I just noticed that I was moved to the i am infected forum (I didn't know it existed).
Ok I'll give the best descriptions I can, I'm running Windows XP Service Pack 3 (32bit), Pentium Dual-Core CPU E5200 @ 2.50GHz, 2.50GHz, and 3.5GB RAM
I'm using firefox 4 as my default browser and the latest IE update when using Microsoft's site.
I got hit with a variant of the fake Firewall virus a few weeks ago(Mine was Windows XP Firewall IIRC, basically it killed Security Essentials, Killed my real Security Center and kept any antivirus tool I had from opening) I googled the program name and stumbled upon bleeping computer's remedy (Involving RKill.com, FIXNCR.reg and Malwarebytes.) It was cleared it for a little, I guess it didn't get all the traces and it came back, I got rid of it again and went searching for the files that MB said were the cause and found a couple of other files that it left behind and I deleted those as well. Things were good for a few days.
That wasn't enough as the virus upgraded itself last night to something called Malware Detector that would not allow me to open any file at all, it would pop up a fake alert saying it was infected with a wormblaster trojan, I went into safemode and using malwarebytes on my administrator account it found 550+ files that were malicious/infected, and I deleted them thinking that was it. After I went back in with my normal account I notice that my google clicks are being redirected to random sites, if I don't use google it will open up pages to a random site, and if I try to log into Steam my computer will crash. I've tried to find a way to resolve these issues but since there isn't much for me to go on, my google-fu is pretty weak.
What's the next step I should take to find out (and get rid of) what's infecting my computer?
Edit: I remember getting infected with a virus when searching for an article (some trashy hollywood gossip about the Akira live action movie) my friend was trying to look up, I opened way too many tabs so I can't recall the site I went to, but my normal web browsing has never infected me before
-I'm running Security Essentials (first time since the outbreak) and it's still finding malicious programs, MB randomly opened while SE was running as well, I don't know how that will affect the results of SE has MB finished first and found five infected objects.
-I know it's bad to have two antivirus programs installed, but SE is my main and I use MB when it get's crippled, I usually uninstall MB after everything is fixed; results from SE, it found rootkit:AlureonMbr it's taking awhile to remove it, but I doubt this will be the end of it
-After all of that, my computer is still infected, it quaranteened the rootkit but my searches are still redirected and Steam still BSODs my computer. I haven't tried re-installing Steam, I'm waiting until this gets clearedHopefully final edit. I googled Rootkit Removal (since it was only quaranteed and not removed) and came across something called TDDSKiller. I ran that in safe mode it found one rootkit and a suspect file, I quaranteened the suspect and cured the rootkit, everything is working fine now. (Steam is even working right haha). It seems as though my stored logins like aim and steam were reset though. I'll live nothing sensitive was stored on this thing
TL;DR - NEVERMIND I FIXED IT LOL
Edited by Karaz, 05 June 2011 - 10:16 AM.