[SOLVED] Malware Problem..please help me out!!

[Bravo Boy]

The computer gets halted.The keyboard and the mouse stop working.The computer takes a lot of time to get started.
Please help out!



DDS (Ver_09-10-26.01) - NTFSx86
Run by Administrator at 14:43:52.07 on Thu 10/29/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.503.139 [GMT 5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
svchost.exe
F:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
F:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
F:\Program Files\DAP\DAP.EXE
C:\Documents and Settings\Administrator\Desktop\gmer.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=GRman000&ptb=MJgYWoxP07o3_VCq9vQ.IA
uURLSearchHooks: SrchHook Class: {f4f10c1d-87c7-404a-b4b3-000000000000} - f:\progra~1\dap\SBSearch.dll
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - c:\program files\mywebsearch\bar\1.bin\MWSSRCAS.DLL
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - c:\program files\mywebsearch\bar\1.bin\MWSBAR.DLL
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - e:\real player\rpbrowserrecordplugin.dll
BHO: SBCONVERT Class: {31b27f2d-6bc6-451b-b3d2-4eab36b2fc3b} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: DAPIELoader Class: {ff6c3cf0-4b15-11d1-abed-709549c10000} - f:\progra~1\dap\DAPIEL~1.DLL
BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\speedb~1\toolbar\grabber.dll
TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Encarta &Researcher: {9455301c-cf6b-11d3-a266-00c04f689c50} - c:\program files\common files\microsoft shared\encarta researcher\EROPROJ.DLL
uRun: [cdoosoft] c:\docume~1\admini~1\locals~1\temp\herss.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [DownloadAccelerator] "f:\program files\dap\DAP.EXE" /STARTUP
uRun: [uTorrent] "f:\program files\utorrent\uTorrent.exe"
uRun: [SpeedBitVideoAccelerator] f:\program files\speedbit video accelerator\VideoAccelerator.exe
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [RemoteControl] "c:\program files\asustek\asusdvd\PDVDServ.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Adobe Reader Speed Launcher] "f:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [DAEMON Tools] "e:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [MyWebSearch Plugin] rundll32 c:\progra~1\mywebs~1\bar\1.bin\M3PLUGIN.DLL,UPF
mRun: [My Web Search Bar] rundll32 c:\progra~1\mywebs~1\bar\1.bin\MWSBAR.DLL,S
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe
IE: &Clean Traces - f:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - f:\program files\dap\dapextie.htm
IE: &Search - http://edits.mywebsearch.com/toolbar...tml?p=GRman000
IE: Download &all with DAP - f:\program files\dap\dapextie2.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {9455301C-CF6B-11D3-A266-00C04F689C50} - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\program files\common files\microsoft shared\encarta researcher\EROPROJ.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
LSP: f:\progra~1\speedb~1\sblsp.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: msero - {B0D92A71-886B-453B-A649-1B91F93801E7} - c:\program files\common files\microsoft shared\encarta researcher\MSERO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-6 96520]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-10-6 873752]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-10-6 231192]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-6 76040]
R2 VideoAcceleratorService;VideoAcceleratorService;f:\progra~1\speedb~1\videoacceleratorservice.exe -start -scm --> f:\progra~1\speedb~1\VideoAcceleratorService.exe -start -scm [?]
R2 Windows Hosts Controller;Windows Hosts Controller;c:\windows\fonts\unwise_.exe [2009-9-30 171795]
R2 wmcmgc;Windows Management Configuration;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [2009-10-22 28762]

=============== Created Last 30 ================

2009-10-26 04:45:29 0 d-----w- c:\program files\BitLord
2009-10-24 17:13:21 115549 --sh--r- C:\eexyv.exe
2009-10-24 11:18:20 115729 --sh--r- C:\wcgswa.exe
2009-10-23 17:39:15 0 d-----w- c:\windows\system32\LogFiles
2009-10-23 07:55:24 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-10-23 07:45:04 0 d-----w- c:\program files\Microsoft Games
2009-10-23 04:24:58 0 d-----w- C:\My Music
2009-10-23 04:20:47 0 d-----w- c:\program files\common files\xing shared
2009-10-22 09:22:44 28672 ----a-w- c:\windows\system32\f3PSSavr.scr
2009-10-22 09:22:44 0 d-----w- c:\program files\FunWebProducts
2009-10-22 09:22:42 0 d-----w- c:\program files\MyWebSearch
2009-10-22 09:11:40 113953 --sh--r- C:\qbr2q.exe
2009-10-22 02:52:34 534 ----a-w- c:\windows\eReg.dat
2009-10-22 02:50:08 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys
2009-10-22 02:45:45 96256 ----a-w- c:\windows\system32\drivers\sptd2205.sys
2009-10-22 02:45:45 664064 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-20 18:26:03 116183 --sh--r- C:\nds0q.exe
2009-10-15 11:00:26 0 d-----w- c:\program files\Opera 10.10 Beta
2009-10-12 09:49:52 0 d-----w- c:\program files\common files\Windows Live
2009-10-09 15:04:32 116183 --sh--r- C:\vlvtdflx.exe
2009-10-09 08:50:40 117508 --sh--r- C:\1di1w.exe
2009-10-07 15:29:05 117945 --sh--r- C:\r2g20.exe
2009-10-07 11:22:52 0 d-----w- c:\windows\system32\CatRoot_bak
2009-10-06 23:53:18 0 d-----w- c:\windows\ServicePackFiles
2009-10-06 20:22:25 0 d-----w- c:\windows\system32\KB905474
2009-10-06 20:20:01 0 d-----w- c:\program files\MSXML 4.0
2009-10-06 16:56:14 0 d-----w- c:\program files\common files\DivX Shared
2009-10-06 16:55:58 0 d--h--w- C:\$AVG8.VAULT$
2009-10-06 15:04:04 117625 --sh--r- C:\f9o8o.exe
2009-10-06 13:34:20 76040 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-10-06 13:34:20 10520 ----a-w- c:\windows\system32\avgrsstx.dll
2009-10-06 13:34:15 96520 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-10-06 13:34:04 0 d-----w- c:\windows\system32\drivers\Avg
2009-10-06 13:33:49 0 d-----w- c:\docume~1\alluse~1\applic~1\avg8
2009-10-06 04:48:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-10-06 02:44:09 0 d-----w- c:\program files\Ask.com
2009-10-06 02:43:31 0 d-----w- c:\docume~1\admini~1\applic~1\uTorrent
2009-10-06 02:05:20 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-05 19:39:47 0 d-----w- c:\windows\system32\PreInstall
2009-10-05 19:39:46 22752 ----a-w- c:\windows\system32\spupdsvc.exe
2009-10-05 19:39:45 0 d--h--w- c:\windows\$hf_mig$
2009-10-05 15:37:27 0 d-----w- c:\docume~1\alluse~1\applic~1\SpeedBit
2009-10-05 15:37:20 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2009-10-05 15:37:15 0 d-----w- c:\program files\SpeedBit Video Downloader
2009-10-05 15:12:44 118651 --sh--r- C:\ctu8r.exe
2009-10-05 14:09:16 135168 ----a-r- c:\windows\system32\igfxres.dll
2009-10-05 13:58:37 134272 -c--a-w- c:\windows\system32\dllcache\b57xp32.sys
2009-10-05 13:58:37 134272 ----a-r- c:\windows\system32\drivers\b57xp32.sys
2009-10-02 18:28:34 171995 ----a-w- c:\windows\system32\asr_55336.exe
2009-10-02 18:28:21 79 ----a-w- c:\windows\system32\asr_xtbjo
2009-10-01 12:18:39 81 ----a-w- c:\windows\system32\asr_yxtnm
2009-10-01 1241 171795 ----a-w- c:\windows\system32\man8.exe
2009-10-01 1231 81 ----a-w- c:\windows\system32\asr_hjjdj
2009-09-30 16:51:12 81 ----a-w- c:\windows\system32\asr_qrbkk
2009-09-30 15:55:19 118464 --sh--r- C:\0fkk02x.exe
2009-09-30 11:25:46 0 d-s---w- c:\documents and settings\administrator\UserData
2009-09-30 11:25:25 0 d-----w- c:\windows\system32\SoftwareDistribution
2009-09-30 11:14:44 116840 --sh--r- C:\9jyhdim8.exe

==================== Find3M ====================

2009-10-23 04:20:07 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-22 02:59:05 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys
2009-09-30 16:51:49 171795 --sh--r- c:\windows\fonts\unwise_.exe
2009-09-06 08:48:40 53784 ----a-w- c:\windows\desctemp.dat
2009-09-05 15:38:22 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-09-04 16:19:32 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-12 17:40:42 104662 --sh--r- C:\9u.exe
2009-08-05 09:11:47 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2003-03-21 08:37:58 16056 ----a-w- c:\program files\owcstp16.dll

============= FINISH: 14:44:07.84 ===============

[chemist]

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

My Web Search (My Web Face)<<Please read this

------------------------------------------------------

Please visit this webpage for download links, and instructions for running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

* Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix.

Get help here

Please post the C:\ComboFix.txt in your next reply for further review.

Please re-enable your antivirus before posting the ComboFix.txt log.

------------------------------------------------------

[Bravo Boy]

Since I needed a quick escape from malware, I installed a new Windows along with formatting the entire drives, thus losing all the data. Since then, no symptoms of malware have been observed.
Please tell whether this is sufficient for getting rid from malware?
And any further suggestions please?

[chemist]

Thanks for letting us know. If you formatted the entire drives, you should be good to go.

MICROSOFT UPDATES
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

SPYWARE PREVENTION
This is a good time to set up protection against further attacks. In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read these well written articles:

• How Did I Get Infected In The First Place? by TonyKlein
• How to Prevent Malware by miekiemoes

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

• WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
  • Green to go
  • Yellow for caution
  • Red to stop
  WOT has an add-on available for both Firefox and IE.
  
• SpywareBlaster prevents the installation of ActiveX-based malware, blocks cookies, and restricts the actions of "bad" sites. See tutorial here
  
• MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here
  • Download Host.zip and Save it to your Desktop.
  • Right-click hosts.zip and select 'Extract all files' or 'Extract files...'.
  • Follow the prompts and click 'Finish'.
  • This will open the newly created hosts folder on your Desktop.
  • Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
  • Once updated you should see another prompt that the task was completed.

Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

[Bravo Boy]

Thanks a lot for helping!