Hi there,
AVG 7.5 detected the Sheur2.gas trojan on my machine, and the usually reported problems immediately started -- AV couldn't update, browser hijacks, etc. So, I booted back up in safe mode + networking, disabled the TDSSserv.sys driver as directed in another troubleshooting thread, and downloaded the following:
- CCleaner
- MBAM
- SUPER AntiSpyware
- HijackThis
- ComboFix
and followed the excellent guideline instructions posted here on ComputerHope, in order. So far, I've only run CCleaner, MBAM, Super AntiSpyware and HijackThis (along with Spybot S&D), and stopped before going on to ComboFix to post my progress so far.
The logs I've posted are in chronological order, as follows:
1. SUPER AntiSpyware, where it detected the Sheur2/Vondo mess
2. MBAM Results immediately following the SAS disinfection, where it found more of the same.
3. MBAM results AFTER the MBAM disinfection
4. HijackThis results that reflect current system state
It looks like I've gotten the rootkit/trojan out of the OS for the moment, and I know I need to replace AVG 7.5 (leaning to AVast at the moment, AVG 8 is a system pig), but I'd appreciate a review of my current logs, to see if I've missed anything, or need to proceed to ComboFix.
Also, there are still 2 hidden drivers that are installed, that I've disabled, and would like to remove -- they are known malware, and I'd imagine I shouldn't just leave them disabled in the Device Manager. They are named:
- TDSSserv
- ipnatt
How should I proceed?
Thanks in advance!
[attachment deleted by admin]