Trying to remove Smitfraud-C.gp

I am following your procedures for removal in the "Removing Zlog ada SmitFraud, SpySheriff, Insfections" thread. I have attached the SmitFraudFix log.

 

I followed all of the procedures and the fix selection #2 ran but it didn't seem to finish the job. It never asked if I wanted to clean the registry. The screen just went totally black and I had to restart the computer. I have attached the new log.

 

Hello,
I found your READ & RUN ME FIRST post and followed all of the procedures. All worked fine accept RootRepeal had some errors which I also attached.

You wanted me to describe my problem - Earlier this week we started getting IE starting automatically and really bad web pages showing up. I downloaded Spybot and ran it and it found something with the title SmitFraud but it didn't stop the problem. So I did a seach and found your forum with the SmitfraudFix and ran that but it didn't help at all. Then, as stated above, I found your malware removal tool.

At this point the popup windows have not happened again but I am not an expert at this and would like you to look at the logs and let me know if I need to do anything else.

Thank you very much for the help!
(note - I included an error log for RR as well as the ones you wanted)

 

more logs

 

here is the first mbr log.

 

here is the second mbr log. Thanks so much for the help!

 

I am having trouble uploadingt the second log. I tried to rename it and it still didn't allow me to upload.

here is the log results pasted:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

 

That is good news. I guess that means I am all clean. I don't seem to have anymore problems although I haven't really used the machine at all so as not to allow further infection. Thank you so much for your help!

How do I verify that my flash drives are not infected as well. I used one of them on my work laptop and it infected it almost immediately upon insertion. If it infects a machine that fast how do I test/clean one without spreading the virus? I tossed the infected one away because it was only 700 meg and very old but my others are large and new and I don't want to throw those away. Any help would be great. Thanks again!

 

Thank you so much Tim.

I followed all of the procedures and installed Autorun Eater and ended up deciding on SuperAntiSpyware. I also am using Norton Systemworks for Antivirus and Zone Alarm for a firewall both of which I already had. I am thinking of using Comodo instead but have not done this yet because I may still have an issue.

I have noticed that every now and then the window I am working on goes gray and then I hear a bing sound and then the window returns to normal. Also, the harddrive is always flashing as if something is constantly running and accessing or trying to access my harddrive. What could be causing this? I am not sure if I still have a bug trying to do something or is it one of the scanners still working in the background.

Also, I no longer have autoplay for the cdrom working. How can I get this working again?

Thanks for the help!