0

Hey guys, I got a problem, I'll just start of by saying, This might sound stupid cause no-one i know has ever heard of any thing like this. Well 1= everytime i plug in a USB to my PC, it installs or loads a hidden .exe file in there, And when i delete it, When i put my usb in there again after taking it out it's there again, But comes in a different name, its been RUNDLE.exe,WINAMP.exe,EXPLORER.exe, And a whole lot of other names, And always in CAPITAL, And i know its not the exe from my system files cause its still in the Windows directory, And it is not in Capital letters,
I just ignored it all for a while until now, I tried to install ableton Live 8.1.1 and after installation. When i try to run the program it starts to load and then i get a message saying..... "Static initializer not called"
So i emailed Ableton Support team and after a few emails, They came to a conclusion that, Something has changed the live file, or hooked on to it or something, They believe it could be a virus or something along those lines. Thats what they said they can tel from the Live LOG file. So with This Post i will attach the Live LOG file, also i will attach the HIJACK THIS LOG file as well to help you guys help ME.
But before i do i will Put down my specs.

ASUS M51Sn LAPTOP,Intel CORE2DUO T9300 2.5 ghz, 3GB RAM
250GB HDD, NVIDIA 9500M GS 512 GRAPHICS CARD
WIFI(DISABLED)TV TUNER(DISABLED)

NOTE= Upon opening my usb to attach the files there those exe files i was talking about but cause i'm at the library right now, There Antivirus program has detected a virus. The Pop message reads

""""Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: W32.Sality.AE
File: E:\BXPM.exe
Location: E:
Computer: 7FN8M1S
User: NTPublic
Action taken: Pending Side Effects Analysis : Access denied
Date found: Wednesday, 3 March 2010 10:19:35 AM"""

<a href="/images/attachments/1/Log2DANI%20WEB4HELP.txt">Log2DANI WEB4HELP.txt</a>

Anyways, Thanks in ADVANCE GUYS, I hope i can finally fix these problems. PEACE OUT

