USB "DATA Administrator" Malware

[darth_shaker]

Once again I ask to those who have more knowledge than me, thanks in advance. My problem is the following:

I used my usb pendrive on a friend's computer and it got infected, I didn't pluged it into my computer yet.

Malware Demeanour:
It creates a Data Administrator.exe file on the root of the drive. And also it replicates itself inside every folder of the drive with the [folder].exe name. It uses folder icons.

I don't know what kind of malware i'm facing, my concerns are the following:
1- Avast will kill it on sight if I plug the pendrive?
2-If the answer is no, how do I deal with the infected device? Is there anything I can do to prevent the infection of my computer before I do format the device?

Thanks again

[Eddy]

Start with installing McShield:
https://forum.avast.com/index.php?topic=53253.0

[Pondus]

1- Avast will kill it on sight if I plug the pendrive?

MCShield will (should) kill it ....... 
then continue with Malwarebytes and FRST logs from the guide Eddy gave you

I used my usb pendrive on a friend's computer and it got infected, I didn't pluged it into my computer yet.

your friend need to come here and get his computer cleaned

Malware Demeanour:
It creates a Data Administrator.exe file on the root of the drive. And also it replicates itself inside every folder of the drive with the [folder].exe name. It uses folder icons.

how do you know this?
is this what it has done in your friends computer?

[darth_shaker]

Yes, it did that to the compute and also to the pendrive. My friend's computer is not connected to the Internet, we don't know how he got the infection, but probably vía another pendrive. He is not coming here, a format should do it.

[Pondus]

My friend's computer is not connected to the Internet, we don't know how he got the infection, but probably vía another pendrive.

if using penndrives you should always have MCShield installed .....
it usually manage to do its work without signatures, if computer is not online you can download offline database here  http://www.mcshield.net/download.html

[darth_shaker]

I plugged the drive and Mchield said it was clean. Its a posibbility because I deleted the files the Malware created before removing it from my friend's computer. The logs from the computer I uses are attached. Waiting for more instructions.

[essexboy]

Looks clean apart from a few orphans, are you experiencing any problems ?

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} ->  No File
BHO-x32: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} ->  No File
BHO-x32: No Name -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-3911254397-2388004393-920576364-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

[darth_shaker]

Here is the logs.  Everything seems fine.

By the way, One unrelated question, since the forum was updated I cant login with my laptop, is it using java now or some sort of software im missing?

[darth_shaker]

UPDATE:
 My friend has send me an image taken with his mobile phone, it's other of the malware's effects, it shows this screen every few hours  (maybe is this its main purpose?). I attach it for malware identification if posible.

[essexboy]

It is the brontok worm and your friend really should get it cleaned otherwise the infection will spread to anyone else who has a USB from that computer