Still infected?

Hi guys,
I managed to run MBAM and fix a ton of problems but this machine is still misbehaving - random warnings ‘this computer has encountered a serious error and will shutdown in 1 minute’ and warning beeps with no messages, etc.
I would really appreciate some help - logs are attached.
Cheers.

Hello.

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Thanks for the quick reply, Argus. Here is fixlog.txt

How’s your computer behaving now?

It boots up quicker but still some funny beeping and still quite sluggish. Firefox does not start and Chrome is barely usable.

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Ok Zoek is running but because the machine is so sluggish it’s taking ages. I will post the logfile as soon as it’s done.

Just take your time.
Better slow and safe than fast and sorry :wink:

Man that took a long time! But at least it’s done. Here’s the logfile.

I’m still getting this message though when I try and open Control Panel for example:
“Windows has encountered a critical problem and will restart automatically in one minute. Please save your work now.”

We’ll run another test for rootkit.

Download
http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png
Malwarebytes Anti-Rootkit to your desktop.

[*]Double-click the icon to start the tool.
[*]It will ask you where to extract it, then it will start.
[*]Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
[*]Click in the introduction screen “next” to continue.
[*]Click in the following screen “Update” to obtain the latest malware definitions.
[*]Once the update is complete select “Next” and click “Scan”.
[*]When the scan is finished and no malware has been found select “Exit”.
[*]If malware was detected, make sure to check all the items and click “Cleanup”. Reboot your computer.
[*]Open the MBAR folder and paste the content of the following files in your next reply:

[*]“mbar-log-{date} (xx-xx-xx).txt”
[*]“system-log.txt”

‘No malware found’.

Logs doesn’t show active infection.
Maybe it’s a hardware problem.
Check temperature of the CPU, graphics, maybe a hard drive dies.

Ok will do. Many thanks for your help once again.

Thought I should post an update. I decided to boot the computer from the Avast Rescue disk to double-check that I hadn’t missed something and it picked up that 2 executable files in \users\julian\appdata\local\logme in rescue applet\ were infected. Avast deleted them and now the machine seems to have a little more life - for example it decided to install 84 Windows updates just now. But it’s still a little sluggish and glitchy - still has the random warning beeps for example.

I was reading this post https://forum.avast.com/index.php?topic=169992.0 and saw that Essexboy suggested running Windows All in One Repair to the user. I know that hasn’t been suggested for me here, but I’m wondering if it’s something I should try to just make sure the machine is running smoothly?

{EDIT} And also what do I need to run to clean up all the utils that have been used?

Thanks.

hey for the firt tool wiat for argu to give you the green light one that tool if he feels i need to be run. second argus will remove all the used tools when he gives a thum up.

Download DelFix by Xplode and save it to your desktop.

[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:

[]Remove disinfection tools
[
]Purge system restore
[*]Reset system settings

[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

Thanks for your help, guys.