Win32:Dropper-gen[Drp] virus detected by avast.

hello every one,

I need some help solving this problem.
When i insert a usb memory or an external hard drive,
or when i try to change the date and hour settings, avast blocks it.
Even when i try to install a new program.

“Avast file system shield has blocked a threat.
No further actions is requiered.
Objet: C:/WINDOWS/system32/rundll32.exe
infection: Win32:Dropper-gen[Drp]
process: C:/WINDOWS/Explorer.EXE
The threat was detected and blocked just before the file was executed.”

If i disable avast i can acces to the usb memory, external harddrive and install programs, the whole system works fine.
I already run a normal scan and the boot time scan on avast, it does detect the virus win32:Dropper-gen[Drv] and win32:Rootkit-gen[Rtk] but it can not repair it. I already down loaded the programs listed on the virus and worms section and scanned system, but non of them detects the virus except avast and avast anti rootkit.

Here are my resuts from the OTL and the VIRUS TOTAL says only avast detects it infected.
Any help would be appreciated. thank you.

I will need to see the AswMBR log please

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

here is the combofix and AswMBR logs.

The compurer is working normal just when i insert a usb, or i want to take a look at the calendar settings i get the threat message from avast.
Thank you for your time.

Several of your system files are being reported as unsigned. As you have XP then we would have to many problems trying to run SFC

So we will try an external solution and see if Dr Web can fix them

Create an emergency repair USB drive:
Download Dr Web Live USB to your desktop

[]Connect a USB flash drive to the computer. Registering the plugging in event takes no more than 10 seconds.
[
]Launch drwebliveusb.exe.
[*]The program will detect available USB-devices automatically and prompt you to choose the one you?d like to use as an emergency repair drive. You can format the device if you like (a warning will be displayed before you proceed with formatting). In order to read the License agreement, follow a corresponding link found in the program window (the page containing the license agreement text will be loaded in your default browser).

https://dl.dropbox.com/u/73555776/liveusb_ru.jpg

[]To create a bootable USB flash drive, press the Create Dr.Web LiveUSB button.
[
]Files will be copied automatically.
[]Once the copying process is completed, press the Exit button to close the application.
[
]Reboot the infected computer with the USB in the drive
[]Ensure that the first boot device is USB - If you are not sure about that then see this page for instructions
[
]As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

https://dl.dropboxusercontent.com/u/73555776/Live%20boot%20screen.png

[*]Use arrow keys to select DrWeb-LiveCD (Default)

https://dl.dropboxusercontent.com/u/73555776/drwebselect.JPG

[*]Press select objects for scanning

https://dl.dropboxusercontent.com/u/73555776/drwebfolders.JPG

[*]When the system is loaded, check the disks or folders you want to scan, and click on Start.

[*]The programme will now scan for and cure/delete any malware that it finds. Allow it to do so

https://dl.dropboxusercontent.com/u/73555776/drwebscan.JPG

[*]When it has completed

https://dl.dropboxusercontent.com/u/73555776/drwebscancomplete.JPG

[]Select Open Report and copy to the USB
[
]Once completed reboot to normal windows, and attach the report here