7 do not double click on it but rather, right click and select Run As Administrartor. )
    • If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123tdk.com).
    • Allow the application to run if prompted by Windows or any security programs you have installed
    • It will start the scan and run rather quickly and will notify you of whether anything is found or not.
    • Follow the instructions to delete/quarantine if asks you what to do when if finds something.
    • Whether an infection is found or not, a log file should be created on your C: drive ( or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run. Please attach this log to your next reply. (See: HOW TO: Attach Items To Your Post )
    Also run this GMER - running with a random name and attach the log from GMER


    Why did you first logs show you running this? >>> C:\Users\daniel\Downloads\rmvirut.exe
    Did you think you had Virut for some reason?
     
    chaslang, Feb 19, 2011
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds