I was on a forum and someone posted a link so I clicked it, and Java opened up, this is known as a driveby, and I think I got infected by it.
1.My issues are:
computer startup is slow
computer has occasional hiccups 10 minutes after startup
NOD32 give me a trojan alert but can't fix it.
When I click on clean this happens
2.My MBAM log:
Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4875 Windows 6.1.7600 Service Pack 3 Internet Explorer 8.0.7600.16385 10/18/2010 5:25:33 PM mbam-log-2010-10-18 (17-25-33).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 741388 Time elapsed: 2 hour(s), 53 minute(s), 10 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
3.My OTL log:
http://tinypaste.com/587896
4.My GMER log:
GMER 1.0.15.15472 - http://www.gmer.net Rootkit scan 2010-10-18 18:55:16 Windows 6.1.7600 Service Pack 3 Running: dxwkpvb7.exe ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED6141 0x22 0x85 0x32 0x40 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0xF1 0x63 0x96 0x73 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A C:\Program Files (x86)\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0x31 0x01 0xE6 0xB9 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4A 0x1C 0xD5 0x56 0xDE ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF 0x31 0x01 0xE6 0xB9 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF 0x1C 0xD5 0x56 0xDE ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\ Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\ 0x61 0x62 0x67 0x6E ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\ 0x65 0x62 0x68 0x6C ... Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags 1 ---- Files - GMER 1.0.15 ---- File C:\Users\Josue\AppData\Local\Temp\etilqs_adSdfCFm8NTeTdddjbpP 0 bytes File C:\Users\Josue\AppData\Local\Temp\etilqs_Y18qhw3jVjGagFfkxBag 0 bytes File C:\Users\Josue\AppData\Local\Temp\fla43D6.tmp 1418596 bytes File C:\Users\Josue\AppData\Local\Temp\flaF9A6.tmp 2608911 bytes ---- EOF - GMER 1.0.15 ----
Issues encountered: