Unknown Infection Causing BSoD

Alright let me start by saying I understand most people that assists with viruses on forums do it volunteerly. This problem is on a computer I decided to mess with to see what I can learn. I appreciate any assistance and any guidance I can get.

The laptop is running Windows Vista service pack 1. It uses CPU resources to the point of BSoD without any accountable process listed on task manager or Comodo Killswitch. Malwarebytes would not find anything. Just to get Avast to open in safe mode I had run ccCleaner and Reg Wise while in safe mode.

The infection prevented the below lists of scanners to open:

Windows MRT
Tdskiller
Doctor web
Comodo Cleaning Essentials
GMER

Avast boot scan found 3 pup’s and 3 file with a data error CRC (my understanding is that means the files are corrupted). The PUP’s were removed and did not appear on a second scan. The files that are CRC are still on the computer. Either way I have not been able to identify the actual threat.

The removed PUP’s are:

c:\programdata\wxdfast\bhoclass.dll win32:multiplug-k
c:\user\user\documents\televisionfanatic.exe|>64exsetp.dll win32:funweb-j
c:\user\user\documents\televisionfanatic.exe win32:mywebsearch-ab

The CRC files are:

c:\windows\help\windows\en-us\artcont2.h1s
c:\windows\inf\dvindex.dat
c:\windows\winsxs.…\artcont.h1s

I plan to use a bootable program to create an image and scan while the viruses are dormant in an inactive partition. I’ll get back with the results
on that.

hey and welcome to the forum. if you think your infecteded you can follow this guide. from there a malware expert will help you.

http://forum.avast.com/index.php?topic=53253.0.

Attached are the OTL and AdwCleaner logs, aswMBR would not run.

Hi and welcome!!

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

[*]Disable any script blocking protection
[*]Right-click and Run as Administrator dds to run the tool.
[*]When done, two DDS.txt’s will open.
[*]Save both reports to your desktop.

Please attach the contents of the following in your next reply:

DDS.txt

Attach.txt

Since aswMBR would not run please do the following…

Malwarebytes Anti-Rootkit

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
[*]Be sure to print out and follow the instructions provided on that same page.
[*]Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
[*]Scan your system for malware
[*]If malware is found, please go to the MBAR folder and then attach the contents of the MBAR-log-***.txt file to your next reply.

If no malware is found please let me know.

Here are the attached logs.

ComboFix

Download Combofix from the link below, and save it to your desktop.
Link

Note: It is important that it is saved directly to your desktop
If you get a message saying “Illegal operation attempted on a registry key that has been marked for deletion”, please restart your computer.


IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here


Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
When finished, it will produce a report for you.
[*]Please attach the C:\ComboFix.txt for further review.


Attached is the ComboFix log.

Hi,

I noticed that you have Wise Registry Cleaner on your system. I don’t recommend that people use these types of registry cleaners/boosters as they (even with the best of intentions) could remove vital registry keys and make your system even worse off. :slight_smile:

The logs that you are giving me look pretty good. How is your system running? :slight_smile: