also @ TechSpot: Updated Microsoft EULA prohibits class action lawsuits

TechSpot
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync.
Microsoft Office 365. Pay-as-you-go starting at $8/user/month. Begin your free trial now.

[Inactive] [Not curable - Virut] System check virus help!

Discussion in 'Virus and Malware Removal' started by jfkstunna, Jan 15, 2012.

Page 3 of 3

  1. jfkstunna Newcomer, in training

    aswmbr log

    aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
    Run date: 2012-01-16 22:12:59
    -----------------------------
    22:12:59.531 OS Version: Windows 5.1.2600 Service Pack 2
    22:12:59.531 Number of processors: 2 586 0x403
    22:12:59.531 ComputerName: HP45411044018 UserName: Administrator
    22:12:59.937 Initialize success
    22:15:06.843 AVAST engine defs: 12011601
    22:15:21.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
    22:15:21.218 Disk 0 Vendor: ST3808110AS 3.AHH Size: 76319MB BusType: 3
    22:15:21.250 Disk 0 MBR read successfully
    22:15:21.265 Disk 0 MBR scan
    22:15:21.296 Disk 0 Windows XP default MBR code
    22:15:21.312 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
    22:15:21.343 Disk 0 scanning sectors +156280320
    22:15:21.421 Disk 0 scanning C:\WINDOWS\system32\drivers
    22:15:31.843 Service scanning
    22:15:35.421 Modules scanning
    22:15:41.109 Disk 0 trace - called modules:
    22:15:41.140 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    22:15:41.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84323908]
    22:15:41.156 3 CLASSPNP.SYS[ba0e905b] -> nt!IofCallDriver -> \Device\0000005d[0x84366948]
    22:15:41.187 5 ACPI.sys[ba05f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x843c1940]
    22:15:41.593 AVAST engine scan C:\WINDOWS
    22:15:43.968 File: C:\WINDOWS\BN2.tmp **INFECTED** Win32:Kryptik-GNH [Trj]
    22:15:44.078 File: C:\WINDOWS\BN4.tmp **INFECTED** Win32:Malware-gen
    22:15:44.187 File: C:\WINDOWS\BN5.tmp **INFECTED** Win32:Malware-gen
    22:15:44.296 File: C:\WINDOWS\BN6.tmp **INFECTED** Win32:Malware-gen
    22:15:44.421 File: C:\WINDOWS\BN7.tmp **INFECTED** Win32:Malware-gen
    22:15:44.531 File: C:\WINDOWS\BN8.tmp **INFECTED** Win32:Malware-gen
    22:15:44.640 File: C:\WINDOWS\BN9.tmp **INFECTED** Win32:Kryptik-GNH [Trj]
    22:15:44.734 File: C:\WINDOWS\BNA.tmp **INFECTED** Win32:Kryptik-GNH [Trj]
    22:15:44.859 File: C:\WINDOWS\BNEF.tmp **INFECTED** Win32:Malware-gen
    22:15:45.203 File: C:\WINDOWS\explorer.exe **INFECTED** Win32:Vitro
    22:15:45.500 File: C:\WINDOWS\hh.exe **INFECTED** Win32:Vitro
    22:15:46.171 File: C:\WINDOWS\IsUninst.exe **INFECTED** Win32:Vitro
    22:15:52.843 File: C:\WINDOWS\KLayMgr.exe **INFECTED** Win32:Vitro
    22:15:53.703 File: C:\WINDOWS\NOTEPAD.EXE **INFECTED** Win32:Vitro
    22:15:54.078 File: C:\WINDOWS\regedit.exe **INFECTED** Win32:Vitro
    22:15:54.609 File: C:\WINDOWS\TASKMAN.EXE **INFECTED** Win32:Vitro
    22:15:54.828 File: C:\WINDOWS\twunk_32.exe **INFECTED** Win32:Vitro
    22:15:54.953 File: C:\WINDOWS\UNWISE.EXE **INFECTED** Win32:Vitro
    22:15:55.375 File: C:\WINDOWS\winhlp32.exe **INFECTED** Win32:Vitro
    22:15:56.218 AVAST engine scan C:\WINDOWS\system32
    22:15:56.937 File: C:\WINDOWS\system32\accwiz.exe **INFECTED** Win32:Vitro
    22:15:57.234 File: C:\WINDOWS\system32\actmovie.exe **INFECTED** Win32:Vitro
    22:15:57.812 File: C:\WINDOWS\system32\ahui.exe **INFECTED** Win32:Vitro
    22:15:57.906 File: C:\WINDOWS\system32\alg.exe **INFECTED** Win32:Vitro
    22:15:58.375 File: C:\WINDOWS\system32\arp.exe **INFECTED** Win32:Vitro
    22:15:58.515 File: C:\WINDOWS\system32\asr_fmt.exe **INFECTED** Win32:Vitro
    22:15:58.593 File: C:\WINDOWS\system32\asr_ldm.exe **INFECTED** Win32:Vitro
    22:15:58.671 File: C:\WINDOWS\system32\asr_pfu.exe **INFECTED** Win32:Vitro
    22:15:58.812 File: C:\WINDOWS\system32\at.exe **INFECTED** Win32:Vitro
    22:15:59.062 File: C:\WINDOWS\system32\atmadm.exe **INFECTED** Win32:Vitro
    22:15:59.296 File: C:\WINDOWS\system32\attrib.exe **INFECTED** Win32:Vitro
    22:15:59.515 File: C:\WINDOWS\system32\auditusr.exe **INFECTED** Win32:Vitro
    22:16:00.328 File: C:\WINDOWS\system32\blastcln.exe **INFECTED** Win32:Vitro
    22:16:00.406 File: C:\WINDOWS\system32\bootcfg.exe **INFECTED** Win32:Vitro
    22:16:00.468 File: C:\WINDOWS\system32\bootok.exe **INFECTED** Win32:Vitro
    22:16:00.578 File: C:\WINDOWS\system32\bootvrfy.exe **INFECTED** Win32:Vitro
    22:16:01.156 File: C:\WINDOWS\system32\cacls.exe **INFECTED** Win32:Vitro
    22:16:01.281 File: C:\WINDOWS\system32\calc.exe **INFECTED** Win32:Vitro
    22:16:02.484 File: C:\WINDOWS\system32\charmap.exe **INFECTED** Win32:Vitro
    22:16:02.593 File: C:\WINDOWS\system32\chkdsk.exe **INFECTED** Win32:Vitro
    22:16:02.656 File: C:\WINDOWS\system32\chkntfs.exe **INFECTED** Win32:Vitro
    22:16:02.843 File: C:\WINDOWS\system32\cidaemon.exe **INFECTED** Win32:Vitro
    22:16:02.984 File: C:\WINDOWS\system32\cipher.exe **INFECTED** Win32:Vitro
    22:16:03.046 File: C:\WINDOWS\system32\cisvc.exe **INFECTED** Win32:Vitro
    22:16:03.125 File: C:\WINDOWS\system32\ckcnv.exe **INFECTED** Win32:Vitro
    22:16:03.406 File: C:\WINDOWS\system32\cleanmgr.exe **INFECTED** Win32:Vitro
    22:16:03.531 File: C:\WINDOWS\system32\cliconfg.exe **INFECTED** Win32:Vitro
    22:16:03.609 File: C:\WINDOWS\system32\clipbrd.exe **INFECTED** Win32:Vitro
    22:16:03.687 File: C:\WINDOWS\system32\clipsrv.exe **INFECTED** Win32:Vitro
    22:16:03.875 File: C:\WINDOWS\system32\cmd.exe **INFECTED** Win32:Vitro
    22:16:04.078 File: C:\WINDOWS\system32\cmdl32.exe **INFECTED** Win32:Vitro
    22:16:04.156 File: C:\WINDOWS\system32\cmmon32.exe **INFECTED** Win32:Vitro
    22:16:04.296 File: C:\WINDOWS\system32\cmstp.exe **INFECTED** Win32:Vitro
    22:16:04.953 File: C:\WINDOWS\system32\comp.exe **INFECTED** Win32:Vitro
    22:16:05.031 File: C:\WINDOWS\system32\compact.exe **INFECTED** Win32:Vitro
    22:16:05.812 File: C:\WINDOWS\system32\conime.exe **INFECTED** Win32:Vitro
    22:16:05.906 File: C:\WINDOWS\system32\control.exe **INFECTED** Win32:Vitro
    22:16:06.000 File: C:\WINDOWS\system32\convert.exe **INFECTED** Win32:Vitro
    22:16:06.578 File: C:\WINDOWS\system32\cscript.exe **INFECTED** Win32:Vitro
    22:16:06.812 File: C:\WINDOWS\system32\ctfmon.exe **INFECTED** Win32:Vitro
    22:16:08.890 File: C:\WINDOWS\system32\dcomcnfg.exe **INFECTED** Win32:Vitro
    22:16:08.984 File: C:\WINDOWS\system32\ddeshare.exe **INFECTED** Win32:Vitro
    22:16:09.187 File: C:\WINDOWS\system32\defrag.exe **INFECTED** Win32:Vitro
    22:16:09.468 File: C:\WINDOWS\system32\dfrgfat.exe **INFECTED** Win32:Vitro
    22:16:09.578 File: C:\WINDOWS\system32\dfrgntfs.exe **INFECTED** Win32:Vitro
    22:16:10.750 File: C:\WINDOWS\system32\diantz.exe **INFECTED** Win32:Vitro
    22:16:11.546 File: C:\WINDOWS\system32\diskpart.exe **INFECTED** Win32:Vitro
    22:16:11.625 File: C:\WINDOWS\system32\diskperf.exe **INFECTED** Win32:Vitro
    22:16:11.765 File: C:\WINDOWS\system32\dllhost.exe **INFECTED** Win32:Vitro
    22:16:11.843 File: C:\WINDOWS\system32\dllhst3g.exe **INFECTED** Win32:Vitro
    22:16:11.953 File: C:\WINDOWS\system32\dmadmin.exe **INFECTED** Win32:Vitro
    22:16:12.312 File: C:\WINDOWS\system32\dmremote.exe **INFECTED** Win32:Vitro
    22:16:13.046 File: C:\WINDOWS\system32\doskey.exe **INFECTED** Win32:Vitro
    22:16:13.187 File: C:\WINDOWS\system32\dplaysvr.exe **INFECTED** Win32:Vitro
    22:16:13.531 File: C:\WINDOWS\system32\dpnsvr.exe **INFECTED** Win32:Vitro
    22:16:13.687 File: C:\WINDOWS\system32\dpvsetup.exe **INFECTED** Win32:Vitro
    22:16:13.859 File: C:\WINDOWS\system32\driverquery.exe **INFECTED** Win32:Vitro
    22:16:14.109 File: C:\WINDOWS\system32\drmupgds.exe **INFECTED** Win32:Vitro
    22:16:14.406 File: C:\WINDOWS\system32\drwtsn32.exe **INFECTED** Win32:Vitro
    22:16:15.046 File: C:\WINDOWS\system32\dumprep.exe **INFECTED** Win32:Vitro
    22:16:15.203 File: C:\WINDOWS\system32\dvdplay.exe **INFECTED** Win32:Vitro
    22:16:15.265 File: C:\WINDOWS\system32\dvdupgrd.exe **INFECTED** Win32:Vitro
    22:16:15.390 File: C:\WINDOWS\system32\dwwin.exe **INFECTED** Win32:Vitro
    22:16:15.734 File: C:\WINDOWS\system32\dxdiag.exe **INFECTED** Win32:Vitro
    22:16:17.015 File: C:\WINDOWS\system32\esentutl.exe **INFECTED** Win32:Vitro
    22:16:17.109 File: C:\WINDOWS\system32\eudcedit.exe **INFECTED** Win32:Vitro
    22:16:17.234 File: C:\WINDOWS\system32\eventcreate.exe **INFECTED** Win32:Vitro
    22:16:17.375 File: C:\WINDOWS\system32\eventtriggers.exe **INFECTED** Win32:Vitro
    22:16:17.453 File: C:\WINDOWS\system32\eventvwr.exe **INFECTED** Win32:Vitro
    22:16:17.656 File: C:\WINDOWS\system32\expand.exe **INFECTED** Win32:Vitro
    22:16:17.875 File: C:\WINDOWS\system32\extrac32.exe **INFECTED** Win32:Vitro
    22:16:18.078 File: C:\WINDOWS\system32\fc.exe **INFECTED** Win32:Vitro
    22:16:18.343 File: C:\WINDOWS\system32\find.exe **INFECTED** Win32:Vitro
    22:16:18.421 File: C:\WINDOWS\system32\findstr.exe **INFECTED** Win32:Vitro
    22:16:18.500 File: C:\WINDOWS\system32\finger.exe **INFECTED** Win32:Vitro
    22:16:18.640 File: C:\WINDOWS\system32\fixmapi.exe **INFECTED** Win32:Vitro
    22:16:18.906 File: C:\WINDOWS\system32\fltmc.exe **INFECTED** Win32:Vitro
    22:16:19.390 File: C:\WINDOWS\system32\fontview.exe **INFECTED** Win32:Vitro
    22:16:19.468 File: C:\WINDOWS\system32\forcedos.exe **INFECTED** Win32:Vitro
    22:16:19.625 File: C:\WINDOWS\system32\freecell.exe **INFECTED** Win32:Vitro
    22:16:19.718 File: C:\WINDOWS\system32\fsquirt.exe **INFECTED** Win32:Vitro
    22:16:19.843 File: C:\WINDOWS\system32\fsutil.exe **INFECTED** Win32:Vitro
    22:16:19.921 File: C:\WINDOWS\system32\ftp.exe **INFECTED** Win32:Vitro
    22:16:20.500 File: C:\WINDOWS\system32\getmac.exe **INFECTED** Win32:Vitro
    22:16:20.859 File: C:\WINDOWS\system32\gpresult.exe **INFECTED** Win32:Vitro
    22:16:20.984 File: C:\WINDOWS\system32\gpupdate.exe **INFECTED** Win32:Vitro
    22:16:21.093 File: C:\WINDOWS\system32\grpconv.exe **INFECTED** Win32:Vitro
    22:16:21.609 File: C:\WINDOWS\system32\hdashcut.exe **INFECTED** Win32:Vitro
    22:16:21.843 File: C:\WINDOWS\system32\help.exe **INFECTED** Win32:Vitro
    22:16:22.343 File: C:\WINDOWS\system32\hkcmd.exe **INFECTED** Win32:Vitro
    22:16:22.640 File: C:\WINDOWS\system32\hostname.exe **INFECTED** Win32:Vitro
    22:16:25.390 File: C:\WINDOWS\system32\ie4uinit.exe **INFECTED** Win32:Vitro
    22:16:26.734 File: C:\WINDOWS\system32\ieudinit.exe **INFECTED** Win32:Vitro
    22:16:26.921 File: C:\WINDOWS\system32\iexpress.exe **INFECTED** Win32:Vitro
    22:16:27.109 File: C:\WINDOWS\system32\igfxcfg.exe **INFECTED** Win32:Vitro
    22:16:27.375 File: C:\WINDOWS\system32\igfxext.exe **INFECTED** Win32:Vitro
    22:16:27.484 File: C:\WINDOWS\system32\igfxpers.exe **INFECTED** Win32:Vitro
    22:16:28.718 File: C:\WINDOWS\system32\igfxsrvc.exe **INFECTED** Win32:Vitro
    22:16:28.828 File: C:\WINDOWS\system32\igfxtray.exe **INFECTED** Win32:Vitro
    22:16:28.937 File: C:\WINDOWS\system32\igfxzoom.exe **INFECTED** Win32:Vitro
    22:16:29.328 File: C:\WINDOWS\system32\imapi.exe **INFECTED** Win32:Vitro
    22:16:30.484 File: C:\WINDOWS\system32\ipconfig.exe **INFECTED** Win32:Vitro
    22:16:30.906 File: C:\WINDOWS\system32\ipsec6.exe **INFECTED** Win32:Vitro
    22:16:31.156 File: C:\WINDOWS\system32\ipv6.exe **INFECTED** Win32:Vitro
    22:16:31.421 File: C:\WINDOWS\system32\ipxroute.exe **INFECTED** Win32:Vitro
    22:16:34.140 File: C:\WINDOWS\system32\kblxrhoj.exe **INFECTED** Win32:Vitro
    22:16:34.843 File: C:\WINDOWS\system32\label.exe **INFECTED** Win32:Vitro
    22:16:35.375 File: C:\WINDOWS\system32\lights.exe **INFECTED** Win32:Vitro
    22:16:35.593 File: C:\WINDOWS\system32\lnkstub.exe **INFECTED** Win32:Vitro
    22:16:35.921 File: C:\WINDOWS\system32\locator.exe **INFECTED** Win32:Vitro
    22:16:36.000 File: C:\WINDOWS\system32\lodctr.exe **INFECTED** Win32:Vitro
    22:16:36.125 File: C:\WINDOWS\system32\logagent.exe **INFECTED** Win32:Vitro
    22:16:36.281 File: C:\WINDOWS\system32\logman.exe **INFECTED** Win32:Vitro
    22:16:36.359 File: C:\WINDOWS\system32\logoff.exe **INFECTED** Win32:Vitro
    22:16:36.468 File: C:\WINDOWS\system32\logon.scr **INFECTED** Win32:Vitro
    22:16:36.578 File: C:\WINDOWS\system32\logonui.exe **INFECTED** Win32:Vitro
    22:16:36.703 File: C:\WINDOWS\system32\lpq.exe **INFECTED** Win32:Vitro
    22:16:36.765 File: C:\WINDOWS\system32\lpr.exe **INFECTED** Win32:Vitro
    22:16:37.203 File: C:\WINDOWS\system32\magnify.exe **INFECTED** Win32:Vitro
    22:16:37.343 File: C:\WINDOWS\system32\makecab.exe **INFECTED** Win32:Vitro
    22:16:37.500 File: C:\WINDOWS\system32\MAPISRVR.EXE **INFECTED** Win32:Vitro
    22:16:39.781 File: C:\WINDOWS\system32\migpwd.exe **INFECTED** Win32:Vitro
    22:16:40.062 File: C:\WINDOWS\system32\mmc.exe **INFECTED** Win32:Vitro
    22:16:40.562 File: C:\WINDOWS\system32\mnmsrvc.exe **INFECTED** Win32:Vitro
    22:16:40.734 File: C:\WINDOWS\system32\mobsync.exe **INFECTED** Win32:Vitro
    22:16:41.015 File: C:\WINDOWS\system32\mountvol.exe **INFECTED** Win32:Vitro
    22:16:41.546 File: C:\WINDOWS\system32\mplay32.exe **INFECTED** Win32:Vitro
    22:16:41.625 File: C:\WINDOWS\system32\mpnotify.exe **INFECTED** Win32:Vitro
    22:16:42.000 File: C:\WINDOWS\system32\mqbkup.exe **INFECTED** Win32:Vitro
    22:16:42.640 File: C:\WINDOWS\system32\mqsvc.exe **INFECTED** Win32:Vitro
    22:16:42.750 File: C:\WINDOWS\system32\mqtgsvc.exe **INFECTED** Win32:Vitro
    22:16:43.031 File: C:\WINDOWS\system32\mrinfo.exe **INFECTED** Win32:Vitro
    22:16:44.703 File: C:\WINDOWS\system32\msdtc.exe **INFECTED** Win32:Vitro
    22:16:45.578 File: C:\WINDOWS\system32\msfeedssync.exe **INFECTED** Win32:Vitro
    22:16:45.796 File: C:\WINDOWS\system32\msg.exe **INFECTED** Win32:Vitro
    22:16:46.203 File: C:\WINDOWS\system32\mshearts.exe **INFECTED** Win32:Vitro
    22:16:46.328 File: C:\WINDOWS\system32\mshta.exe **INFECTED** Win32:Vitro
    22:16:47.250 File: C:\WINDOWS\system32\msiexec.exe **INFECTED** Win32:Vitro
    22:16:48.484 File: C:\WINDOWS\system32\mspaint.exe **INFECTED** Win32:Vitro
    22:16:49.859 File: C:\WINDOWS\system32\msswchx.exe **INFECTED** Win32:Vitro
    22:16:50.203 File: C:\WINDOWS\system32\mstinit.exe **INFECTED** Win32:Vitro
    22:16:50.359 File: C:\WINDOWS\system32\mstsc.exe **INFECTED** Win32:Vitro
    22:16:53.812 File: C:\WINDOWS\system32\narrator.exe **INFECTED** Win32:Vitro
    22:16:53.921 File: C:\WINDOWS\system32\nbtstat.exe **INFECTED** Win32:Vitro
    22:16:54.156 File: C:\WINDOWS\system32\nddeapir.exe **INFECTED** Win32:Vitro
    22:16:54.281 File: C:\WINDOWS\system32\net.exe **INFECTED** Win32:Vitro
    22:16:54.406 File: C:\WINDOWS\system32\net1.exe **INFECTED** Win32:Vitro
    22:16:54.734 File: C:\WINDOWS\system32\netdde.exe **INFECTED** Win32:Vitro
    22:16:55.406 File: C:\WINDOWS\system32\netsetup.exe **INFECTED** Win32:Vitro
    22:16:55.531 File: C:\WINDOWS\system32\netsh.exe **INFECTED** Win32:Vitro
    22:16:55.812 File: C:\WINDOWS\system32\netstat.exe **INFECTED** Win32:Vitro
    22:16:56.390 File: C:\WINDOWS\system32\notepad.exe **INFECTED** Win32:Vitro
    22:16:56.578 File: C:\WINDOWS\system32\nslookup.exe **INFECTED** Win32:Vitro
    22:16:56.718 File: C:\WINDOWS\system32\ntbackup.exe **INFECTED** Win32:Vitro
    22:16:58.015 File: C:\WINDOWS\system32\ntsd.exe **INFECTED** Win32:Vitro
    22:16:58.171 File: C:\WINDOWS\system32\ntvdm.exe **INFECTED** Win32:Vitro
    22:16:58.562 File: C:\WINDOWS\system32\nwscript.exe **INFECTED** Win32:Vitro
    22:16:59.046 File: C:\WINDOWS\system32\odbcad32.exe **INFECTED** Win32:Vitro
    22:16:59.203 File: C:\WINDOWS\system32\odbcconf.exe **INFECTED** Win32:Vitro
    22:17:00.468 File: C:\WINDOWS\system32\openfiles.exe **INFECTED** Win32:Vitro
    22:17:00.687 File: C:\WINDOWS\system32\osk.exe **INFECTED** Win32:Vitro
    22:17:00.812 File: C:\WINDOWS\system32\osuninst.exe **INFECTED** Win32:Vitro
    22:17:01.109 File: C:\WINDOWS\system32\packager.exe **INFECTED** Win32:Vitro
    22:17:01.250 File: C:\WINDOWS\system32\pathping.exe **INFECTED** Win32:Vitro
    22:17:01.531 File: C:\WINDOWS\system32\pentnt.exe **INFECTED** Win32:Vitro
    22:17:01.703 File: C:\WINDOWS\system32\perfmon.exe **INFECTED** Win32:Vitro
    22:17:02.218 File: C:\WINDOWS\system32\ping.exe **INFECTED** Win32:Vitro
    22:17:02.312 File: C:\WINDOWS\system32\ping6.exe **INFECTED** Win32:Vitro
    22:17:03.187 File: C:\WINDOWS\system32\powercfg.exe **INFECTED** Win32:Vitro
    22:17:03.796 File: C:\WINDOWS\system32\print.exe **INFECTED** Win32:Vitro
    22:17:04.109 File: C:\WINDOWS\system32\progman.exe **INFECTED** Win32:Vitro
    22:17:04.218 File: C:\WINDOWS\system32\proquota.exe **INFECTED** Win32:Vitro
    22:17:04.281 File: C:\WINDOWS\system32\proxycfg.exe **INFECTED** Win32:Vitro
    22:17:04.671 File: C:\WINDOWS\system32\qappsrv.exe **INFECTED** Win32:Vitro
    22:17:05.312 File: C:\WINDOWS\system32\qprocess.exe **INFECTED** Win32:Vitro
    22:17:06.140 File: C:\WINDOWS\system32\qwinsta.exe **INFECTED** Win32:Vitro
    22:17:06.421 File: C:\WINDOWS\system32\rasautou.exe **INFECTED** Win32:Vitro
    22:17:06.593 File: C:\WINDOWS\system32\rasdial.exe **INFECTED** Win32:Vitro
    22:17:07.000 File: C:\WINDOWS\system32\rasphone.exe **INFECTED** Win32:Vitro
    22:17:07.296 File: C:\WINDOWS\system32\rcimlby.exe **INFECTED** Win32:Vitro
    22:17:07.359 File: C:\WINDOWS\system32\rcp.exe **INFECTED** Win32:Vitro
    22:17:07.609 File: C:\WINDOWS\system32\rdpclip.exe **INFECTED** Win32:Vitro
    22:17:07.812 File: C:\WINDOWS\system32\rdsaddin.exe **INFECTED** Win32:Vitro
    22:17:07.906 File: C:\WINDOWS\system32\rdshost.exe **INFECTED** Win32:Vitro
    22:17:07.968 File: C:\WINDOWS\system32\recover.exe **INFECTED** Win32:Vitro
    22:17:08.109 File: C:\WINDOWS\system32\reg.exe **INFECTED** Win32:Vitro
    22:17:08.218 File: C:\WINDOWS\system32\regedt32.exe **INFECTED** Win32:Vitro
    22:17:08.296 File: C:\WINDOWS\system32\regini.exe **INFECTED** Win32:Vitro
    22:17:08.468 File: C:\WINDOWS\system32\regsvr32.exe **INFECTED** Win32:Vitro
    22:17:08.546 File: C:\WINDOWS\system32\regwiz.exe **INFECTED** Win32:Vitro
    22:17:08.734 File: C:\WINDOWS\system32\relog.exe **INFECTED** Win32:Vitro
    22:17:08.984 File: C:\WINDOWS\system32\replace.exe **INFECTED** Win32:Vitro
    22:17:09.046 File: C:\WINDOWS\system32\reset.exe **INFECTED** Win32:Vitro
    22:17:09.390 File: C:\WINDOWS\system32\rexec.exe **INFECTED** Win32:Vitro
    22:17:09.875 File: C:\WINDOWS\system32\route.exe **INFECTED** Win32:Vitro
    22:17:09.953 File: C:\WINDOWS\system32\routemon.exe **INFECTED** Win32:Vitro
    22:17:10.375 File: C:\WINDOWS\system32\rsh.exe **INFECTED** Win32:Vitro
    22:17:10.484 File: C:\WINDOWS\system32\rsm.exe **INFECTED** Win32:Vitro
    22:17:10.593 File: C:\WINDOWS\system32\rsmsink.exe **INFECTED** Win32:Vitro
    22:17:10.687 File: C:\WINDOWS\system32\rsmui.exe **INFECTED** Win32:Vitro
    22:17:10.781 File: C:\WINDOWS\system32\rsnotify.exe **INFECTED** Win32:Vitro
    22:17:10.921 File: C:\WINDOWS\system32\rsopprov.exe **INFECTED** Win32:Fiasco
    22:17:11.046 File: C:\WINDOWS\system32\rsvp.exe **INFECTED** Win32:Vitro
    22:17:11.234 File: C:\WINDOWS\system32\rtcshare.exe **INFECTED** Win32:Vitro
    22:17:11.546 File: C:\WINDOWS\system32\runas.exe **INFECTED** Win32:Vitro
    22:17:11.656 File: C:\WINDOWS\system32\rundll32.exe **INFECTED** Win32:Vitro
    22:17:11.750 File: C:\WINDOWS\system32\runonce.exe **INFECTED** Win32:Vitro
    22:17:11.843 File: C:\WINDOWS\system32\rwinsta.exe **INFECTED** Win32:Vitro
    22:17:12.156 File: C:\WINDOWS\system32\savedump.exe **INFECTED** Win32:Vitro
    22:17:12.359 File: C:\WINDOWS\system32\sc.exe **INFECTED** Win32:Vitro
    22:17:12.500 File: C:\WINDOWS\system32\scardsvr.exe **INFECTED** Win32:Vitro
    22:17:12.906 File: C:\WINDOWS\system32\schtasks.exe **INFECTED** Win32:Vitro
    22:17:13.062 File: C:\WINDOWS\system32\scrnsave.scr **INFECTED** Win32:Vitro
    22:17:13.250 File: C:\WINDOWS\system32\sdbinst.exe **INFECTED** Win32:Vitro
    22:17:13.390 File: C:\WINDOWS\system32\secedit.exe **INFECTED** Win32:Vitro
    22:17:13.890 File: C:\WINDOWS\system32\sessmgr.exe **INFECTED** Win32:Vitro
    22:17:13.984 File: C:\WINDOWS\system32\sethc.exe **INFECTED** Win32:Vitro
    22:17:14.078 File: C:\WINDOWS\system32\setup.exe **INFECTED** Win32:Vitro
    22:17:14.437 File: C:\WINDOWS\system32\sfc.exe **INFECTED** Win32:Vitro
    22:17:14.843 File: C:\WINDOWS\system32\shadow.exe **INFECTED** Win32:Vitro
    22:17:15.828 File: C:\WINDOWS\system32\shmgrate.exe **INFECTED** Win32:Vitro
    22:17:15.937 File: C:\WINDOWS\system32\shrpubw.exe **INFECTED** Win32:Vitro
    22:17:16.156 File: C:\WINDOWS\system32\shutdown.exe **INFECTED** Win32:Vitro
    22:17:16.265 File: C:\WINDOWS\system32\sigverif.exe **INFECTED** Win32:Vitro
    22:17:16.406 File: C:\WINDOWS\system32\skeys.exe **INFECTED** Win32:Vitro
    22:17:16.625 File: C:\WINDOWS\system32\smbinst.exe **INFECTED** Win32:Vitro
    22:17:16.796 File: C:\WINDOWS\system32\smlogsvc.exe **INFECTED** Win32:Vitro
    22:17:16.937 File: C:\WINDOWS\system32\sndrec32.exe **INFECTED** Win32:Vitro
    22:17:17.031 File: C:\WINDOWS\system32\sndvol32.exe **INFECTED** Win32:Vitro
    22:17:17.234 File: C:\WINDOWS\system32\sol.exe **INFECTED** Win32:Vitro
    22:17:17.312 File: C:\WINDOWS\system32\sort.exe **INFECTED** Win32:Vitro
    22:17:17.515 File: C:\WINDOWS\system32\spider.exe **INFECTED** Win32:Vitro
    22:17:17.609 File: C:\WINDOWS\system32\spiisupd.exe **INFECTED** Win32:Vitro
    22:17:17.859 File: C:\WINDOWS\system32\spnpinst.exe **INFECTED** Win32:Vitro
    22:17:18.093 File: C:\WINDOWS\system32\spoolsv.exe **INFECTED** Win32:Vitro
    22:17:18.859 File: C:\WINDOWS\system32\ss3dfo.scr **INFECTED** Win32:Vitro
    22:17:18.921 File: C:\WINDOWS\system32\ssbezier.scr **INFECTED** Win32:Vitro
    22:17:19.093 File: C:\WINDOWS\system32\ssflwbox.scr **INFECTED** Win32:Vitro
    22:17:19.156 File: C:\WINDOWS\system32\ssmarque.scr **INFECTED** Win32:Vitro
    22:17:19.250 File: C:\WINDOWS\system32\ssmypics.scr **INFECTED** Win32:Vitro
    22:17:19.343 File: C:\WINDOWS\system32\ssmyst.scr **INFECTED** Win32:Vitro
    22:17:19.468 File: C:\WINDOWS\system32\sspipes.scr **INFECTED** Win32:Vitro
    22:17:19.593 File: C:\WINDOWS\system32\ssstars.scr **INFECTED** Win32:Vitro
    22:17:19.703 File: C:\WINDOWS\system32\sstext3d.scr **INFECTED** Win32:Vitro
    22:17:19.906 File: C:\WINDOWS\system32\stimon.exe **INFECTED** Win32:Vitro
    22:17:20.312 File: C:\WINDOWS\system32\subst.exe **INFECTED** Win32:Vitro
    22:17:20.640 File: C:\WINDOWS\system32\syncapp.exe **INFECTED** Win32:Vitro
    22:17:20.906 File: C:\WINDOWS\system32\syskey.exe **INFECTED** Win32:Vitro
    22:17:21.078 File: C:\WINDOWS\system32\sysocmgr.exe **INFECTED** Win32:Vitro
    22:17:21.390 File: C:\WINDOWS\system32\systeminfo.exe **INFECTED** Win32:Vitro
    22:17:21.453 File: C:\WINDOWS\system32\systray.exe **INFECTED** Win32:Vitro
    22:17:21.953 File: C:\WINDOWS\system32\taskkill.exe **INFECTED** Win32:Vitro
    22:17:22.015 File: C:\WINDOWS\system32\tasklist.exe **INFECTED** Win32:Vitro
    22:17:22.109 File: C:\WINDOWS\system32\taskman.exe **INFECTED** Win32:Vitro
    22:17:22.203 File: C:\WINDOWS\system32\taskmgr.exe **INFECTED** Win32:Vitro
    22:17:22.265 File: C:\WINDOWS\system32\tcmsetup.exe **INFECTED** Win32:Vitro
    22:17:22.453 File: C:\WINDOWS\system32\tcpsvcs.exe **INFECTED** Win32:Vitro
    22:17:22.687 File: C:\WINDOWS\system32\telnet.exe **INFECTED** Win32:Vitro
    22:17:22.968 File: C:\WINDOWS\system32\tftp.exe **INFECTED** Win32:Vitro
    22:17:23.218 File: C:\WINDOWS\system32\tlntadmn.exe **INFECTED** Win32:Vitro
    22:17:23.343 File: C:\WINDOWS\system32\tlntsess.exe **INFECTED** Win32:Vitro
    22:17:23.484 File: C:\WINDOWS\system32\tlntsvr.exe **INFECTED** Win32:Vitro
    22:17:23.609 File: C:\WINDOWS\system32\tourstart.exe **INFECTED** Win32:Vitro
    22:17:23.734 File: C:\WINDOWS\system32\tracerpt.exe **INFECTED** Win32:Vitro
    22:17:23.828 File: C:\WINDOWS\system32\tracert.exe **INFECTED** Win32:Vitro
    22:17:23.890 File: C:\WINDOWS\system32\tracert6.exe **INFECTED** Win32:Vitro
    22:17:24.281 File: C:\WINDOWS\system32\tscon.exe **INFECTED** Win32:Vitro
    22:17:24.359 File: C:\WINDOWS\system32\tscupgrd.exe **INFECTED** Win32:Vitro
    22:17:24.531 File: C:\WINDOWS\system32\tsdiscon.exe **INFECTED** Win32:Vitro
    22:17:24.593 File: C:\WINDOWS\system32\tskill.exe **INFECTED** Win32:Vitro
    22:17:24.718 File: C:\WINDOWS\system32\tsshutdn.exe **INFECTED** Win32:Vitro
    22:17:24.984 File: C:\WINDOWS\system32\typeperf.exe **INFECTED** Win32:Vitro
    22:17:25.109 File: C:\WINDOWS\system32\tzchange.exe **INFECTED** Win32:Vitro
    22:17:25.812 File: C:\WINDOWS\system32\unlodctr.exe **INFECTED** Win32:Vitro
    22:17:25.984 File: C:\WINDOWS\system32\upnpcont.exe **INFECTED** Win32:Vitro
    22:17:26.203 File: C:\WINDOWS\system32\ups.exe **INFECTED** Win32:Vitro
    22:17:26.859 File: C:\WINDOWS\system32\userinit.exe **INFECTED** Win32:Vitro
    22:17:27.234 File: C:\WINDOWS\system32\usrmlnka.exe **INFECTED** Win32:Vitro
    22:17:27.359 File: C:\WINDOWS\system32\usrprbda.exe **INFECTED** Win32:Vitro
    22:17:27.515 File: C:\WINDOWS\system32\usrshuta.exe **INFECTED** Win32:Vitro
    22:17:27.781 File: C:\WINDOWS\system32\utilman.exe **INFECTED** Win32:Vitro
    22:17:27.875 File: C:\WINDOWS\system32\uwdf.exe **INFECTED** Win32:Vitro
    22:17:28.484 File: C:\WINDOWS\system32\verclsid.exe **INFECTED** Win32:Vitro
    22:17:28.578 File: C:\WINDOWS\system32\verifier.exe **INFECTED** Win32:Vitro
    22:17:28.906 File: C:\WINDOWS\system32\vssadmin.exe **INFECTED** Win32:Vitro
    22:17:29.078 File: C:\WINDOWS\system32\vssvc.exe **INFECTED** Win32:Vitro
    22:17:29.296 File: C:\WINDOWS\system32\w32tm.exe **INFECTED** Win32:Vitro
    22:17:29.843 File: C:\WINDOWS\system32\wdfmgr.exe **INFECTED** Win32:Vitro
    22:17:30.296 File: C:\WINDOWS\system32\wextract.exe **INFECTED** Win32:Vitro
    22:17:30.593 File: C:\WINDOWS\system32\wiaacmgr.exe **INFECTED** Win32:Vitro
    22:17:31.984 File: C:\WINDOWS\system32\WinFXDocObj.exe **INFECTED** Win32:Vitro
    22:17:32.093 File: C:\WINDOWS\system32\winhlp32.exe **INFECTED** Win32:Vitro
    22:17:32.562 File: C:\WINDOWS\system32\winmine.exe **INFECTED** Win32:Vitro
    22:17:32.796 File: C:\WINDOWS\system32\winmsd.exe **INFECTED** Win32:Vitro
    22:17:33.406 File: C:\WINDOWS\system32\winver.exe **INFECTED** Win32:Vitro
    22:17:38.359 File: C:\WINDOWS\system32\wpabaln.exe **INFECTED** Win32:Vitro
    22:17:39.015 File: C:\WINDOWS\system32\wpdshextautoplay.exe **INFECTED** Win32:Vitro
    22:17:39.421 File: C:\WINDOWS\system32\wpnpinst.exe **INFECTED** Win32:Vitro
    22:17:39.500 File: C:\WINDOWS\system32\write.exe **INFECTED** Win32:Vitro
    22:17:39.671 File: C:\WINDOWS\system32\wscntfy.exe **INFECTED** Win32:Vitro
    22:17:39.781 File: C:\WINDOWS\system32\wscript.exe **INFECTED** Win32:Vitro
    22:17:41.765 File: C:\WINDOWS\system32\WudfHost.exe **INFECTED** Win32:Vitro
    22:17:42.015 File: C:\WINDOWS\system32\wupdmgr.exe **INFECTED** Win32:Vitro
    22:17:42.578 File: C:\WINDOWS\system32\xcopy.exe **INFECTED** Win32:Vitro
    22:17:44.781 AVAST engine scan C:\WINDOWS\system32\drivers
    22:17:57.093 AVAST engine scan C:\Documents and Settings\Administrator
    22:18:52.968 File: C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{47676630-682F-4932-8BC7-A558F6E7A1B0}\ARPPRODUCTICON.exe **INFECTED** Win32:Vitro
