Thread: Need help getting rid of VX2 Malware
View Single Post
Old 12-11-2006, 09:10 PM   #13 (permalink)
Chow
Registered User
 
Join Date: Nov 2006
Posts: 116
OS: WinXP


Monday, December 11, 2006 9:09:42 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 12/12/2006
Kaspersky Anti-Virus database records: 250064
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 81341
Number of viruses found 20
Number of infected objects 31 / 0
Number of suspicious objects 2
Duration of the scan process 01:29:45

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BackWeblite1.zip/BackWeb-8876480.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BackWeblite1.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\computer\.jpi_cache\file\1.0\stat.class-7553e213-1234a467.class Infected: Trojan.Java.Nocheat skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\a.jar-7bb6a5c5-4996488e.zip/a.class Infected: Trojan.Java.ClassLoader.b skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\a.jar-7bb6a5c5-4996488e.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\a.jar-7bb6a5c5-4996488e.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\a.jar-7bb6a5c5-4996488e.zip ZIP: infected - 3 skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\arch10213.jar-71d8e3fb-5c7203e0.zip/RunString.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\arch10213.jar-71d8e3fb-5c7203e0.zip/Parser.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\arch10213.jar-71d8e3fb-5c7203e0.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\arch10213.jar-71d8e3fb-5c7203e0.zip/Colors.class Infected: Trojan-Downloader.Java.OpenStream.b skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\arch10213.jar-71d8e3fb-5c7203e0.zip ZIP: infected - 4 skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-6f603a79-5bc8798f.zip/Beyond.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-6f603a79-5bc8798f.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.m skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-6f603a79-5bc8798f.zip/VerifierBug.class Infected: Trojan.Java.Needy.c skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-6f603a79-5bc8798f.zip ZIP: infected - 3 skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-c2b9e19-1c9000ab.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-c2b9e19-1c9000ab.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-c2b9e19-1c9000ab.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\count.jar-c2b9e19-1c9000ab.zip ZIP: infected - 3 skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\javainstaller.jar-2f2e21ea-2e9a0eb8.zip/javainstaller/InstallerApplet.class Infected: Trojan-Downloader.Java.OpenStream.w skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\javainstaller.jar-2f2e21ea-2e9a0eb8.zip ZIP: infected - 1 skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\plugin.jar-4f71e0bb-7c14ee04.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.Dummy.e skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\plugin.jar-4f71e0bb-7c14ee04.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\plugin.jar-4f71e0bb-7c14ee04.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.c skipped
C:\Documents and Settings\computer\.jpi_cache\jar\1.0\plugin.jar-4f71e0bb-7c14ee04.zip ZIP: infected - 3 skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\cert8.db Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\flashgot.log Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\history.dat Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\key3.db Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\parent.lock Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\search.sqlite Object is locked skipped
C:\Documents and Settings\computer\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\computer\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\ApplicationHistory\NotifyAlert.exe.83a8f8c0.ini.inuse Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Application Data\Mozilla\Firefox\Profiles\6dcwwvab.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\computer\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\History\History.IE5\MSHist012006121120061212\index.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Temp\Perflib_Perfdata_5b8.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Temp\Perflib_Perfdata_650.dat Object is locked skipped
C:\Documents and Settings\computer\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\computer\ntuser.dat Object is locked skipped
C:\Documents and Settings\computer\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\A0004620.exe Infected: not-a-virus:AdWare.Win32.BlazeFind.e skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\A0004621.exe Infected: not-a-virus:AdWare.Win32.BlazeFind.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\A0004622.exe Infected: not-a-virus:AdWare.Win32.EZula.ac skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\A0004623.dll Infected: not-a-virus:AdWare.Win32.Ipend skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\A0004624.dll Infected: not-a-virus:AdWare.Win32.Ipend skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP79\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{196BA621-C124-4F9A-BBD4-4D93B37C3E53}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{36A4C386-7B1F-496B-AA9E-D0C16B1FD122}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Cookies\INDEX.DAT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\msfdje.gif Infected: not-a-virus:AdWare.Win32.ClientMan skipped
C:\WINDOWS\SYSTEM32\msglji.gif Infected: not-a-virus:AdWare.Win32.SearchAssistant.d skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Chow is offline