sirefef/Win32:downloader-pku/Win32:malware gen

[ETfoster]

I followed the instructions and here it is

[jeffce]

Hi,

Good job getting that ran.  Please run new scans with Malwarebytes and ESET and attach the new logs.  How is your system running?

[ETfoster]

My system is running really slow and laggy after making those changes Svchost is still going crazy and I uninstalled webroot and emisoft before doing the fix in recovery. Firefox is particularly laggy.

[jeffce]

Hi,

Your system may still be infected and we may need to dive back in.  I have not seen as many instances of the ZeroAccess rootkit on one machine before.  Dealing with one will normally cause damage but there were many rootkits that had to be cleaned and there may be quite a bit of damage that we have to deal with.
----------

Run OTL.exe

• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  

Code: [Select]

:Services

:OTL

:Files
C:\Users\User\Documents\cnet2_DTLite4451-0236_exe.exe
C:\Users\User\Documents\Apps\cnet2_CamStudio_Setup_v2_6b_r294_(build_24Oct2010)_exe.exe
C:\Users\User\Documents\Apps\Essentials_Of_Economics_Schiller_Pdf_Download.last.pdf.exe
C:\Users\User\Downloads\SoftonicDownloader_for_openssh.exe
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[resethosts]
[start explorer]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot when it is done
• Then run a new scan and post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )
  

----------

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
• Internet Services
  
• Windows Firewall
  
• System Restore
  
• Security Center
  
• Windows Update
  
• Windows Defender

• Press "Scan".
  
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

----------

In your next reply please post the logs made by OTL and Farbar Service Scanner. 

[ETfoster]

sorry for the wait

[jeffce]

Hi,

Please press the Globe under my avatar to the left and that will take you to my cloud drive.  Please download the file named BITS.reg to your Desktop.  Right-click on BITS.reg and select Merge, accept any prompts and then reboot your system.

Run a new scan with Farbar Service Scanner and attach the new log.  Also let me know how your system is running. 

[ETfoster]

Sorry for the wait again. After doing the fix nothing seems to have changed much. System still gets slow with firefox and svchost uses up memory. I just cancel the process acouple of times and it goes away for a while. booting takes a while but not seriously long. It's just really easy for programs to say "Not responding" and its annoying. Like firefox has done that 3 times for a couple seconds at a time just typing this to fast for it to catch up.

[jeffce]

Please download TDSSKiller.zip

• Extract it to your desktop
• Double click TDSSKiller.exe
  
• Press Start Scan but do nothing else as we are just looking for what is there.
  
• If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  
• Attach the log in your next reply
• A copy of the log will be saved automatically to the root of the drive (typically C:\)
  

----------

[ETfoster]

nothing found

[jeffce]

Hmmmmmmm.....

Please run a new scan with FRST and attach the new log that is created. 

[ETfoster]

here is the log. Yesterday I randomly got a blue memory dump screen. It said something about a USB driver having an error.  I restarted and hasn't happened again

[ETfoster]

Dunno what the deal is today and last night but it just started going really slow. Takes 7-8 min to boot and locked up a lot, just stopping working.