Inactive I have a virus, Help!

Status
Not open for further replies.
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum (you abandoned 1 topic in the past, so make sure, you don't do it again!)
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.

I had to edit all the other post. Please delete other post. Thanks.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I am going to re-install the whole system and re run this logs for you, I don't want to take any chances. I want to make sure this virus is gone. So I think the best is to clear everything and start all over.
 
I reformatted my computer and would like to confirm that this virus is gone.
Here the updates logs. Thanks.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6327

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

4/10/2011 2:11:21 PM
mbam-log-2011-04-10 (14-11-21).txt

Scan type: Quick scan
Objects scanned: 151473
Time elapsed: 5 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15570 - http://www.gmer.net
Rootkit quick scan 2011-04-12 05:35:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK1032GSX rev.AS021G
Running: 5e6l0kqq.exe; Driver: C:\DOCUME~1\ADOLFO~1\LOCALS~1\Temp\pwtdrpod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA9EB8026]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA9EB7E91]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA9F018DE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs naiavf5x.sys (Anti-Virus File System Filter Driver/McAfee Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/10/2011 2:14:54 PM
System Uptime: 4/12/2011 5:30:54 AM (0 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | U1 | 1596/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 78.644 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 4/10/2011 2:15:00 PM - System Checkpoint
RP2: 4/10/2011 1:27:13 PM - avast! Free Antivirus Setup
RP3: 4/10/2011 1:35:58 PM - Installed Windows XP KB932823-v3.
RP4: 4/10/2011 1:46:15 PM - Installed Windows Internet Explorer 8.
RP5: 4/10/2011 2:12:58 PM - Installed Java(TM) 6 Update 24
RP6: 4/10/2011 2:54:17 PM - Installed Windows Internet Explorer 8.
RP7: 4/10/2011 3:36:49 PM - Software Distribution Service 3.0
RP8: 4/10/2011 3:52:51 PM - Software Distribution Service 3.0
RP9: 4/10/2011 4:30:19 PM - Removed Adobe Reader 7.0
RP10: 4/10/2011 4:30:53 PM - Installed Adobe Reader X.
RP11: 4/10/2011 5:21:59 PM - Software Distribution Service 3.0
RP12: 4/12/2011 5:33:40 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Reader X
America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
avast! Free Antivirus
Bejeweled 2 Deluxe
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
CD/DVD Drive Acoustic Silencer
DVD-RAM Driver
ESET Online Scanner v3
ESPNMotion
FATE
GemMaster Mystic
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 4
Java Auto Updater
Java(TM) 6 Update 24
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
McAfee SecurityCenter
McAfee VirusScan
mCore
mDrWiFi
Metamail (Toshiba Registration Utility)
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Office OneNote 2003
Microsoft Office Standard Edition 2003
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
mIWA
mLogView
mMHouse
Mozilla Firefox 4.0 (x86 en-US)
mPfMgr
mPfWiz
mProSafe
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
MyConnect Special Offer
mZConfig
Office 2003 Trial Assistant
Otto
Polar Golfer
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Realtek High Definition Audio Driver
SCRABBLE
SD Secure Module
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB982665)
Sonic DLA
Sonic Encoders
Sonic RecordNow!
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebFldrs XP
WildTangent Web Driver
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB894553
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Music Engine
.
==== Event Viewer Messages From Past Week ========
.
4/10/2011 4:41:34 PM, error: Service Control Manager [7034] - The McAfee.com McShield service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:39:05 PM, error: Service Control Manager [7034] - The TOSHIBA Application Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:39:05 PM, error: Service Control Manager [7034] - The Swupdtmr service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:39:05 PM, error: Service Control Manager [7034] - The McAfee Task Scheduler service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:39:05 PM, error: Service Control Manager [7034] - The Intel(R) PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:38:35 PM, error: Service Control Manager [7034] - The McAfee WSC Integration service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:38:35 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AOL TopSpeed Monitor service to connect.
4/10/2011 4:36:05 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:36:05 PM, error: Service Control Manager [7034] - The DVD-RAM_Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:36:05 PM, error: Service Control Manager [7034] - The ConfigFree Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:36:04 PM, error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:36:04 PM, error: Service Control Manager [7031] - The AOL TopSpeed Monitor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