Edited by POVSTA: n/a

Attachments
31 ms. : 
31 ms. : #######################################
31 ms. : # Opening Log: Sun Feb 28 22:10:06 2010
31 ms. : #######################################
31 ms. : 
31 ms. : Checking...
171 ms. : Checksum 1: 97c25c4a3656b2625ce01c89af6e66c3
171 ms. : Checksum 2: de7c83e0c7a08b54149f0a964f6d4a19
171 ms. : Checksum 3: 7c9aa933e7bcc06badb167f8606c811a
187 ms. Directories: Resources: Check
187 ms. Directories: Resources: Ok
187 ms. Directories: Preferences: Check
187 ms. Directories: Preferences: Ok
187 ms. Directories: Documents: Check
187 ms. Directories: Documents: Ok
187 ms. Directories: Desktop: Check
187 ms. Directories: Desktop: Ok
187 ms. Directories: Default Recording: Check
187 ms. Directories: Default Recording: Ok
187 ms. Directories: Default Cache: Check
187 ms. Directories: Default Cache: Ok
187 ms. Directories: Index Cache: Check
187 ms. Directories: Index Cache: Ok
187 ms. Directories: User Home: Check
187 ms. Directories: User Home: Ok
187 ms. Directories: Application Support: Check
187 ms. Directories: Application Support: Ok
187 ms. Directories: Temp folder: Check
187 ms. Directories: Temp folder: Ok
187 ms. Directories: Windows icons: Check
187 ms. Directories: Windows icons: Ok
187 ms. : Use server: https://services.ableton.com
203 ms. Net: Setting up connection framework
203 ms. Directories: Cached Presets: Check
203 ms. Directories: Cached Presets: Ok
203 ms. Plugins: Setup
203 ms. Plugins: Setup
203 ms. Plugins: Setup
437 ms. Directories: Bugreporting: Check
452 ms. Directories: Bugreporting: Ok
561 ms. WindStructureInit: Setup
561 ms. WindStructureInit: Setup
561 ms. WindComplexInit: Setup
561 ms. WindComplexInit: Setup
561 ms. Device: Setup
561 ms. Device: Setup
561 ms. Device: Setup
561 ms. Device: Setup
561 ms. SetWinRegistry: Start
561 ms. SetWinRegistry: End
842 ms. DirectDraw: Creating primary Surface : Metrics : 1280 x 800 x 32
2402 ms. QuickTimeVideoWindow: Quicktime version: 0x7648000
2434 ms. Live App: Begin Init
2434 ms. Live App: Version: 'Live 8.1.1'    '524545'
2434 ms. Live App: OS: 'Windows XP S'
2434 ms. Live App: Pid: '1648'
2434 ms. Live App: Start as first instance: yes
2435 ms. Default App: Begin InitApplication
2560 ms. ADefaultApp: Begin InitEventRecorder
2560 ms. ADefaultApp: End InitEventRecorder
2561 ms. Default App: Begin LoadPrefs
2635 ms. VuMeter: Use default. MeterUpdateRate = 40
2636 ms. ALAudioInOut: Constructor started
2645 ms. ALAudioInOut: Constructor finished
2646 ms. DirectSound: 1. DirectSound device: S
2646 ms. DirectSound: 2. DirectSound device: D
2646 ms. WaveOut: SInit: started
2648 ms. WaveOut: 1. device: S
2648 ms. WaveOut: 1. device: M ignored. ChannelCount: 1
2649 ms. WaveOut: 2. device: D
2650 ms. WaveOut: SInit: finished
2653 ms. DirectCapture: 1. DirectCapture device: M
2653 ms. DirectCapture: 2. DirectCapture device: M
2653 ms. DirectCapture: 3. DirectCapture device: M
2654 ms. WaveIn: SInit: started
2655 ms. WaveIn: 1. device: M
2655 ms. WaveIn: 1. device: M ignored. ChannelCount: 1
2656 ms. WaveIn: 2. device: M
2656 ms. WaveIn: SInit: finished
2658 ms. ASIO: SInit: started
2777 ms. ASIO: SInit: 0. Asio Device: ASIO Digidesign Driver
2777 ms. ASIO: SInit: 1. Asio Device: ASIO DirectX Full Duplex Driver
2777 ms. ASIO: SInit: 2. Asio Device: ASIO4ALL v2
2777 ms. ASIO: SInit: 3. Asio Device: Digidesign Eleven Rack ASIO
2777 ms. ASIO: Proccessor: Intel
2778 ms. ASIO: SInit: UseClockSource: 1
2778 ms. ASIO: SInit: UseSetSampleRate: 1
2778 ms. ASIO: SInit: UseSampleRateCheck: 1
2778 ms. ASIO: SInit: finished
2779 ms. ALAudioInOut: OnArchitecturesAdded started
2779 ms. ALAudioInOut: OnArchitecturesAdded finished
2779 ms. LMidiIO: Start EnumerateDevices
2787 ms. MidiSystemSetUp: Start Constructing
2787 ms. MidiSystemSetUp: End Constructing
2788 ms. LMidiIO: End EnumerateDevices
2796 ms. AMidiIO: Start OpenAllActivatedDevices
2798 ms. AMidiIO: End OpenAllActivatedDevices
3003 ms. LSongAgent: Begin Constructing
3005 ms. ReWire: ReWireMaster Open
3116 ms. ReWire: Detected slave "ASIO4ALL ReWire Input" with 2 channels
3151 ms. ReWire: Detected slave "FL Studio" with 32 channels
3162 ms. ReWire: Detected slave "Melodyne" with 8 channels
3171 ms. ReWire: Detected slave "Waves ReWire" with 2 channels
3176 ms. LSongAgent: Constructing: ReWire master
3208 ms. LSongAgent: End Constructing
3209 ms. ALivePreferences: Begin AfterPreferencesLoaded
3209 ms. Directories: Library: Check
3209 ms. Directories: Library: Ok
3209 ms. Directories: Library Presets: Check
3210 ms. Directories: Library Presets: Ok
3212 ms. PluginManager: Scan start ------------------
3214 ms. PluginManager: Scan end --------------------
3218 ms. ALivePreferences: End AfterPreferencesLoaded
3219 ms. ALivePreferences: Begin OnPreferencesChanged
3632 ms. ALivePreferences: End OnPreferencesChanged
3632 ms. Default App: End LoadPrefs
3638 ms. Database: Open file: 'C:\Users\G-MoTell\AppData\Roaming\Ableton\Cache\Cache\Web\Registry.db'
3647 ms. Default App: After LoadPrefs
3647 ms. Default App: After AnalyseCommandLinePaths
