PDA

View Full Version : my computer is infected here is Kaspersky Online Scanner-thanks



noam12
2008-02-14, 12:45
thank you for your help
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, February 14, 2008 12:32:04 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 13/02/2008
Kaspersky Anti-Virus database records: 563715
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 121625
Number of viruses found: 8
Number of infected objects: 70
Number of suspicious objects: 0
Duration of the scan process: 13:32:10

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Elana\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Elana\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Elana\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Elana\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Elana\Local Settings\History\History.IE5\MSHist012008021320080214\index.dat Object is locked skipped
C:\Documents and Settings\Elana\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Elana\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Elana\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe Infected: Trojan-Downloader.Win32.Bagle.jp skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP212\A0049034.exe Infected: Trojan-Dropper.Win32.Agent.ecc skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP236\A0056378.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP236\A0056379.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP236\A0056380.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP236\A0056599.exe Infected: Trojan-Downloader.Win32.Bagle.jp skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP236\A0056601.exe Infected: Trojan-Downloader.Win32.Bagle.jp skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056895.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056896.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056898.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056899.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056982.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056985.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP238\A0056986.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057035.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057037.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057038.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057039.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057040.exe Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057043.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057085.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP239\A0057179.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057195.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057224.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057226.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057227.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057228.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057229.exe Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057264.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057339.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057351.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057353.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057354.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057391.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057442.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057538.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057562.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057580.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057592.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP240\A0057704.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP241\A0058708.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP241\A0058758.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058762.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058836.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058838.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058839.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058840.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058847.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058848.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058849.exe Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058880.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP242\A0058954.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP243\A0058964.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP243\A0059057.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP243\A0060057.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP244\A0060143.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP244\A0060161.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP244\A0060174.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP244\A0060223.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP245\A0060236.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP245\A0061236.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP245\A0062236.sys Infected: Trojan-Downloader.Win32.Bagle.iw skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP269\A0064879.exe Infected: Trojan-Downloader.Win32.Bagle.jp skipped
C:\System Volume Information\_restore{FAB297DF-8060-4A7D-88DA-ECEC1CBB76C4}\RP271\change.log Object is locked skipped
C:\TLN.eMule.Booster.v7.3-v0.48a.Setup.Binary\Temp\001.part/My DVD Maker 5.8.exe Infected: Trojan-Downloader.Win32.Bagle.hk skipped
C:\TLN.eMule.Booster.v7.3-v0.48a.Setup.Binary\Temp\001.part ZIP: infected - 1 skipped
C:\TLN.eMule.Booster.v7.3-v0.48a.Setup.Binary\Temp\021.part/My DVD Maker 5.8.exe Infected: Trojan-Downloader.Win32.Bagle.jp skipped
C:\TLN.eMule.Booster.v7.3-v0.48a.Setup.Binary\Temp\021.part ZIP: infected - 1 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{6224A8FB-9AFD-42CF-9531-A700ED2F98FF}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\system32\MsDtc\MSDTC.LOG Object is locked skipped
C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
E:\Documents and Settings\Moshe\Start Menu\Programs\Startup\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.e skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\DVD SOFT\2007\Apollo_No1_DVD_Ripper_v6.05_WinAll_Incl_KeyGen-NeoX\install.exe Infected: not-virus:Hoax.Win32.Agent.p skipped

steamwiz
2008-02-22, 18:15
Hi

Looks like you've been downloading illegal/cracked programs & paid the price ...

Follow the instructions here to post a hijackthis log :-

http://forums.spybot.info/showthread.php?t=288

steam