Hi,
Has Malwarebytes been find something? Why you did not attach MBAM log as well?
Your USB memory devices might been infected.
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/04/29 10:02:01 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{38e894c0-76c5-11e3-9a4a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{38e894c0-76c5-11e3-9a4a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exeDo not plug/attach USB memory devices while malware check/cleaning is in progress. We shall check USB's later.
PS: Panda USB Vaccine can only protect you against USB based malware that uses autorun.inf to infect your PC. The harsh truth is that very few of malware today relies on autorun.inf to ensure the transition of the host machine. Today, autorun.inf are not the only way that malware can exploit, and therefor Panda USB Vaccine software is not compatible for USB protection.But we'll get to that later...
--- --- --- --- --- ---
I'm pleased how OTL looks like. For starters I want to see what ComboFix will say to all this.
1. Please download
ComboFix by
sUBs from here and save it to your
Desktop.
If you are unsure how ComboFix works please read this guide carefully.
Note: ComboFix must be downloaded to your Desktop.--------------------------------------------------------------------
2. Temporarily disable your
AntiVirus program, usually via a right click on the System Tray icon. They may interfere with Combofix.
If you are unsure how to do this please read this or this Instruction.Instructions how to disable avast:- Right click on the avast! system tray icon () in the lower right corner of the screen and scroll up to avast! shield controls;
- In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.
Note: Do not forget to turn back on this option after the cleaning by choosing avast! shield controls > Enable all shield options.--------------------------------------------------------------------
3. Run
ComboFix. Click on
I Agree!- ComboFix will display DISCLAIMER of warranty on software.
By clicking I Agree ComboFix shall continue.
- ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
-If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
- ComboFix will scan your computer in stages, total of 50 stages.
Do not mouse-click around while ComboFix is running.
Note:If you see a message like "Illegal operation attempted on a registry key that has been marked for deletion" just restart your computer.
--------------------------------------------------------------------
4. When the tool is finished, it will produce a log report for you. (typical location: C:\
ComboFix.txt )
Attach log reports ( ComboFix.txt) back to topic.