Zero access virus

[j_talbain]

Hello I've encountered the same error as contained in this post: http://forum.avast.com/index.php?topic=120531.0 . I am unable to boot into safe mode to be able to run aswclear.

The machine is running Win7 x32. I have run FRST and am attaching the log file. Your help would be greatly appreciated.

[Pondus]

essexboy is notified. 

[essexboy]

Lets try this 

Download the attached fixlist.txt to the same USB as FRST
Run FRST as before
Press Fix

On completion reboot to normal windows

Could you post the combofix log and then

Download OTL  to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

• Select All Users
  
• Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT

• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Attach  both logs

[j_talbain]

Thank you for your quick response. Sorry it took so long for me to get back to you. The machine kept bsod'ing on me. I had to run all of these scans in safe mode. I'll include the dmp file if you want.

[essexboy]

R0 DasBoot;Panda AntiMalware Support;c:\windows\\SystemRoot\system32\drivers\DasBoot.SYS

R0 DasBootF;Panda AntiMalware Support MF;c:\windows\\SystemRoot\system32\drivers\DasBootF.SYS

Did you install this programme ?

You system appears to be badly damaged, so I would like to try and repair some of it

 Download  Windows Repair (all in one)  from this site

Install the programme then run



Go to step 3 and allow it to run SFC



On the start repairs tab click start


Select the following  items and tick restart system when finished

[j_talbain]

Thank you very much! It seems to be running stable right now. I plan on running a few more tests and letting the machine stay up for a few hours to see if it has stabilized.

As for the panda files, I had run a removal tool from panda that was supposed to target the virus that was plaguing the machine. This particular virus seemed to be exceptionally good at mimicking and replacing system files and antivirus files. It would blue screen whenever I ran the removal tool. It also blocked TDSS killer as well.

[essexboy]

Keep me informed, and when you are happy I will tidy up

[j_talbain]

It took about 5 more scans from different tools before things came back clean. Bleh.
It does seem to have cleared up though. Thank you again for all of your help. You can close this thread now.

[essexboy]

What scans were those ?