3650 ms. Default App: After RebuildRecentDocsMenu
4411 ms. Default App: SetApplicationView
4643 ms. Default App: AddControlled
4644 ms. Default App: SInitHistoryType
4644 ms. Default App: After LoadableDocLocations
4644 ms. Default App: Begin OnNew
4652 ms. Default App: DefaultDocument: Try to Load default document
4719 ms. Default App: Begin ExchangeDocument
4807 ms. LSongAgent: Begin SetSongUnit
4807 ms. ALAudioInOut: Start started
4808 ms. ALAudioInOut: Internal Start started
4809 ms. DirectSound: Speakers (High Definition Audio Device) DX: Open started
4809 ms. DirectSound: Speakers (High Definition Audio Device) DX: CreateDirectSoundObject started
4816 ms. DirectSound: Speakers (High Definition Audio Device) DX: Min SampleRate: 100   Max SampleRate: 200000
4816 ms. DirectSound: Speakers (High Definition Audio Device) DX: CreatePrimaryBuffer started
4817 ms. DirectSound: Speakers (High Definition Audio Device) DX: CreateSecondaryBuffer started
4820 ms. DirectCapture: 
4820 ms. DirectCapture: Microphone (High Definition Audio Device) DX: Open started
4820 ms. DirectCapture: 
4820 ms. DirectCapture: Microphone (High Definition Audio Device) DX: CreateCaptureObject started
4822 ms. DirectCapture: Microphone (High Definition Audio Device) DX: CreateCaptureObject finished
4822 ms. DirectCapture: 
4822 ms. DirectCapture: Microphone (High Definition Audio Device) DX: CreateCaptureBuffer started
4838 ms. DirectCapture: Microphone (High Definition Audio Device) DX: CreateCaptureBuffer finished
4839 ms. DirectCapture: Microphone (High Definition Audio Device) DX: Open finished
4839 ms. ALAudioInOut: Begin of UpdateAudioStateStatic 
4840 ms. ALAudioInOut: 1
4840 ms. ALAudioInOut: 2
4840 ms. ALAudioInOut: s
4840 ms. ALAudioInOut: s
4840 ms. ALAudioInOut: s
4841 ms. ALAudioInOut: s
4841 ms. ALAudioInOut: s
4841 ms. ALAudioInOut: s
4841 ms. ALAudioInOut: s
4841 ms. ALAudioInOut: 3
4842 ms. ALAudioInOut: 4
4842 ms. ALAudioInOut: --Audio state--
4842 ms. ALAudioInOut: In: 1   Out: 1
4842 ms. ALAudioInOut: Sample Rate 44100.000000
4842 ms. ALAudioInOut: End of UpdateAudioStateStatic 
4843 ms. DirectCapture: Microphone (High Definition Audio Device) DX: Start started
4843 ms. DirectCapture: Microphone (High Definition Audio Device) DX: Start finished
4843 ms. DirectSound: Speakers (High Definition Audio Device) DX: Start started
4862 ms. DirectSound: Speakers (High Definition Audio Device) DX: Start finished
4862 ms. ALAudioInOut: Internal Start finished
4863 ms. ALAudioInOut: Start finished
4881 ms. LSongAgent: End SetSongUnit
5027 ms. Database: Open file: 'C:\Users\G-MoTell\AppData\Roaming\Ableton\Live 8.1.1\Database\files.db'
5393 ms. Default App: End ExchangeDocument
5544 ms. Default App: End InitApplication
5544 ms. Live App: End Init
0 ms. : 
0 ms. : #######################################
0 ms. : # Opening Log: Sun Feb 28 22:10:59 2010
0 ms. : #######################################
0 ms. : 
0 ms. : Checking...
140 ms. : Checksum 1: 97c25c4a3656b2625ce01c89af6e66c3
140 ms. : Checksum 2: de7c83e0c7a08b54149f0a964f6d4a19
140 ms. : Checksum 3: 2492205ae307d8258f10dd1318aba875
172 ms. Directories: Resources: Check
172 ms. Directories: Resources: Ok
172 ms. Directories: Preferences: Check
172 ms. Directories: Preferences: Ok
172 ms. Directories: Documents: Check
172 ms. Directories: Documents: Ok
172 ms. Directories: Desktop: Check
172 ms. Directories: Desktop: Ok
172 ms. Directories: Default Recording: Check
172 ms. Directories: Default Recording: Ok
172 ms. Directories: Default Cache: Check
172 ms. Directories: Default Cache: Ok
172 ms. Directories: Index Cache: Check
172 ms. Directories: Index Cache: Ok
172 ms. Directories: User Home: Check
172 ms. Directories: User Home: Ok
172 ms. Directories: Application Support: Check
172 ms. Directories: Application Support: Ok
172 ms. Directories: Temp folder: Check
172 ms. Directories: Temp folder: Ok
172 ms. Directories: Windows icons: Check
172 ms. Directories: Windows icons: Ok
172 ms. : Use server: https://services.ableton.com
187 ms. Net: Setting up connection framework
203 ms. Directories: Cached Presets: Check
203 ms. Directories: Cached Presets: Ok
203 ms. Plugins: Setup
203 ms. Plugins: Setup
203 ms. Plugins: Setup
406 ms. Directories: Bugreporting: Check
406 ms. Directories: Bugreporting: Ok
530 ms. WindStructureInit: Setup
530 ms. WindStructureInit: Setup
530 ms. WindComplexInit: Setup
530 ms. WindComplexInit: Setup
530 ms. Device: Setup
530 ms. Device: Setup
530 ms. Device: Setup
530 ms. Device: Setup
530 ms. SetWinRegistry: Start
546 ms. SetWinRegistry: End
718 ms. DirectDraw: Creating primary Surface : Metrics : 1280 x 800 x 32
1747 ms. Live App: Begin Init
1747 ms. Live App: Version: 'Live 8.1.1'    '524545'
1747 ms. Live App: OS: 'Windows 2000 With '
1747 ms. Live App: Pid: '2024'
1747 ms. Live App: Start as first instance: yes
1747 ms. Default App: Begin InitApplication
1872 ms. ADefaultApp: Begin InitEventRecorder
1872 ms. ADefaultApp:
2
Contributors
4
Replies
6
Views
7 Years
Discussion Span
Last Post by jholland1964
0

Hey guys, I got a problem, I'll just start of by saying, This might sound stupid cause no-one i know has ever heard of any thing like this. Well 1= everytime i plug in a USB to my PC, it installs or loads a hidden .exe file in there, And when i delete it, When i put my usb in there again after taking it out it's there again, But comes in a different name, its been RUNDLE.exe,WINAMP.exe,EXPLORER.exe, And a whole lot of other names, And always in CAPITAL, And i know its not the exe from my system files cause its still in the Windows directory, And it is not in Capital letters,
I just ignored it all for a while until now, I tried to install ableton Live 8.1.1 and after installation. When i try to run the program it starts to load and then i get a message saying..... "Static initializer not called"
So i emailed Ableton Support team and after a few emails, They came to a conclusion that, Something has changed the live file, or hooked on to it or something, They believe it could be a virus or something along those lines. Thats what they said they can tel from the Live LOG file. So with This Post i will attach the Live LOG file, also i will attach the HIJACK THIS LOG file as well to help you guys help ME.
But before i do i will Put down my specs.

ASUS M51Sn LAPTOP,Intel CORE2DUO T9300 2.5 ghz,  3GB RAM
            250GB HDD,  NVIDIA 9500M GS 512 GRAPHICS CARD
             WIFI(DISABLED)TV TUNER(DISABLED)

NOTE, Upon opening my usb to attach the files there those exe files i was talking about but cause i'm at the library right now, There Antivirus program has detected a virus. The Pop message reads

""""Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: W32.Sality.AE
File: E:\BXPM.exe
Location: E:
Computer: 7FN8M1S
User: NTPublic
Action taken: Pending Side Effects Analysis : Access denied
Date found: Wednesday, 3 March 2010  10:19:35 AM"""
[ATTACH]13895[/ATTACH]

Anyways, Thanks in ADVANCE GUYS, I hope i can finally fix these problems. PEACE OUT

Anyways guys, i uploaded 2 Log files, Ableton live and Hijack This but i can only see the live one so I'm attaching the Hijack this LOG file here............

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:46:53 AM, on 3/03/2010
Platform: Unknown Windows (WinNT 6.01.3004)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Wimp\Wimp.exe
C:\Program Files\Winamp\winamp.exe
C:\Users\G-MoTell\Desktop\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.rocketdivision.com/search/[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O13 - Gopher Prefix: 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - 
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Avid, Inc. All rights reserved. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Avid, Inc. All rights reserved. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - [url]http://libusb-win32.sourceforge.net[/url] - C:\Windows\system32\libusbd-nt.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Avid Technology, Inc. - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Privacyware network service (PFNet) - Privacyware/PWI, Inc. - C:\Program Files\Privacyware\Privatefirewall 6.1\pfsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 3700 bytes

Edited by mike_2000_17: Fixed formatting

0

There is infection on that USB device. If this is happening with multiple usb devices then they all must be infected.
You need to stop the computer from using AutoPlay of USB devices in order to get the infection removed.
To do this do the following:
Start Menu \ Run and type in:gpedit.msc
You will see the Group Policy window. You should select Administrative Templates \ System in the tree view:
You will see an item in the right side pane called “Turn off Autoplay”
Double click the item, and set the radio button to Enabled, and change the “Turn off Autoplay on” to All Drives.

Next do the following:
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
Once the program is updated plug in that infected usb device. DON'T do anything with it, just plug it in. It shouldn't auto play if you disabled it correctly.
* Once the program has loaded, select Perform full scan, you should receive a box where you select the drives to scan, of course scan "C" drive of the computer AND also place a check mark in that USB drive also, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.

Reboot the computer.

Post back here with the MBA-M log.

Are you running Windows 7? this HJT log is very odd looking, only 5 running processes are showing, not nearly enough. HJT doesn't work on Windows 7 so that would explain it if that is the case.

0

There is infection on that USB device. If this is happening with multiple usb devices then they all must be infected.
You need to stop the computer from using AutoPlay of USB devices in order to get the infection removed.
To do this do the following:
Start Menu \ Run and type in:gpedit.msc
You will see the Group Policy window. You should select Administrative Templates \ System in the tree view:
You will see an item in the right side pane called “Turn off Autoplay”
Double click the item, and set the radio button to Enabled, and change the “Turn off Autoplay on” to All Drives.

Next do the following:
Please download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.

* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
Once the program is updated plug in that infected usb device. DON'T do anything with it, just plug it in. It shouldn't auto play if you disabled it correctly.
* Once the program has loaded, select Perform full scan, you should receive a box where you select the drives to scan, of course scan "C" drive of the computer AND also place a check mark in that USB drive also, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.

Reboot the computer.

Post back here with the MBA-M log.

Are you running Windows 7? this HJT log is very odd looking, only 5 running processes are showing, not nearly enough. HJT doesn't work on Windows 7 so that would explain it if that is the case.

HEY,
Thanks for reply, Anyways i already have MALWAREBYTES installed, And i've run the program dozens of times with no Luck, It has not picked up anything, I've tried all the big name anti virus, I've also tried a few different Malware software, No detection. HOW COME?
I Know there's something in My PC, thats why at the moment i'm not using it for the internet, Untill i saught this out, And i am not keen on doing a re-install at all, Because i've already done one about 9 weeks ago because of this. But i will try your steps just to make sure anyway. And i wil Post the MalwareBytes LOG file here.

Oh yeah, Yes i'm running windows 7
Thanks for your help.

Edited by POVSTA: n/a

0

HEY,
Thanks for reply, Anyways i already have MALWAREBYTES installed, And i've run the program dozens of times with no Luck, It has not picked up anything, I've tried all the big name anti virus, I've also tried a few different Malware software, No detection. HOW COME?
I Know there's something in My PC, thats why at the moment i'm not using it for the internet, Untill i saught this out, And i am not keen on doing a re-install at all, Because i've already done one about 9 weeks ago because of this. But i will try your steps just to make sure anyway. And i wil Post the MalwareBytes LOG file here.

Oh yeah, Yes i'm running windows 7
Thanks for your help.

That's great you have MBA-M and you have run it a number of times, I have seen no logs so I cannot judge whether they were run correctly. Did you run it solely on the infected USB devices? That is what I recommended.
A reformat and reinstall should have removed any infected files if done properly and if that is the case then even more this points to the USB device being the source of the infection.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.