Need help with malware

[El Oso]

DDS (Ver_10-03-17.01) - FAT32x86

Run by Usuario at 0:48:00,20 on 26/07/2010

Internet Explorer: 6.0.2900.5512

Microsoft Windows XP Home Edition 5.1.2600.3.1252.34.3082.18.958.451 [GMT 2:00]

AV: avast! Antivirus *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

SVCHOST.EXE

C:\WINDOWS\System32\svchost.exe -k netsvcs

SVCHOST.EXE

SVCHOST.EXE

C:\WINDOWS\Explorer.EXE

C:\Archivos de programa\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Archivos de programa\Synaptics\SynTP\SynTPLpr.exe

C:\Archivos de programa\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\system32\Rundll32.exe

C:\WINDOWS\system32\keyhook.exe

C:\Archivos de programa\Arcade\PCMService.exe

C:\Archivos de programa\Launch Manager\QtZgAcer.EXE

C:\ARCHIV~1\ALWILS~1\Avast5\avastUI.exe

C:\Archivos de programa\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Archivos de programa\Windows Live\Messenger\msnmsgr.exe

C:\Archivos de programa\Messenger\msmsgs.exe

SVCHOST.EXE

C:\WINDOWS\system32\sistray.exe

C:\Acer\eManager\anbmServ.exe

C:\Archivos de programa\Archivos comunes\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Archivos de programa\Bonjour\mDNSResponder.exe

C:\Archivos de programa\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\TUProgSt.exe

C:\Archivos de programa\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Archivos de programa\Mozilla Firefox\firefox.exe

C:\Archivos de programa\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Usuario\Mis documentos\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.es/

mDefault_Page_URL = hxxp://global.acer.com

mStart Page = hxxp://search.myheritage.com

uInternet Connection Wizard,ShellNext = hxxp://www.symantec.com/techsupp/servlet/ProductMessages?module=2010&error=0&language=es&product=SymNRT&version=2010.0.0.98&build=Symantec

uInternet Settings,ProxyOverride = <local>;*.local

uInternet Settings,ProxyServer = http=127.0.0.1:5555

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\archivos de programa\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\archivos de programa\java\jre6\bin\ssv.dll

BHO: Windows Live Aplicaci

Attach.zip

mbam_log_2010_07_26__00_20_24_.txt

[miekiemoes]

Hi,

First of all, please update MalwareBytes, because the databaseversion is outdated.

• Start MalwareBytes and click the Update tab. There click "Check for updates"
  
• Once the updates are downloaded, perform a quick scan again.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply along with a fresh HijackThis log, then we'll proceed from there with new steps.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!