PDA

View Full Version : Perflib_Perfdata_608.dat Infection



fernandosz
2007-08-01, 23:10
Hi, again...

I´ve got anither infection, Perflib_Perfdata_608.dat and Webshlock.txt

Below the Karsperky report.

Avast report doesn´t show that infection , but a corrupeted CAB file lgitcheckcontrol.dll

Thanks in advance.

Fernandosz

KASPERSKY ONLINE SCANNER REPORT
Wednesday, August 01, 2007 8:50:24 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 1/08/2007
Kaspersky Anti-Virus database records: 370297
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\

Scan Statistics:
Total number of scanned objects: 150230
Number of viruses found: 2
Number of infected objects: 5 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:52:13

Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_608.dat Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Fernando\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Fernando\Configurações locais\Histórico\History.IE5\MSHist012007080120070802\index.dat Object is locked skipped
C:\Documents and Settings\Fernando\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Fernando\Meus documentos\Cida\Antigos\Pessoais\CidaPessoal.zip/CidaPessoal/InternetAppl/babylon32.exe/SaveNowInst.exe/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bf skipped
C:\Documents and Settings\Fernando\Meus documentos\Cida\Antigos\Pessoais\CidaPessoal.zip/CidaPessoal/InternetAppl/babylon32.exe/SaveNowInst.exe/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
C:\Documents and Settings\Fernando\Meus documentos\Cida\Antigos\Pessoais\CidaPessoal.zip/CidaPessoal/InternetAppl/babylon32.exe/SaveNowInst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
C:\Documents and Settings\Fernando\Meus documentos\Cida\Antigos\Pessoais\CidaPessoal.zip/CidaPessoal/InternetAppl/babylon32.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
C:\Documents and Settings\Fernando\Meus documentos\Cida\Antigos\Pessoais\CidaPessoal.zip ZIP: infected - 4 skipped
C:\Documents and Settings\Fernando\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\index2.dat Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\contactgroup256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\profile256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\dyncontent\bundle.dat Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\voicemail256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\call256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\callmember256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\user1024.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\transfer512.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\chatmember256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\chatmsg256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\chat512.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\chatmsg512.dbb Object is locked skipped
C:\Documents and Settings\Fernando\Dados de aplicativos\Skype\fernandosz1\chat256.dbb Object is locked skipped
C:\Documents and Settings\Fernando\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Fernando\ntuser.dat Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\report\Proteção residente.txt Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Arquivos de programas\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Arquivos de programas\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\System Volume Information\_restore{C0892739-3DC7-405A-926D-245C708397A4}\RP696\change.log Object is locked skipped

Scan process completed.

tashi
2007-08-02, 02:21
Hello.

I moved this topic from the General Security Alerts forum, no logs. ;-)

"BEFORE you POST"(READ this Procedure before Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

fernandosz
2007-08-03, 00:56
OK

Thanks for your attention

Fernandosz

fernandosz
2007-08-03, 17:30
Dear Tashi

CA anti virus didn´t detected anithing...
I overeacted.
Thanks for your attention....

Fernandosz

tashi
2007-08-15, 19:26
Thank you for letting us know. :)

This topic has been moved to archives.

If you need the thread re-opened, please send me a private message (pm) and provide a link.

Applies only to the original poster, anyone else with similar problems please start your own topic.