|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
10-23-2007, 09:43 AM
|
#21 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
"File/Folder C:\WINDOWS\system32\ftypxfoc.dll not found.
Created on 10/23/2007 09:42:33" I'm getting this on every one in the above when I copy and paste. |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
10-23-2007, 10:03 AM
|
#22 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
Using that one you just listed, navigate that path and see if that file is really there. Check for a few others in that list as well, and let me know if you see them.
__________________
 Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
10-25-2007, 05:01 PM
|
#24 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
I don't quite understand what you are trying to tell me. Are you saying those files are not there? Or that you're not sure how to look for them in the system32 folder?
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
10-25-2007, 05:58 PM
|
#25 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
They are not there.
I can find "File/Folder C:\WINDOWS\system32\" When I'm in the "system32" the "ftypxfoc.dll" part of it can not be found. I'm in the system32 file right now and I see: "File/Folder C:\WINDOWS\system32\fi-Fl" I click on it and it opens to: "cdosysdll.mui" I've tried tons of them like this: File/Folder C:\WINDOWS\system32\el-GR File/Folder C:\WINDOWS\system32\en File/Folder C:\WINDOWS\system32\en-US File/Folder C:\WINDOWS\system32\es-ES and in each of those folders are the same dead end: cdosysdll.mui |
|
|
|
|
10-25-2007, 08:25 PM
|
#26 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
The files I want you to look for, are files and will not be in any other folder but the system32 folder.
In the system32 folder, the sub folders within it and any files, will be listed alphabetically--folders first. Scroll past the folders, and you'll begin seeing files. Now start looking for ftypxfoc.dll, or any of the others in the list.
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
10-25-2007, 08:47 PM
|
#27 (permalink) | |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
Back in Post 19 you said this...
Quote:
2. Post the C:\vundofix.txt here please
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
|
10-29-2007, 08:26 PM
|
#28 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
"Scroll past the folders, and you'll begin seeing files. Now start looking for ftypxfoc.dll, or any of the others in the list."
I saw the other list you were talking about. ftypxfoc.dll are not there nor the others listed. "Which scan found no files? Kaspersky or VundoFix?" It was Vundo that didn't find anything. |
|
|
|
|
10-29-2007, 10:20 PM
|
#29 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
Please run another online scan at Kaspersky and post the results in your next reply.
Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400 Answer Yes, when prompted to install an ActiveX component.
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
10-30-2007, 09:18 PM
|
#30 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
Monday, February 20, 2006 8:35:26 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version: 5.0.78.0 Kaspersky Anti-Virus database last update: 21/02/2006 Kaspersky Anti-Virus database records: 177806 Scan Settings Scan using the following antivirus database extended Scan Archives true Scan Mail Bases true Scan Target My Computer A:\ C:\ D:\ E:\ F:\ G:\ Scan Statistics Total number of scanned objects 32790 Number of viruses found 4 Number of infected objects 188 Number of suspicious objects 0 Duration of the scan process 01:20:12 Infected Object Name Virus Name Last Action C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll Infected: not-a-virus:AdWare.Win32.Comet.c skipped C:\System Volume Information\_restore{DCEE36EA-BE5D-49E9-8C5B-C07CFC494E23}\RP479\A0032583.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.t skipped C:\WINDOWS\system32\abessqpr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\abjcapqw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\acyaqoye.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\adcxdlnd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\afaifmqc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ajsixety.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\arylrsuw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\awtuv.dll Infected: Trojan-Downloader.Win32.ConHook.n skipped C:\WINDOWS\system32\bbnkxebv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bcbjdmxi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bdlsxheg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bgsyvxdt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bhfuvcrg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bmxitjyc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bniijqfm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\brqpedcq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bsfinkam.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\bxehgdul.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\byxlgdaq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\cgtlpfno.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\cnhmvxli.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\crnuyhks.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\cscmxwjv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\daavhxdi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dcgoiatt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ddnuiynb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dimtrryg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\djqksfnc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dndcqaiu.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dnwpohsh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dpictrjg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dtbpbudc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dvbcehcm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\dvvikeae.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ecvwkyua.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ejbollyw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\elwyiwtk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\emibyxet.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\eqdmkwwv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\eqlvhfrr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\eqxrdbyg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\evlgloqk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fcpbybko.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fcsbfwfv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fgcafkrg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\flaierrw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fmrfovgq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fpngaglc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\fqwefdeh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\frdevyir.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ftypxfoc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\gdfinidb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ggthpfkd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\gmsixusx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\gnucvvvi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\gosqioxg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\gsvuqfiy.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hbgteodd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hbsiykuj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hldgcdcp.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hubacpxh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hydyiisx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\hyiqfhnp.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\igkaojxk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\iijjeeeb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\innsldor.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\itmvbreq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\iyncnubj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\jedwwrem.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\jenhqeht.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\jqphdrht.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\jxushrji.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kgrvuybr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\khwcgoro.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\khwhocec.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kjhwopsa.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kjnqansi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kkwljvgp.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kpaqnikt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kpjtlmep.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kpycdrxs.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kthqqdfv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\kwevrert.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ldhawisa.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ljagmujd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\lnwonpnt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\lufhxoyb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\lxekaruj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\lysrgmjf.