Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: HJT log help, virus Win32/Seresp.F trojan help!

  1. 09-12-2007, 06:14 AM #11
    dizuster
    dizuster is offline Junior Member
    Join Date
    Sep 2007
    Posts
    6
    ok fresh kapersky "my computer" scan. . . .

    KASPERSKY ONLINE SCANNER REPORT
    Wednesday, September 12, 2007 7:12:20 AM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.1
    Kaspersky Anti-Virus database last update: 12/09/2007
    Kaspersky Anti-Virus database records: 412546


    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\
    F:\

    Scan Statistics
    Total number of scanned objects 73985
    Number of viruses found 10
    Number of infected objects 15
    Number of suspicious objects 0
    Duration of the scan process 01:06:55

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-09102007-235637.log Object is locked skipped

    C:\Documents and Settings\home\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\home\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

    C:\Documents and Settings\home\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

    C:\Documents and Settings\home\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

    C:\Documents and Settings\home\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped

    C:\Documents and Settings\home\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini .inuse Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{E61EB4FF-3178-4EF3-BEB9-35366688C295} Object is locked skipped

    C:\Documents and Settings\home\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped

    C:\Documents and Settings\home\Local Settings\History\History.IE5\MSHist012007091120070 912\index.dat Object is locked skipped

    C:\Documents and Settings\home\Local Settings\History\History.IE5\MSHist012007091220070 913\index.dat Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\bbassistant.log Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\hpodvd09.log Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\ICD5.tmp\setup.exe Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\ICD6.tmp\setup.exe Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\ICD7.tmp\setup.exe Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\ICD8.tmp\setup.exe Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\_hphtra07.log Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temp\~DF2AB4.tmp Object is locked skipped

    C:\Documents and Settings\home\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\home\ntuser.dat Object is locked skipped

    C:\Documents and Settings\home\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Temp\MpCmdRun-58-421CFC91-A93E-42AB-A35C-F06F127FCC44.lock Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Temp\MpCmdRun.log Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\Program Files\SBC Self Support Tool\log\mpbtn.log Object is locked skipped

    C:\Program Files\SBC Self Support Tool\SmartBridge\AlertFilter.log Object is locked skipped

    C:\Program Files\SBC Self Support Tool\SmartBridge\log\httpclient.log Object is locked skipped

    C:\Program Files\SBC Self Support Tool\SmartBridge\SBExtHost.log Object is locked skipped

    C:\Program Files\SBC Self Support Tool\SmartBridge\SmartBridge.log Object is locked skipped

    C:\Program Files\Words\Words.exe Infected: not-a-virus:AdWare.Win32.Agent.dn skipped

    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq127.tmp/WISE0009.BIN Infected: Trojan-Downloader.Win32.TSUpdate.n skipped

    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq127.tmp/WISE0010.BIN Infected: Trojan-Downloader.Win32.TSUpdate.p skipped

    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq127.tmp/WISE0011.BIN Infected: Trojan-Downloader.Win32.TSUpdate.l skipped

    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq127.tmp/WISE0012.BIN Infected: Trojan-Downloader.Win32.TSUpdate.f skipped

    C:\Program Files\Yahoo!\YPSR\Quarantine\ppq127.tmp WiseSFX: infected - 4 skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\WINDOWS\b122.exe Infected: not-a-virus:AdWare.Win32.Rond.c skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\EventCache\{D5DEB5 95-91B5-45C1-8678-AAB0156459C8}.bin Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\SYSTEM32\capcam\nab22011.exe/data0004 Infected: not-a-virus:AdWare.Win32.TTC.c skipped

    C:\WINDOWS\SYSTEM32\capcam\nab22011.exe NSIS: infected - 1 skipped

    C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped

    C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped

    C:\WINDOWS\SYSTEM32\cfig322\icm33o.exe Infected: Trojan-Downloader.Win32.Small.fky skipped

    C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped

    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped

    C:\WINDOWS\SYSTEM32\f02WtR\f02WtR1065.exe Infected: Trojan-Downloader.Win32.VB.bgd skipped

    C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MA P Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MA P Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DAT A Object is locked skipped

    C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped

    C:\WINDOWS\WIADEBUG.LOG Object is locked skipped

    C:\WINDOWS\WIASERVC.LOG Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.
    Reply With Quote Reply With Quote
  2. 09-12-2007, 08:56 AM #12
    jholland1964's Avatar
    jholland1964
    jholland1964 is offline Administrator
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    80
    Posts
    4,079
    Download ~TL's CleanUpXP+
    to the desktop.

    Reboot the Computer in SAFE MODE.

    In Safe Mode then go to C:\Program Files\Yahoo!\YPSR\Quarantine\
    and Empty the Contents of that Quarantine file.

    Still in Safe Mode;

    Double click CleanUpXP+ and allow it to do the standard scan.
    Once complete it is going to give you additional options;
    1 -- Remove a File
    2 -- Remove a Folder
    3 -- Skip this step (and exit the program)

    You are going to ask it to remove a file, so choose option #1

    This is the file you are going to remove so you need to put the full FILE name in there;

    C:\WINDOWS\b122.exe

    After you have completed removing that file then choose option #2
    Remove a Folder

    This are the Folders you are going to remove;

    C:\Program Files\Words\
    C:\WINDOWS\SYSTEM32\capcam\
    C:\WINDOWS\SYSTEM32\cfig322\
    C:\WINDOWS\SYSTEM32\f02WtR\

    Once you have completed the above, exit the program and reboot to normal mode.
    Run a new Kaspersky scan and post the new log here.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules