Mimicking Virus

BiednyMis · Sep 23, 2010

So i'm having quite a hard time getting rid of what seems to be multiple viruses on my computer. One is the "random number exe" virus and the other is mimicking my programs (ie: taskmgr). Here is my HijackThis. Please help me with this nuisance, thank you.
PS: I apologize, it's extremely long

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:06 PM, on 9/23/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
D:\Games\Steam\Steam.exe
C:\Windows\smss.exe
C:\Windows\win32.exe
C:\Windows\system.exe
C:\Windows\spoolsv.exe
C:\Windows\wininst.exe
C:\Users\Mike\AppData\Local\Temp\gdi32.exe
C:\Users\Mike\AppData\Local\Temp\spoolsv.exe
C:\Windows\avp.exe
C:\Users\Mike\AppData\Local\Temp\avp32.exe
C:\Users\Mike\AppData\Local\Temp\debug.exe
C:\Windows\cmd.exe
C:\Windows\csrss.exe
C:\Windows\services.exe
C:\Users\Mike\AppData\Local\Temp\sysedit.exe
C:\Users\Mike\AppData\Local\Temp\avp.exe
C:\Users\Mike\AppData\Local\Temp\win16.exe
C:\Windows\taskmgr.exe
C:\Windows\win.exe
C:\Users\Mike\AppData\Local\Temp\wininst.exe
C:\Windows\drweb.exe
C:\Users\Mike\AppData\Local\Temp\system.exe
C:\Users\Mike\AppData\Local\Temp\install.exe
C:\Users\Mike\AppData\Local\Temp\setup.exe
C:\Users\Mike\AppData\Local\Temp\drweb.exe
C:\Windows\mdm.exe
C:\Users\Mike\AppData\Local\Temp\login.exe
C:\Users\Mike\AppData\Local\Temp\services.exe
C:\Users\Mike\AppData\Local\Temp\winamp.exe
C:\Windows\winamp.exe
C:\Windows\winlogon.exe
C:\Users\Mike\AppData\Local\Temp\user.exe
C:\Users\Mike\AppData\Local\Temp\win.exe
C:\Windows\login.exe
C:\Users\Mike\AppData\Local\Temp\taskmgr.exe
C:\Windows\lsass.exe
C:\Users\Mike\AppData\Local\Temp\hexdump.exe
C:\Windows\avp32.exe
C:\Windows\sysedit.exe
C:\Users\Mike\AppData\Local\Temp\winlogon.exe
C:\Windows\hexdump.exe
C:\Windows\iexplarer.exe
C:\Users\Mike\AppData\Local\Temp\mdm.exe
C:\Windows\nvsvc32.exe
C:\Users\Mike\AppData\Local\Temp\lsass.exe
C:\Users\Mike\AppData\Local\Temp\csrss.exe
C:\Windows\debug.exe
C:\Windows\user.exe
C:\Windows\smss.exe
C:\Users\Mike\AppData\Local\Temp\cmd.exe
C:\Users\Mike\AppData\Local\Temp\smss.exe
C:\Users\Mike\AppData\Local\Temp\iexplarer.exe
C:\Windows\install.exe
C:\Windows\svchost.exe
C:\Users\Mike\AppData\Local\Temp\nvsvc32.exe
C:\Windows\setup.exe
C:\Windows\gdi32.exe
C:\Users\Mike\AppData\Local\Temp\1820640407.exe
C:\Users\Mike\AppData\Local\Temp\3552804401.exe
C:\Users\Mike\AppData\Local\Temp\1117738159.exe
C:\Users\Mike\AppData\Local\Temp\1567231534.exe
C:\Users\Mike\AppData\Local\Temp\2272541021.exe
C:\Users\Mike\AppData\Local\Temp\2849785757.exe
C:\Users\Mike\AppData\Local\Temp\2722005000.exe
C:\Users\Mike\AppData\Local\Temp\3876669529.exe
C:\Users\Mike\AppData\Local\Temp\864347002.exe
C:\Users\Mike\AppData\Local\Temp\win32.exe
C:\Users\Mike\AppData\Local\Temp\736536254.exe
C:\Users\Mike\AppData\Local\Temp\1891213713.exe
C:\Users\Mike\AppData\Local\Temp\3173699400.exe
C:\Users\Mike\AppData\Local\Temp\1765595750.exe
C:\Users\Mike\AppData\Local\Temp\svchost.exe
C:\Users\Mike\AppData\Local\Temp\2215113734.exe
C:\Users\Mike\AppData\Local\Temp\3497703953.exe
C:\Users\Mike\AppData\Local\Temp\3369949931.exe
C:\Windows\win16.exe
C:\Users\Mike\AppData\Local\Temp\1384365759.exe
C:\Users\Mike\AppData\Local\Temp\2089519245.exe
C:\Users\Mike\AppData\Local\Temp\3244352679.exe
C:\Users\Mike\AppData\Local\Temp\1130879382.exe
C:\Users\Mike\AppData\Local\Temp\2413479508.exe
C:\Users\Mike\AppData\Local\Temp\2285603573.exe
C:\Users\Mike\AppData\Local\Temp\3440335278.exe
C:\Users\Mike\AppData\Local\Temp\4017702100.exe
C:\Users\Mike\AppData\Local\Temp\1005345395.exe
C:\Users\Mike\AppData\Local\Temp\877453727.exe
C:\Users\Mike\AppData\Local\Temp\2032181753.exe
C:\Users\Mike\AppData\Local\Temp\2609546153.exe
C:\Users\Mike\AppData\Local\Temp\3314719363.exe
C:\Users\Mike\AppData\Local\Temp\3186907872.exe
C:\Users\Mike\AppData\Local\Temp\3764275397.exe
C:\Users\Mike\AppData\Local\Temp\1778862188.exe
C:\Users\Mike\AppData\Local\Temp\3061364409.exe
C:\Users\Mike\AppData\Local\Temp\370606845.exe
C:\Users\Mike\AppData\Local\Temp\1075795542.exe
C:\Users\Mike\AppData\Local\Temp\2807878740.exe
C:\Users\Mike\AppData\Local\Temp\244997324.exe
C:\Users\Mike\AppData\Local\Temp\117316892.exe
C:\Users\Mike\AppData\Local\Temp\3131841452.exe
C:\Users\Mike\AppData\Local\Temp\3709214181.exe
C:\Users\Mike\AppData\Local\Temp\3581364399.exe
C:\Users\Mike\AppData\Local\Temp\4286559991.exe
C:\Users\Mike\AppData\Local\Temp\4158808729.exe
C:\Users\Mike\AppData\Local\Temp\2878511356.exe
C:\Users\Mike\AppData\Local\Temp\4033252818.exe
C:\Users\Mike\AppData\Local\Temp\765166224.exe
C:\Users\Mike\AppData\Local\Temp\2625033196.exe
C:\Users\Mike\AppData\Local\Temp\3202331631.exe
C:\Users\Mike\AppData\Local\Temp\62090146.exe
C:\Users\Mike\AppData\Local\Temp\1446198383.exe
C:\Users\Mike\AppData\Local\Temp\1637835000.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\smss.exe
C:\Windows\win16.exe
C:\Windows\system.exe
C:\Windows\spoolsv.exe
C:\Windows\wininst.exe
C:\Users\Mike\AppData\Local\Temp\gdi32.exe
C:\Users\Mike\AppData\Local\Temp\spoolsv.exe
C:\Windows\avp.exe
C:\Users\Mike\AppData\Local\Temp\avp32.exe
C:\Users\Mike\AppData\Local\Temp\debug.exe
C:\Windows\cmd.exe
C:\Windows\csrss.exe
C:\Windows\services.exe
C:\Users\Mike\AppData\Local\Temp\sysedit.exe
C:\Users\Mike\AppData\Local\Temp\avp.exe
C:\Users\Mike\AppData\Local\Temp\win32.exe
C:\Windows\taskmgr.exe
C:\Windows\win.exe
C:\Users\Mike\AppData\Local\Temp\svchost.exe
C:\Windows\drweb.exe
C:\Users\Mike\AppData\Local\Temp\system.exe
C:\Users\Mike\AppData\Local\Temp\install.exe
C:\Users\Mike\AppData\Local\Temp\setup.exe
C:\Users\Mike\AppData\Local\Temp\drweb.exe
C:\Windows\mdm.exe
C:\Users\Mike\AppData\Local\Temp\login.exe
C:\Users\Mike\AppData\Local\Temp\services.exe
C:\Users\Mike\AppData\Local\Temp\winamp.exe
C:\Windows\winamp.exe
C:\Windows\winlogon.exe
C:\Users\Mike\AppData\Local\Temp\user.exe
C:\Users\Mike\AppData\Local\Temp\win.exe
C:\Windows\login.exe
C:\Users\Mike\AppData\Local\Temp\taskmgr.exe
C:\Windows\lsass.exe
C:\Users\Mike\AppData\Local\Temp\hexdump.exe
C:\Windows\avp32.exe
C:\Windows\sysedit.exe
C:\Users\Mike\AppData\Local\Temp\winlogon.exe
C:\Windows\hexdump.exe
C:\Windows\iexplarer.exe
C:\Users\Mike\AppData\Local\Temp\mdm.exe
C:\Windows\nvsvc32.exe
C:\Users\Mike\AppData\Local\Temp\lsass.exe
C:\Users\Mike\AppData\Local\Temp\csrss.exe
C:\Windows\debug.exe
C:\Windows\user.exe
C:\Windows\smss.exe
C:\Users\Mike\AppData\Local\Temp\cmd.exe
C:\Users\Mike\AppData\Local\Temp\smss.exe
C:\Users\Mike\AppData\Local\Temp\iexplarer.exe
C:\Windows\install.exe
C:\Windows\svchost.exe
C:\Users\Mike\AppData\Local\Temp\nvsvc32.exe
C:\Windows\setup.exe
C:\Windows\gdi32.exe
D:\Software\Apple\iTunesHelper.exe
C:\Users\Mike\AppData\Local\Temp\1820640407.exe
C:\Users\Mike\AppData\Local\Temp\3552804401.exe
C:\Users\Mike\AppData\Local\Temp\1117738159.exe
C:\Users\Mike\AppData\Local\Temp\1567231534.exe
C:\Users\Mike\AppData\Local\Temp\2272541021.exe
C:\Users\Mike\AppData\Local\Temp\2144632271.exe
C:\Users\Mike\AppData\Local\Temp\2849785757.exe
C:\Users\Mike\AppData\Local\Temp\2722005000.exe
C:\Users\Mike\AppData\Local\Temp\4004481066.exe
C:\Users\Mike\AppData\Local\Temp\3876669529.exe
C:\Users\Mike\AppData\Local\Temp\864347002.exe
C:\Users\Mike\AppData\Local\Temp\736536254.exe
C:\Users\Mike\AppData\Local\Temp\1313908984.exe
C:\Users\Mike\AppData\Local\Temp\1891213713.exe
C:\Users\Mike\AppData\Local\Temp\3173699400.exe
C:\Users\Mike\AppData\Local\Temp\1765595750.exe
C:\Users\Mike\AppData\Local\Temp\2215113734.exe
C:\Users\Mike\AppData\Local\Temp\3497703953.exe
C:\Users\Mike\AppData\Local\Temp\3369949931.exe
C:\Users\Mike\AppData\Local\Temp\1384365759.exe
C:\Users\Mike\AppData\Local\Temp\2089519245.exe
C:\Users\Mike\AppData\Local\Temp\3244352679.exe
C:\Users\Mike\AppData\Local\Temp\1130879382.exe
C:\Users\Mike\AppData\Local\Temp\2413479508.exe
C:\Users\Mike\AppData\Local\Temp\2285603573.exe
C:\Users\Mike\AppData\Local\Temp\3440335278.exe
C:\Users\Mike\AppData\Local\Temp\4017702100.exe
C:\Users\Mike\AppData\Local\Temp\1005345395.exe
C:\Users\Mike\AppData\Local\Temp\877453727.exe
C:\Users\Mike\AppData\Local\Temp\2032181753.exe
C:\Users\Mike\AppData\Local\Temp\2609546153.exe
C:\Users\Mike\AppData\Local\Temp\3314719363.exe
C:\Users\Mike\AppData\Local\Temp\3186907872.exe
C:\Users\Mike\AppData\Local\Temp\3764275397.exe
C:\Users\Mike\AppData\Local\Temp\1778862188.exe
C:\Users\Mike\AppData\Local\Temp\3061364409.exe
C:\Users\Mike\AppData\Local\Temp\370606845.exe
C:\Users\Mike\AppData\Local\Temp\1075795542.exe
C:\Users\Mike\AppData\Local\Temp\2807878740.exe
C:\Users\Mike\AppData\Local\Temp\244997324.exe
C:\Users\Mike\AppData\Local\Temp\117316892.exe
C:\Users\Mike\AppData\Local\Temp\3131841452.exe
C:\Users\Mike\AppData\Local\Temp\3709214181.exe
C:\Users\Mike\AppData\Local\Temp\3581364399.exe
C:\Users\Mike\AppData\Local\Temp\4286559991.exe
C:\Users\Mike\AppData\Local\Temp\4158808729.exe
C:\Users\Mike\AppData\Local\Temp\2878511356.exe
C:\Users\Mike\AppData\Local\Temp\4033252818.exe
C:\Users\Mike\AppData\Local\Temp\765166224.exe
C:\Users\Mike\AppData\Local\Temp\2625033196.exe
C:\Users\Mike\AppData\Local\Temp\3202331631.exe
C:\Users\Mike\AppData\Local\Temp\62090146.exe
C:\Users\Mike\AppData\Local\Temp\1446198383.exe
C:\Users\Mike\AppData\Local\Temp\1637835000.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Mike\AppData\Local\Temp\892946981.exe
C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

CatByte · Sep 24, 2010

Is this a 64bit system?

amateur · Oct 3, 2010

Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

http://www.techsupportforum.com/sec...-log-help/305963-new-instructions-read-before-posting-malware-removal-help.html

Mimicking Virus

Top Contributors this Month

Recommended Communities