Suspected malware

Hi,

I did find a nameless entry in star up section in msconfig, & computer was somewhat slow.

I did a scan & results are attached.
please have a look.

 

suspected malware(additional files)

Continued as previous

Regards
Ankit

 

Re: suspected malware(additional files)

I wanted to add that only exe files detected by superantispyware were .exe created by me using a software autoit. i believe it is a wrong detection in saslog.txt
thanks

 

Welcome to Major Geeks!

Reviewing your logs now. Please be patient as there is a lot of information to review.

 

First we need to reconfigure MSCONFIG to be in Normal Mode.
Please do the following to achieve this:
Start > Run > msconfig
System Configuration Utility comes up
Click in the Normal Startup area as shown below
http://img705.imageshack.us/img705/2396/systemconfiguration.jpg
Select OK
When you are prompted to Restart Now or Later, choose to Restart Now.
Your computer will reboot itself.

When you get back into windows, you will be prompted with the following message:
http://img688.imageshack.us/img688/613/warningmsconfig.png
Put a checkmark in box as shown and select OK


Afterwards, go to the below link and follow the instructions for running TDSSKiller from Kaspersky

• TDSSkiller - How to run

Be sure to attach your log from TDSSKiller

Also please also download MBRCheck to your desktop

• Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
• It will show a Black screen with some information that will contain either the below line if no problem is found:
  • Done! Press ENTER to exit...
• Or you will see more information like below if a problem is found:
  • Found non-standard or infected MBR.
  • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
• Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
• MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
• Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

 

Logs as said.
It was already in normal startup in msconfig(your read me post said so)
TIA

 

There is no malware in your logs, ankit7.

I will give you a fix for the nameless startup entry and to try to put your system in Normal Startup mode. I appreciate you making sure you did it on your end. There is a registry setting however that tells me it is still in Selective Startup. So please try the following so we can address both of these :cool

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.