PDA

View Full Version : help please infected pc


djremedy2k3
2008-05-30, 15:10
i wanted to post a different thread because i felt like noone was going to help can someone please help me my computer is crashing i have to dj with this computer please help me heres my logs



-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, May 30, 2008 1:20:28 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 30/05/2008
Kaspersky Anti-Virus database records: 813686
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 54346
Number of viruses found: 11
Number of infected objects: 42
Number of suspicious objects: 0
Duration of the scan process: 01:52:13

Infected Object Name / Virus Name / Last Action
C:\blac squiters.mpg Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Documents and Settings\Administrator\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrator\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\F-Secure\logs\FSMA\fsma.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\user\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\user\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temp\tmp674.tmp Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temp\tmp677.tmp Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\user\lsass.0xe Infected: Trojan-Spy.Win32.VB.agh skipped
C:\Documents and Settings\user\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\user\ntuser.dat.LOG Object is locked skipped
C:\hotstylesftyoung jock.mp3 Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\lori alexia.mpg Infected: Trojan-Downloader.WMA.Wimad.n skipped
C:\Program Files\EMBARQ Online Security\Anti-Virus\dbupdate.log Object is locked skipped
C:\Program Files\EMBARQ Online Security\Anti-Virus\deleteme_msg.log Object is locked skipped
C:\Program Files\EMBARQ Online Security\Anti-Virus\fsqh.exe.Qrt.log Object is locked skipped
C:\Program Files\EMBARQ Online Security\Anti-Virus\perf.dat Object is locked skipped
C:\Program Files\EMBARQ Online Security\Anti-Virus\power.dat Object is locked skipped
C:\Program Files\EMBARQ Online Security\Common\policy.bpf Object is locked skipped
C:\Program Files\EMBARQ Online Security\Common\policy.ipf Object is locked skipped
C:\Program Files\EMBARQ Online Security\FSAUA\program\fsaua.dbg Object is locked skipped
C:\Program Files\EMBARQ Online Security\FSAUA\program\fsaua.log Object is locked skipped
C:\Program Files\EMBARQ Online Security\Spam Control\log\fs_sa_log.txt Object is locked skipped
C:\Program Files\Virtual Assistant\log\mpbtn.log Object is locked skipped
C:\Program Files\Virtual Assistant\SmartBridge\AlertFilter.log Object is locked skipped
C:\Program Files\Virtual Assistant\SmartBridge\log\httpclient.log Object is locked skipped
C:\Program Files\Virtual Assistant\SmartBridge\SmartBridge.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\Fonts\a.zip.vir/Setup.exe Infected: Trojan-Downloader.Win32.VB.dck skipped
C:\QooBox\Quarantine\C\WINDOWS\Fonts\a.zip.vir ZIP: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\Fonts\Setup.exe.vir Infected: Trojan-Downloader.Win32.VB.dck skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\12033\cvserchka.0xe.vir Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cNF\srkcont3.0xe.vir/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cNF\srkcont3.0xe.vir/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cNF\srkcont3.0xe.vir/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cNF\srkcont3.0xe.vir/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\cNF\srkcont3.0xe.vir NSIS: infected - 4 skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\din3\is-setup03x.0xe.vir Infected: Trojan.Win32.Agent.lom skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\opnmKDVp.dll.vir Infected: Trojan.Win32.Monder.gen skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\urqOIxWp.dll.vir Infected: Trojan.Win32.Monder.gen skipped
C:\SDFix\backups\backups.zip/backups/bkEur182328.0xe Infected: Trojan-Downloader.Win32.VB.edw skipped
C:\SDFix\backups\backups.zip ZIP: infected - 1 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP21\A0009023.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0013/stream/data0003 Infected: not-a-virus:AdWare.Win32.TrafficSol.ah skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0013/stream Infected: not-a-virus:AdWare.Win32.TrafficSol.ah skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0013 Infected: not-a-virus:AdWare.Win32.TrafficSol.ah skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0014/stream/data0005 Infected: not-a-virus:Downloader.Win32.AdLoad.b skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0014/stream Infected: not-a-virus:Downloader.Win32.AdLoad.b skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe/data0014 Infected: not-a-virus:Downloader.Win32.AdLoad.b skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP23\A0009033.exe NSIS: infected - 6 skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP28\A0010364.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP41\A0031078.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP41\A0031079.exe Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP44\A0031201.exe/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP44\A0031201.exe/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP44\A0031201.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP44\A0032103.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP44\A0032116.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP45\A0032148.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP46\A0032158.exe Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP46\A0032161.exe Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP46\A0032162.exe Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP46\A0032163.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP47\A0032184.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP50\A0033228.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP52\A0037680.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP52\A0037681.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP52\A0037682.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP53\A0038273.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP54\A0038301.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP56\A0038360.exe Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP56\A0038362.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP56\A0038363.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP57\A0038425.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP57\A0038482.dll Object is locked skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038715.0xe Infected: Trojan.Win32.Agent.lom skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038716.exe/stream/data0007/stream/Script Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038716.exe/stream/data0007/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038716.exe/stream/data0007 Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038716.exe/stream Infected: Trojan.NSIS.StartPage.c skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038716.exe NSIS: infected - 4 skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038717.0xe Infected: Trojan-Downloader.Win32.VB.edw skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038718.0xe Infected: Trojan-Downloader.Win32.Small.buy skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038720.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.Agent.blv skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038720.exe/stream Infected: not-a-virus:AdWare.Win32.Agent.blv skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP59\A0038720.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP60\A0046916.0xe Infected: Trojan-Spy.Win32.VB.agh skipped
C:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP92\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\Start.0xe Infected: Trojan-Spy.Win32.VB.agh skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\_restore{D692D560-5D49-49F2-A6B6-19464D5FF0CC}\RP60\A0046924.0xe Infected: Trojan-Spy.Win32.VB.agh skipped

Scan process completed.
tashi
2008-05-30, 16:05
Hello,

i wanted to post a different thread because i felt like noone was going to help can someone please help me my computer is crashing i have to dj with this computer please help me heres my logs

Topic started last night:
http://forums.spybot.info/showthread.php?t=28788

It is best not to start new topics, everyone who requests assistance has a problem with their computer.

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)


Please do not start more than one topic for the same computer, during the same period. It will either be removed, or merged with your original thread.At all sites there are more victims of malware than volunteers, hopefully a helper will be available to assist you soon.

The Waiting Room: Post here if waiting for help longer than four days (http://forums.spybot.info/forumdisplay.php?f=37)

Regards. :)