Likely contracted this today while browsing for raw (i.e. in the Japanese language) manga scans around the Internet. Knew there was an issue immediately when my firefox browser began redirecting me to random spam websites, and quickly did research to find about google redirect viruses. A free trend micro housecall sweep found consrv.dll in my System32 folder, and I’ve read this can be dangerous to remove by an unexperienced hand. Next I stumble on this guide and figure it’s best to get someone who is adept at computing to help provide a tailor-fit solution for my personal computer. Attached is the Malwarebytes’ log, the two OTL logs and the aswMBR log. No other antivirus program on computer (hence why this happened in the first place, no doubt). Also, windows security center including the firewall does not seem to work.

Malwarebytes’ scan did not by all appearances find the same virus. Nevertheless, I chose to fix/quarantine the two found objects. It requested a reset and getting back into my OS proper took much longer than usual, to the point I was getting worried. Thankfully I’ve returned… but fear doing anything further until this problem is tackled head on. Thank you so much in advance for any assistance that can be provided.

Windows Vista (64b) Home edition SP 1, 4 GB RAM, Processor: AMD Phenom™ quad-core processor. 1.80 GHz. Model a6700y by HP. I’m sure this and more information is in the logs. Nevertheless, please ask if I can provide more information.

Hi,

Sorry to hear about the problems you are having. I will review your malware logs and return shortly.

Hi,

WARNINGUnfortunately one or more of the infections I have identified are Backdoor Trojans, IRCBots or other Malware capable of stealing very important information. You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft. More often than not, we advise users that a full reinstallation of their Operating System is the only way to ensure that their computer will ever be 100% clean again.

Unfortunately I have found what is known as the ZeroAccess rootkit on your system. It is an especially nasty infection that can take quite some time to clean as well as may have damaged your system files itself. As a warning, during the cleaning (if you choose to do so) you may lose internet access with this computer and in the end we may need to reinstall the operating system anyway depending on the extent of the infection.

If you would like to format and reinstall your Operating System please let me know and we can assist you with that.

If you would like to continue with the cleaning, please continue with the following instructions and I will be more than happy to help.

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

Note: It is important that it is saved directly to your desktop

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
When finished, it will produce a report for you.
[*]Please post the C:\ComboFix.txt for further review.

If you have chosen to attempt cleaning your system, please post the log made by ComboFix into your next reply.

Thank you so much for sharing what you know about this awful thing. I honestly don’t feel like fighting against this only to have remnants of it pose additional security threats in the future.

Please share how I should go about formatting and reinstalling my OS. I’m backing up my most important files to my laptop, and plan to use it for the Internet henceforth.

I have this rootkit virus showing up and the only 2 things I have not tried are, full system re-install and to get your Service Contractor to clean out my system.
I am angry that I pay for a Professional A/V program and I am still getting several virus installations. (20 today)
I have managed to remove most of these myself but this “swcustcfg” is proving too much.
Any suggestions. I certainly do not want to pay an extra $289 per year on top of my program costs.

Bazpas

@bazpas start a new topic where you attach the requested logs

Follow this guide and attach logs from malwarebytes / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0

then one of the malware removers will help you

Hi,

Sounds like a plan. Go ahead and follow the tutorial found here >> http://howtoformatacomputer.com/format-windows-vista to format and reinstall your operating system.

Hi, in the future disc imaging can save you a lot of time and effort instead of doing a reformat / reinstall.
http://www.google.com/url?sa=t&rct=j&q=never%20reformat%20again&source=web&cd=7&ved=0CFIQFjAG&url=http%3A%2F%2Fwww.techsupportalert.com%2Fpartitioning-hard-drives-1.htm&ei=lAxlT-qOAaLosQL7waC3Dw&usg=AFQjCNFmd-Xoeu5TQy2WXi4laKf2PAPlyg&cad=rja

Good link RNfromTN!! Thanks for that.

Hi, in the future disc imaging can save you a lot of time and effort instead of doing a reformat / reinstall. :) http://www.google.com/url?sa=t&rct=j&q=never%20reformat%20again&source=web&cd=7&ved=0CFIQFjAG&url=http%3A%2F%2Fwww.techsupportalert.com%2Fpartitioning-hard-drives-1.htm&ei=lAxlT-qOAaLosQL7waC3Dw&usg=AFQjCNFmd-Xoeu5TQy2WXi4laKf2PAPlyg&cad=rja

Nice, but there is a catch. If your hard drive is damaged or becomes inoperable (it happens) personal data could be lost if not backed up onto separate media. All you would have is an image of the Windows partition.

Logical partitions would go south with the drive.

I know this from personal experience.