4/10/2011 4:36:00 PM, error: Service Control Manager [7034] - The Intel(R) PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).
4/10/2011 4:35:59 PM, error: Service Control Manager [7034] - The Intel(R) PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Adolfo Albarran at 5:36:22.25 on Tue 04/12/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.584 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\igfxtray.exe
svchost.exe
C:\WINDOWS\system32\igfxpers.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\WINDOWS\system32\dla\DLACTRLW.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\toshiba\ivp\ism\pinger.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RAMASST.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\SoftwareDistribution\Download\f35839bf00bc83543dbda7acaf1e2a3b\update\update.exe
\\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\Adolfo Albarran\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=2
uSearch Bar = hxxp://www.toshiba.com/search
uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: McAfee VirusScan: {ba52b914-b692-46c4-b683-905236f6f655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\mcupdate.exe
mRun: [MCAgentExe] c:\progra~1\mcafee.com\agent\mcagent.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [dla] c:\windows\system32\dla\DLACTRLW.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [VSOCheckTask] "c:\progra~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
mRun: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
mRun: [OASClnt] c:\program files\mcafee.com\vso\oasclnt.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1302474879140
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\adolfo~1\applic~1\mozilla\firefox\profiles\8yno2gmk.default\
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-10 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-10 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-10 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-10 42184]
R2 McDetect.exe;McAfee WSC Integration;c:\program files\mcafee.com\agent\Mcdetect.exe [2006-2-24 126976]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McAfee.com McShield;c:\progra~1\mcafee.com\vso\mcshield.exe [2006-2-24 221184]
R2 McTskshd.exe;McAfee Task Scheduler;c:\progra~1\mcafee.com\agent\mctskshd.exe [2006-2-24 122368]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2006-2-24 114464]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-10 136176]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe [2006-2-24 245760]
.
=============== Created Last 30 ================
.
2011-04-11 01:21:08 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-04-11 01:20:37 590848 ----a-w- c:\windows\system32\SET2B.tmp
2011-04-11 01:20:37 5120 ------w- c:\windows\system32\SET2C.tmp
2011-04-11 00:45:42 -------- d-----w- c:\windows\system32\scripting
2011-04-11 00:45:41 -------- d-----w- c:\windows\system32\en
2011-04-11 00:45:41 -------- d-----w- c:\windows\system32\bits
2011-04-11 00:45:41 -------- d-----w- c:\windows\l2schemas
2011-04-11 00:38:36 -------- d-----w- c:\windows\network diagnostic
2011-04-11 00:11:58 452736 ------w- c:\windows\system32\drivers\mtxparhm.sys
2011-04-11 00:11:58 1309184 ------w- c:\windows\system32\drivers\mtlstrm.sys
2011-04-11 00:11:58 126686 ------w- c:\windows\system32\drivers\mtlmnt5.sys
2011-04-11 00:11:51 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2011-04-11 00:11:39 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2011-04-11 00:11:39 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2011-04-11 00:11:39 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2011-04-10 23:06:38 -------- d-----w- c:\program files\MSXML 4.0
2011-04-10 23:04:07 -------- d-----w- c:\windows\ie8updates
2011-04-10 23:01:49 -------- d-----w- c:\windows\ServicePackFiles
2011-04-10 22:52:14 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-04-10 22:52:09 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-04-10 22:52:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-04-10 22:52:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-04-10 22:52:07 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-04-10 22:52:07 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-04-10 22:52:06 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-04-10 22:52:05 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-04-10 22:49:12 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-04-10 22:49:07 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-04-10 22:48:45 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2011-04-10 22:47:17 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-04-10 22:47:17 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-04-10 22:47:00 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-04-10 22:44:05 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-04-10 22:43:08 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-04-10 22:41:01 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-04-10 22:41:00 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-04-10 22:41:00 35328 -c----w- c:\windows\system32\dllcache\sc.exe