    22:21:06.546 File: C:\Documents and Settings\Administrator\Application Data\Verizon\PCRC_ar\CommunicationManager_Android.exe **INFECTED** Win32:Vitro
    22:21:06.750 File: C:\Documents and Settings\Administrator\Application Data\Verizon\PCRC_ar\ToolLauncher.exe **INFECTED** Win32:Vitro
    22:23:41.453 File: C:\Documents and Settings\Administrator\Desktop\boot_cleaner.exe **INFECTED** Win32:Vitro
    22:23:52.734 File: C:\Documents and Settings\Administrator\Desktop\lrxk2b2p.exe **INFECTED** Win32:Vitro
    22:23:53.656 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\COMPRESSION UTILITIES\7-ZIP\7Z.EXE **INFECTED** Win32:Vitro
    22:23:57.281 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\DIAGNOSTIC\UNKNOWNDEVICES\UNKNOWNDEVICES.EXE **INFECTED** Win32:Vitro
    22:23:57.546 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\DIAGNOSTIC\UNKNOWNDEVICES\V1.2\UNKNOWNDEVICES.EXE **INFECTED** Win32:Vitro
    22:23:58.000 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\DIAGNOSTIC\WD DIAGNOSTICS\WINDLG.EXE **INFECTED** Win32:Vitro
    22:24:21.203 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\ISOLINUX\SYSLINUX.EXE **INFECTED** Win32:Vitro
    22:24:24.781 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\PRODUCT FIXES\SYMANTEC\CLEANDOWNLOAD.EXE **INFECTED** Win32:Vitro
    22:24:25.390 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\PRODUCT FIXES\SYMANTEC\FOR OLDER VERSIONS\RNAV2003.EXE **INFECTED** Win32:Vitro
    22:24:25.515 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\PRODUCT FIXES\SYMANTEC\FOR OLDER VERSIONS\RNIS UPGRADE.EXE **INFECTED** Win32:Vitro
    22:24:26.265 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\ATRIBUNE\ATF-CLEANER.EXE **INFECTED** Win32:Vitro
    22:24:26.359 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\ATRIBUNE\LOOK2ME-DESTROYER.EXE **INFECTED** Win32:Vitro
    22:24:28.031 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\CWSHREDDER\CWSHREDDER.EXE **INFECTED** Win32:Vitro
    22:24:28.156 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MALWAREBYTES\ABOUTBUSTER\ABOUTBUSTER.EXE **INFECTED** Win32:Vitro
    22:24:28.296 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MALWAREBYTES\E2TAKEOUT\E2TAKEOUT.EXE **INFECTED** Win32:Vitro
    22:24:28.515 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MALWAREBYTES\QOOFIX\QOOFIX.EXE **INFECTED** Win32:Vitro
    22:24:28.656 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\ADS SPY\ADSSPY.EXE **INFECTED** Win32:Vitro
    22:24:28.765 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\BUGOFF\BUGOFF.EXE **INFECTED** Win32:Vitro
    22:24:28.875 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\ITTY BITTY PROCESS MANAGER\IBPROCMAN.EXE **INFECTED** Win32:Vitro
    22:24:29.328 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\KAZAABEGONE\KAZAABEGONE.EXE **INFECTED** Win32:Vitro
    22:24:29.734 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\KILL2ME\KILL2ME.EXE **INFECTED** Win32:Vitro
    22:24:29.859 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\MERIJN TOOLS\STARTUPLIST\STARTUPLIST.EXE **INFECTED** Win32:Vitro
    22:24:29.984 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MALWARE\UTILITIES\OTHER\DESKBANDS.EXE **INFECTED** Win32:Vitro
    22:24:30.609 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\MRI.EXE **INFECTED** Win32:Malware-gen
    22:24:33.343 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WEB BROWSERS\OPERA\OPERA.EXE **INFECTED** Win32:Vitro
    22:24:34.218 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WEB BROWSERS\OPERA\PROGRAM\PLUGINS\NETSCAPE.EXE **INFECTED** Win32:Vitro
    22:24:37.625 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WINDOWS TOOLS\MISC\CMOSPWD\WINDOWS\CMOSPWD_WIN.EXE **INFECTED** Win32:Vitro
    22:24:38.234 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WINDOWS TOOLS\WINDOWS APPS AND FILES\MSCONFIG\MSCONFIG (WIN2K).EXE **INFECTED** Win32:Vitro
    22:24:38.343 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WINDOWS TOOLS\WINDOWS APPS AND FILES\MSCONFIG\MSCONFIG (WIN95).EXE **INFECTED** Win32:Vitro
    22:24:39.390 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WINDOWS TOOLS\WINDOWS FIXES\DAF\DIAL-A-FIX.EXE **INFECTED** Win32:Vitro
    22:24:39.484 File: C:\Documents and Settings\Administrator\Desktop\MRI5.1.0\WINDOWS TOOLS\WINDOWS FIXES\DAF\SECEDIT.EXE **INFECTED** Win32:Vitro
    22:25:13.656 File: C:\Documents and Settings\Administrator\kblxrhoj.exe **INFECTED** Win32:Vitro
    22:40:19.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
    22:40:19.750 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"
    jfkstunna, Jan 16, 2012
    #41

