Still Infected with ... something.

First of all: Thank you! You people are angels! Your site is amazing. I really hate to ask you for your time after you have so much great, valuable stuff here, but I am still infected and I don't even know with what. Here is the chronology:

I was running AVG, Spybot and something else (I have used so many in the past 4 days!). AVG caught a trojan on my computer I guess after it had already gotten through, but I thought the warning meant it blocked it so I kept playing around on Digg.com (where I apparently got infected).

I didn't realize I had anything until I couldn't open any documents in My Docs folder. They were all there, but when I clicked on them I got an error message which said they were unavailable.

I then ran every scan I could find, followed every list of processes I could do, but only a few things even showed a problem. I have been able to open documents for 2 days, but I still get occasional infected files on some scans.

I have used, AVG uninstalled it, tried AVAST and back to AVG. Neither picked up on everything.

I am definitely a novice (or I was 4 days ago when this started) but I followed your instructions on the READ & RUN ME FIRST page. Your instructions are fantastic. Thank you for such great resources and line by line instructions! Also, I really learned a lot (especially liked finding the pacman and sysinfo.org stuff. It explained so much for other purposes too)

The following found nothing:

• MBAM
• Ad Aware
• SUPERAntiSpyware
• Spybot
• Combofix
• Mgtools
• Trojanscan
• TrendMicro's Online Scan
• Panda Quick Remover
• Kaspersky Virus Removal Tool
• RootKitReveal said something about hives. Let me know if you want to see that log or if it's just allergies. ​

Dr Web Cureit found this:

SIZE="2"]A0000247.#xe;C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2;Probably DLOADER.Trojan;Incurable.Deleted.;
A0000248.#eg;C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2;Probably SCRIPT.Virus;Incurable.Deleted.[/SIZE]

Active Scan caught this:
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP2\A0000054.sys
03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Jennifer Suits\DoctorWeb\Quarantine\Dc1.exe[32788R22FWJFW\catchme.cfexe]
03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Jennifer Suits\DoctorWeb\Quarantine\A0000263.exe[32788R22FWJFW\catchme.cfexe]

AVAST Virus Cleaner Tool found files it could not scan (is that normal?):

C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.log... file could not be scanned!
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSStmp.log... file could not be scanned!
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\tmp.edb... file could not be scanned!
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\Windows.edb... file could not be scanned!
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Temp\usgthrsvc\Perflib_Perfdata_c78.dat... file could not be scanned!
C:\Documents and Settings\NetworkService\Local Settings\Temp\Perflib_Perfdata_57c.dat... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\master.mdf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\mastlog.ldf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\model.mdf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\modellog.ldf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdbdata.mdf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdblog.ldf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\tempdb.mdf... file could not be scanned!
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data\templog.ldf... file could not be scanned!
C:\WINDOWS\system32\CatRoot2\edb.log... file could not be scanned!
C:\WINDOWS\system32\CatRoot2\tmp.edb... file could not be scanned!
No virus body found.

Combofix found this:
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Digg Alerter - (no file)

Hijackthis:

The Detective on Help2go found this and I fixed it.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =http://dnl.crawler.com/support/sa_cu...spx?TbId=60327 (this gets "fixed" then some form of it seems to come back, so I assume this is part of the problem?)

I am attaching my most recent hijackthis log and a Mglogs zip file. Let me know if you need other logs. Thank you in advance for helping!

 

Welcome to Majorgeeks :wave

Our procedures don't require that you run 6 of those above listed tools and scanners, unless specifically requested of you at a later time.

You say the following found nothing..but you failed to attach the logs so that we can see this for ourselves and so we can see what version and updates of the programs were run.

You did attach the MGlogs.zip correctly, but what we now need for you to attach in your next post are the following logs:

• Malwarebytes
• Superantispyware
• combofix

The read and run me first information explains how to retrieve those logs.