2011-04-10 22:41:00 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-04-10 22:40:59 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-04-10 22:40:59 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-04-10 22:40:59 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-04-10 22:40:58 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2011-04-10 22:40:58 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-04-10 22:40:58 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-04-10 22:40:58 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-04-10 22:40:57 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-04-10 22:40:56 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-04-10 22:40:47 2560 ------w- c:\windows\system32\xpsp4res.dll
2011-04-10 22:40:46 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-04-10 22:39:54 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-04-10 22:39:49 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-04-10 22:39:44 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-04-10 22:38:41 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-04-10 22:38:40 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-04-10 22:38:35 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-04-10 22:38:20 23040 ------w- c:\windows\kb913800.exe
2011-04-10 22:37:26 -------- d-----w- c:\windows\system32\PreInstall
2011-04-10 22:35:12 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2011-04-10 22:35:12 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-04-10 22:35:11 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2011-04-10 22:35:11 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2011-04-10 22:35:11 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2011-04-10 22:03:30 -------- d-----w- c:\program files\ESET
2011-04-10 21:52:51 -------- dc-h--w- c:\windows\ie8
2011-04-10 21:14:25 21275 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-04-10 21:13:33 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-10 21:13:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-10 21:03:38 -------- d-----w- c:\program files\AVerMedia
2011-04-10 21:03:23 69632 ----a-r- c:\windows\system32\MCSysUtil.dll
2011-04-10 21:03:23 4528 ----a-r- c:\windows\system32\SETBROWS.EXE
2011-04-10 21:03:23 135168 ----a-w- c:\windows\system32\XML30Lib.dll
2011-04-10 21:03:22 50176 ----a-w- c:\windows\system32\CSH.DLL
2011-04-10 21:03:22 163840 ----a-w- c:\windows\system32\MCCoreUtil.dll
2011-04-10 21:03:21 -------- d-----w- c:\program files\Metamail Inc
2011-04-10 21:02:52 -------- d-----w- c:\program files\common files\InterVideo
2011-04-10 21:02:29 135168 ----a-w- c:\windows\system32\igfxres.dll
2011-04-10 21:00:19 -------- d-sh--w- c:\documents and settings\adolfo albarran\IECompatCache
2011-04-10 21:00:01 -------- d-sh--w- c:\documents and settings\adolfo albarran\PrivacIE
2011-04-10 20:49:05 -------- d-sh--w- c:\documents and settings\adolfo albarran\IETldCache
2011-04-10 20:47:10 -------- d-----w- c:\docume~1\adolfo~1\applic~1\Malwarebytes
2011-04-10 20:47:03 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-10 20:47:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-04-10 20:46:56 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-10 20:46:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-10 20:28:00 -------- d-----w- c:\docume~1\adolfo~1\locals~1\applic~1\Temp
2011-04-10 20:27:38 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-10 20:27:23 40648 ----a-w- c:\windows\avastSS.scr
2011-04-10 20:27:13 -------- d-----w- c:\program files\AVAST Software
2011-04-10 20:27:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software
.
==================== Find3M ====================
.
2011-02-05 00:48:32 456192 ----a-w- c:\windows\system32\encdec.dll
2011-02-05 00:48:30 291840 ----a-w- c:\windows\system32\sbe.dll
.
============= FINISH: 5:38:29.00 ===============
 
Install this on your computer and then you're safe to plug anything in and scan it with your AV program and MBAM, if you wish.

Download, and run Flash Disinfector, and save it to your desktop (Windows Vista and Windows 7 users, scroll down)

*Please disable any AV / ScriptBlockers as they might detect Flash Disinfector to be malicious and block it. Hence, the failure in executing. You can enable them back after the cleaning process*

  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

Windows Vista and Windows 7 users
Flash Disinfector is not compatible with the above Windows version.
Please, use Panda USB Vaccine
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
467
eriksnyman1
E
M
Virus warning popup
Replies
1
Views
532
Mark Fuller
M
B
Help with PUBG Mobile Pc
Replies
0
Views
421
basitdogar
B

Latest posts

Back