Riddled with Viruses.

[Mackem1983]

Hi SD,

Please find attached. Hope you and all have a merry christmas.

[Saving space, attachment deleted by admin]

[Mackem1983]

Problems are back this morning, search engines are impossible to use as Im just getting redirected all over the place. AVG says a Exploit Rogue spyware scanner (type 504) has been found. All in all it seems pretty unstable also, ive had 2 crashes alone this morning.

[SuperDave]

Ok Mackem. Let's try this again:

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code: [Select]

KillAll::

Driver::
pxfzdgdb

3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze

Update and run SAS and MBAM again. Post the logs and also a new HJT log

[Mackem1983]

Hi SD,

Took me 4 attempts to get through the SuperAnti scan without getting a blue error screen, but i half all logs of which will hopefully be attached.

All the best.

[Saving space, attachment deleted by admin]

[SuperDave]

Hello Mackem1983. Let's try this:

Go to Start > Run, and copy/paste the following into the Open box (one line at a time) then Click OK after each.

Code: [Select]

sc config pxfzdgdb start= disabled

Code: [Select]

sc stop pxfzdgdb

Code: [Select]

sc delete pxfzdgdb
Could you please run another ESET scan as indicated in Reply # 5 and paste the results here?
Also let me know how your computer's running.

[Mackem1983]

My computer is terrible to be honest SD, its never bee worse. Crashes are frequent, no games work for more than half an hour. Im trying to get the es scan done but it continues to freeze after an hour or so. Im quite concerned 

[SuperDave]

Hello Mackem1983. I'm sorry to hear that things aren't improving. Let's remove ComboFix and I'll try to think what to do next.Sometimes scanners and computers don't get along. When you get a BSOD do you recall what the error is?

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

[Mackem1983]

HI SD,

I have inputted the code's given and uninstalled combofix, I apprieciated your continued suport. I did store a log of the bsod error's but they seem to have gone , i remember it being at least 2 different messedges. However since this morning i have not been getting bsod, just freezing/crashing constantly, what ever i have done recently it certainly doesnt agree with my games as they run for a maximum of 3 0 mins before the system freezes. Also it might be irrelevant but in the bottom right of the windows screen my < sign has gone.

Cheers buddy.

[SuperDave]

Hi Mackem1983. I checked with my mentor and we both agree that your problem now is related to Software or Hardware and not an infection. I would advise you to start a new thread in this forum and perhaps someone with tech knowledge will be able to help you out. Here are some helpful hints to keep clean.

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

[Mackem1983]

Hi SD,

It does appear to me as if something has gone wrong somewhere with the hardware (drivers or something), however I definatly still have a trojan vundu in the system restore art and its only become this way by trying to remove it.

I remember at the start we did a combo fix and it created back up of which i could select while loading up, if i was to use that would it take my comp back a week? Because at the moment I still have the trojan, but far worse my sytem is unstable.

[evilfantasy]

however I definatly still have a trojan vundu in the system restore

System Restore was cleared by uninstalling ComboFix.

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

[Mackem1983]

Im not really sure of the point of that, was it no it will not help to try to make my computer work again?

[evilfantasy]

We have suggested that you post in this forum to deal with the BSOD. We do malware removal here.

[Mackem1983]

Hi folks,

I have restored my system to the original state and it seems well, however it was suggested to me that i post on here to find any information on how was the best way to go about checking if anything bad had stayed on here.