Hi,Pondus
Thanks,
After your recommendation,I make my mind to quick scan my system using MalwareBytes software.
Attach is my log file generated.
…
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4719
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
9/29/2010 9:40:35 PM
mbam-log-2010-09-29 (21-40-35).txt
Scan type: Quick scan
Objects scanned: 136675
Time elapsed: 9 minute(s), 46 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 4
Registry Data Items Infected: 4
Folders Infected: 1
Files Infected: 9
Memory Processes Infected:
C:\Documents and Settings\Owner\Local Settings\temp\dwm.exe (Trojan.Downloader.Gen) → No action taken.
C:\Documents and Settings\Owner\Application Data\Microsoft\Windows\shell.exe (Trojan.Shell) → No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) → No action taken.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) → No action taken.
HKEY_CLASSES_ROOT\CLSID{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) → No action taken.
HKEY_CLASSES_ROOT\Typelib{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) → No action taken.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) → No action taken.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) → No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ytasfwhdtjdqwk (Rootkit.TDSS) → No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\monopod (Trojan.FakeAlert) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\updatenew (Malware.Trace) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Trojan.Agent) → No action taken.
Registry Data Items Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) → Bad: (explorer.exe,C:\Documents and Settings\Owner\Application Data\Microsoft\Windows\shell.exe) Good: (Explorer.exe) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → No action taken.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\13291564 (Rogue.Multiple) → No action taken.
Files Infected:
C:\Documents and Settings\Owner\Local Settings\temp\dwm.exe (Trojan.Downloader.Gen) → No action taken.
C:\Documents and Settings\Owner\Desktop\dwm.exe (Trojan.Downloader.Gen) → No action taken.
C:\Documents and Settings\Owner\Desktop\txt (Trojan.Downloader.Gen) → No action taken.
C:\Documents and Settings\All Users\Application Data\13291564\13291564 (Rogue.Multiple) → No action taken.
C:\WINDOWS\system32\ytasfwdaerseuo.dat (Rootkit.TDSS) → No action taken.
C:\WINDOWS\system32\ytasfwuoyifyxe.dat (Rootkit.TDSS) → No action taken.
C:\WINDOWS\Tasks{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) → No action taken.
C:\WINDOWS\Tasks{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) → No action taken.
C:\Documents and Settings\Owner\Application Data\Microsoft\Windows\shell.exe (Trojan.Shell) → No action taken.
Hope something positive may result for everyone having this difficulty.
update:one and half hour passed after the quick scan and removal .Malicious virus not yet appear in task manager.Seems like ship sails in smooth water after the storm.