Possible Infection - 8 steps completed

[IamSam9895]

Hi, I came here because of repeated bluescreen errors and I was told that I might have an infection. I did the eight steps, and things were found, so I'm uploading the logs and wondering if somebody could take a look at them for me. Any help is appreciated, so thanks in advance.

https://www.techspot.com/vb/attachment.php?attachmentid=46478&d=1239092877

https://www.techspot.com/vb/attachment.php?attachmentid=46479&d=1239092882

https://www.techspot.com/vb/attachment.php?attachmentid=46480&d=1239092887

Experienced a few more BSOD's today, these happened while not doing anything specific, except for the latest one. It occurred when I tried to start a source engine game (garry's mod). I'm including the minidumps below.

 

[touch]

Uninstall remnants from your AVG8 Antivirus
Run the AVGRemove Tool


Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe

And save to the desktop.


Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
File::
C:\WINDOWS\system32\xtgvbm.dll
Folder::
C:\Program Files\Spyware Guard 2008

http://img.photobucket.com/albums/v6...FScriptB-4.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe, and post//attach back the resulting report.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

 

[IamSam9895]

Ran the AVG removal tool, and let it restart. Begun to run ComboFix, but it warns me that the resident protection from AVG is still active. I cancel at this point because I am unsure as to whether this makes a difference. Thanks for your help so far.

 

[kimsland]

Actually here's another AVG removal tool:
Download the archive avg8.zip http://support.kaspersky.com/downloads/products2009/avg8.zip
unpack all files from the archive avg8.zip into one folder
run the file KLeaner.exe
wait until the utility finishes its work
restart your PC

Continue on

 

[IamSam9895]

Unzipped, and ran. I can't tell if it's doing anything though, it starts up and closes out immediately. I tried running it from command line, but it doesn't display anything when done through there either.

 

[kimsland]

Sorry that one doesn't display anything

Anyway after Restart and then following the above Support running ComboFix, does it now say AVG is still running? ( I suspect no )

 

[IamSam9895]

Alright, ran it. You were right, it went off without a hitch. Logfile attached.

 

[kimsland]

File Sharing Programs found in logs

Info on using P2P Programs => https://www.techspot.com/vb/topic124748.html

Quote from 8-Step Removal Guide:

Uninstall File Sharing/P2P Programs

During the cleaning process all File Sharing Programs should be uninstalled
This is to avoid any possible reinfection of any malwares through file sharing

We reserve the right to withdraw our support:

• If such programs are found in your logs
• Should you not agree to their removal.

As they are normally set to bypass your Firewall and Anti-Virus software
Filesharing/P2P Programs serves as a constant threat to your computer

 

[touch]

Delete these folders:
c:\documents and settings\All Users\Application Data\Viewpoint
c:\documents and settings\Owner\Application Data\uTorrent

They are data folders from removed programs..

Reboot, attach new hijackthis log and tell how things are running ?

 

[IamSam9895]

Oops, sorry about that. uTorrent has been removed. I assume that's the one you're talking about, I don't think I have any others.

 

[touch]

Sorry kimsland

 

[kimsland]

Actually touch, it's your choice to continue or not
The original member is advised to uninstalled all File Sharing programs (normally through Control Panel > Add\Remove Programs)
And then run the scans again.

ie Any amount of new malwares could be now introduced.

 

[IamSam9895]

I could rescan if you like, but I have removed the program, and haven't run it since starting the 8 steps. I'm including my new hijackthis log file as well. Let me know if it is still necessary to rescan.

Edit: Oh, also, things appear to be running nicely, but I haven't since tried any gaming, which was when I would experience bluescreen errors Although those might be completely unrelated to any infection I may or might have had.

 

[kimsland]

touch you may be able to see the confusion that arises here

The only option is to do as I stated above (ie follow the 8-Step guide)

 

[IamSam9895]

Well, it sounds like you want me to rescan, so I'll do that. It will probably be a day or two before I'll have the results. Should I start a new thread once I do it, or just add it to the end of this one?

 

[kimsland]

Here is good

(I signed off for half an hour, so sorry for the delay)