Whitesmoke + BSoD on login

[Splat]

Hi,

It appears I've been infected with a particularly nasty variation of Whitesmoke/TDSS.

OS: Windows 7 Home Premium (64-bit, version 6.1.7600)

MBAM: 1.50 with 5346 database

Comodo Firewall

Not sure how I got the virus. Here's what happened in a nutshell:

- Everything was fine last night

- This morning I wake up to my laptop rebooting (it was on all night)

- I don't think much of it and browse the internet for a while

- Notice FireFox keeps randomly opening tabs to suspicious websites

- See two icons for Whitesmoke Translator on desktop (which I didn't install, nor did I install anything else recently)

- Update MBAM and run quick scan... doesn't find anything at all

- Naively try to uninstall Whitesmoke with CCleaner (big mistake, I know... Must've been half-asleep still)

- Appears successful, but automatically opens an Internet Explorer window on completion

- Try to close IE before it loads anything; IE locks up and doesn't respond

- Few seconds later... BSoD

After that I tried booting into Safe Mode. It BSoD's right after entering the user password, before even showing the desktop. Tried again many times, alternating the 3 different Safe Modes. Immediate BSoD every time.

Normal Mode BSoD's the same way around 70% of the time. The rest of the time it will usually load up to showing the desktop background and sometimes -some- of the desktop icons. After that the system locks up hard. The mouse still moves, but doesn't react to click or right-click. The taskbar is unresponsive. Ctrl-Shift-Esc and Ctrl-Alt-Del do nothing. Have to hard reboot or wait for the BSoD that occurs a few minutes later.

Once or twice, Normal Mode actually loaded all the way. However, as soon as I tried to run anything it BSoD'd too.

---

I would post the usual diagnostic logs, but I cannot run anything due to the instant Blue Screens.

I am writing from a Linux LiveCD running on the same machine. So I do have read/write access to its harddrive, but I can't run any programs in Windows directly.

I could post the MBAM log from the quick scan, but it merely says "No malicious items detected" under all the categories. I could also post the minidumps from the BSoD's if that would help.

---

At this point I'm assuming the OS is beyond repair since I can't even boot into Safe Mode to do anything.

I'm prepared to do a system wipe / reinstall, but I'd very much like to avoid it. If anyone here can help fix this that would be wonderful.

Thanks in advance!

[Maniac]

Hello Splat! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

• The process of cleaning your system may take some time, so please be patient.
  
• Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  
• Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  
• Instructions that I give are for your system only!
  
• If you don't know or can't understand something please ask.
  
• Do not install or uninstall any software or hardware, while work on.
  
• Keep me informed about any changes.
  

Download DDS and save it to your desktop from here or here or here.

Double click dds.scr to run the tool.

• When done, DDS will open two (2) logs:
  1. DDS.txt
     
  2. Attach.txt
     

  [*]Save both reports to your desktop. Post them back to your topic.

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!