I'd like another opinion on those files, please.
Please download the Suspicious File Packer
http://www.safer-networking.org/files/sfp.zip
Unzip it to the desktop and run it.
Paste the following list of bad files into the Suspicious File Packer window:
C:\WINDOWS\SYSTEM32\asprouni.exe
C:\WINDOWS\SYSTEM32\wirmczj.dll
Allow SFP to pack the files. This will generate a CAB archive on your desktop.
Please submit it to this site
http://www.bleepingcomputer.com/subm....php?channel=4
Please include a link to this topic in the message.
---------------------------------------------------------------------------------------------
I see you have Ewido anti-spyware 4.0 installed. Ewido has recently been purchased by Grisoft, makers of AVG Antivirus, and the program is now known as AVG Anti-Spyware. It is essentially the same program with a new paintjob; Ewido currently can still be updated to the newest definitions, but this support will likely not last forever. I recommend you uninstall Ewido 4.0, restart your system, then download and install AVG Anti-Spyware. Update it's definitions as directed below, and run a scan where I have it placed in this fix.
Download
AVG Anti-Spyware- Install AVG Anti-Spyware
- Double-click the icon on Desktop to launch AVG Anti-Spyware
You will need to update AVG Anti-Spyware to the latest definition files.
- On the top of the main screen click Shield
- Click the word active to change it to inactive
- On the top of the main screen click Update.
- Then click on Start Update. The update will start and a progress bar will show the updates being installed.
- Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
- Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
- Under "Reports"
- Select "Automatically generate report after every scan"
- Un-Select "Only if threats were found"
When you have finished updating,
EXIT AVG Anti-Spyware. Do Not run a scan just yet, we will shortly.
---------------------------------------------------------------------------------------------
I also take note that your version of Spybot Search and Destroy is not the latest which is 1.4, therefore not offering you the best in protection and detection ability. I recommend you uninstall it, and get the new version, update it, and run a full system scan.
Download and install Spybot S&D
http://security.kolla.de/. Run Spybot and click on the 'Search for Updates' button. Install any updates that are available.
Now click Mode menu and choose 'Advanced Mode'. Next click on Immunize to your left. Click the Immunize button (green cross) on top to Immunize your computer - you should do this each time there is an update. Do NOT enable Spybot TeaTimer Resident protection at this time. What this will do is monitor any system/registry changes and will ask you for permission to change any of these settings. It may also hinder our fix at this point. You may enable it after the fix is complete.
Now click on the 'Spybot-S&D' option on the top left to go back to the main screen. Next click on the 'Check for Problems' button. Let it run the scan. If it finds something, check all those in RED and hit the 'Fix Selected Problems' button. Exit Spybot. If you keep getting the DSO Exploit entries, even after you updated Windows and fixed them, then download the Spybot DSO Exploit Fix
http://majorgeeks.com/download4392.html and install it over the current Spybot installation.
---------------------------------------------------------------------------------------------
Restart your computer and boot into Safe Mode by tapping the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.
---------------------------------------------------------------------------------------------
Run
AVG Anti-Spyware with it's updated definitions:(...it's important that all windows must be closed)
- Click Scanner
- Click on the Scan tab
- Click Complete System Scan to begin scanning.
Once the scan is complete do the following:
- If you have any infections you will prompted, then select "Apply all actions"
- Once finished, click the Save report button, then click Save Report As and save it to your desktop. (make sure to remember where you saved that file, this is important).
Restart in normal mode.
---------------------------------------------------------------------------------------------
Perform an online scan with Internet Explorer with
Panda ActiveScan http://www.pandasoftware.com/products/activescan.htm
Click on the "Free To Use ActiveScan" located on the top right hand corner- Click Check Now and a "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
- Enter your e-mail address, country, and state & click Scan Now * The download of the 8 MB Panda's ActiveX control will take place *
Begin the scan by selecting
My Computer- If it finds any malware, it will offer you a report.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on See report then click Save report
*Turn off the real time scanner of any existing antivirus program while performing the online scan
---------------------------------------------------------------------------------------------
Open Hijack This and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
---------------------------------------------------------------------------------------------
Post results from:
AVG Anti-Spyware
Panda
HJT
How is your system behaving now, please?