  2. jfkstunna Newcomer, in training

    bootkit log

    Bootkit Remover
    (c) 2009 Esage Lab
    www.esagelab.com

    Program version: 1.2.0.1
    OS Version: Microsoft Windows XP Professional Service Pack 2 (build 2600)

    System volume is \\.\C:
    \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
    Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

    Size Device Name MBR Status
    --------------------------------------------
    74 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


    Done;
    Press any key to quit...
    jfkstunna, Jan 16, 2012
    #42

  3. Broni Malware Annihilator

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode (How to...)

    2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
    Broni, Jan 17, 2012
    #43

  4. Broni Malware Annihilator

    Scratch that....
    I should have taken better look.

    I'm afraid I have very bad news.

    You are infected with a polymorphic file infector - Virut (called by Avast - Win32:Vitro). This infection can and will infect all the machine's executable files .exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.

    Malware experts say that a Complete Reformat and Reinstall is the only way to clean the infection. This includes All Drives that contain following files:
    *.exe
    *.scr
    *.htm
    *.html
    *.xml
    *.zip
    *.rar
    *.doc
    *.jpg
    *.pdf

    Backup all your documents and important items only.
    DO NOT backup any files mentioned above.

    I suggest you do the following immediately:

    * Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
    * From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
    * DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

    For more information on Virut, and why you need to reformat, have a read of miekiemoes blog here.

    To find out how to carry out an XP Reformat and Reinstall, please see this page. If you are using Vista, then check this page instead.

    Once you have reformatted and reinstalled Windows, have a look at this page for some useful tips on staying clean, along with links to some freeware to help.

    To find out more information about how you may have got infected in the first place, you can read this article.

    I am sorry I cannot give any better news.
    Broni, Jan 17, 2012
    #44

  5. jfkstunna Newcomer, in training

    wow talk about bad news lol well...i'll get to it tomorrow afternoon if i have any more questions i'll be sure to hit you back so if u can leave this post open for me so i may contact you
    jfkstunna, Jan 17, 2012
    #45

  6. Broni Malware Annihilator

    Sorry about it :(

    I don't close topics so you can post back anytime.
    Broni, Jan 17, 2012
    #46

  7. jfkstunna Newcomer, in training

    hey buddy its me again

    i have a question is there any place i can download the XP reinstall CD or anything of that nature because i dont have mine anymore???
    jfkstunna, Jan 18, 2012
    #47

  8. Broni Malware Annihilator

    Nope.
    You can either call your computer manufacturer to order recovery disk (cheaper), or buy Windows disk (more expensive).
    Broni, Jan 18, 2012
    #48
Page 3 of 3