Inactive Explorer.exe keeps restarting and .dll errors

[Elzinho Ammar]

GMER 2.1.19155 - http://www.gmer.net
Rootkit scan 2013-03-15 08:11:00
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 ST9160821AS rev.3.ALD 149.05GB
Running: gmer.exe; Driver: C:\Users\ELYAZI~1\AppData\Local\Temp\aglyapob.sys

---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 824529E9 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 8248C1C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00197efc4bcf
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00197efc4bcf (not active ControlSet)
---- EOF - GMER 2.1 ----

H

 

[Elzinho Ammar]

Hi, sorry bout that, im still here.

 

[Elzinho Ammar]

Currently stll explorer.exe is restarting. and everytime any programme is launched, a .dll error comes out, though the programme may still run. can't run any anti-virus software in normal mode, or anything that has a admin logo on it's icon.

 

[Jay Pfoutz]

Okay...

Delete the old version of TDSSKiller you have, download a new one from here.


avast! aswMBR

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
• Double click aswMBR.exe to run it
• Uncheck "Trace disk IO calls".
• Click the Scan button to start the scan as illustrated below

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives.

• Once the scan finishes click Save log to save the log to your Desktop
  
  
• Copy and paste the contents of aswMBR.txt back here for review
• Please also find MBR.dat on your Desktop, and rename it to MBRscan.txt. Upload that as well. Do not copy and paste MBR.dat/txt, it needs to be uploaded.

New log from ComboFix

We would like to see a ☆new log☆ from ComboFix. Please find the ComboFix icon on your Desktop, delete it, download a new one, and double-click on it. Once it finishes running, post the new log.