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\megerlbv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\meiphwil.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\mmsawypk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\naslsryn.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ngidkfws.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\nuyrmskr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\nvrfuwtj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\nxgvtyfq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\nxlfekkt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ofexatun.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ojandxyh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\okopxenb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\okowcljg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\oosawubd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\oquyncwy.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\oulxxwwe.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\owuejdut.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\oxawpfbv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\pbifysdr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\pbrgmgrb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\pelbxfnm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\phuqhmws.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\pkoosrcb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qaxebsoi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qbindweo.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qfhdpoyo.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qnhwwvjt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qondxmvx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qqgarkrm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qratkgul.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qsenelfk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qsshstlm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qvxlixve.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\qxoonauy.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\rgirmltx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\rgmfgxqd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\rwfmqnhd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\rxneitpj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\sgcwjovt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\slfsbphd.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\snjqsbfq.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\spmqegwn.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tbmmctgw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tccwxwrx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tedwmxet.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tefbceky.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tgfxuigr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\thilbgtv.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\thqwniyh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\thtxhfng.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tkmuxnaj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tpvsnlnc.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\trwsexdn.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tsuwiias.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tuvutsmk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\tvmljuxw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ucahvxdm.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ucunaady.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ufygjlrh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\uilsgtst.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ulfpcqqt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\uluifoyh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\uocngpih.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\uqvcfkon.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\uxmkvbrs.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vlfubrnf.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vqaqwsfg.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vsjemjyr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vtrjymvk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vvgdijdh.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\vwankmsf.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wblvjrii.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wbwhljfr.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wllxpynj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wloqgkwp.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wlwinbbi.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wncjugqu.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wpfjcmsb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wqdwdeyt.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wrjehopa.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wufwuwwf.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wvokposx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\wyxigdap.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xbvdsvmn.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xggderqs.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xgyttjcx.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xkdlrlaa.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xkhsxqfw.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xqoeutix.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xqyfssts.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xsqywkmb.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\xwboionf.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\yawjlrlk.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ygomkrtl.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\yhvfvviy.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\yuwupypo.dll Infected: Trojan-Spy.Win32.Agent.kg skipped C:\WINDOWS\system32\ywexbupj.dll Infected: Trojan-Spy.Win32.Agent.kg skipped Scan process completed. |
|
|
|
|
10-30-2007, 09:55 PM
|
#31 (permalink) | |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
Take a look at the date this scan was run:
Quote:
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
|
11-01-2007, 04:19 PM
|
#32 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
I found out that protection mode was on and it wouldn't let me save to my desktop, only to a temporary file folder which took me awhile to find in the labyrinth of my computer's brain. I turned it off and now the report saved correctly.
KASPERSKY ONLINE SCANNER REPORT Thursday, November 01, 2007 4:15:54 PM Operating System: Microsoft Windows Vista Home Edition, (Build 6000) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 1/11/2007 Kaspersky Anti-Virus database records: 449545 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ H:\ I:\ J:\ K:\ Scan Statistics: Total number of scanned objects: 111898 Number of viruses found: 3 Number of infected objects: 11 Number of suspicious objects: 0 Duration of the scan process: 03  49Infected Object Name / Virus Name / Last Action C:\$RECYCLE.BIN\S-1-5-21-3972207096-330077631-3347480482-1001\$RP9PK3J\icmntr.exe Infected: Trojan-Downloader.Win32.Zlob.dkw skipped C:\a58f1e0e86ca64b29a2e4f11dfe8\msxml4-KB927978-enu.log Object is locked skipped C:\Boot\BCD Object is locked skipped C:\Boot\BCD.LOG Object is locked skipped C:\Deckard\System Scanner\20071020234744\backup\Users\Tiffanie\AppData\Local\Temp\laf1.exe Infected: Trojan-Downloader.Win32.Small.gay skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\bf-500.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\conf-100.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\conf-900.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\gather-now.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\ie7conflict.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\notes.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\partner-700.dat Object is locked skipped C:\Program Files\BigFix\__Data\BigFix\__Local\Tmp\subscrip-2000.dat Object is locked skipped C:\Program Files\BigFix\__Data\__Global\Logs\20071031.log Object is locked skipped C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.ilg Object is locked skipped C:\Program Files\InstallShield Installation Information\{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}\Setup.ilg Object is locked skipped C:\ProgramData\McAfee\MNA\NAData Object is locked skipped C:\ProgramData\McAfee\MPF\data\log.edb Object is locked skipped C:\ProgramData\McAfee\MSC\Logs\Events.dat Object is locked skipped C:\ProgramData\McAfee\MSC\Logs\{5282BB57-0385-44F7-BA1E-D6113B680FB9}.log Object is locked skipped C:\ProgramData\McAfee\MSC\Logs\{B30CEF91-9FFE-4823-990B-27F0DD1FCF5F}.log Object is locked skipped C:\ProgramData\McAfee\MSC\McUsers.dat Object is locked skipped C:\ProgramData\McAfee\MSK\MSKWMDB.dat Object is locked skipped C:\ProgramData\McAfee\MSK\RBLDB.dat Object is locked skipped C:\ProgramData\McAfee\MSK\settingsdb.dat Object is locked skipped C:\ProgramData\McAfee\VirusScan\Data\TFRE629.tmp Object is locked skipped C:\ProgramData\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped C:\ProgramData\Microsoft\User Account Pictures\David.dat Object is locked skipped C:\Users\David\AppData\Local\Ahead\Nero Home\bl.db Object is locked skipped C:\Users\David\AppData\Local\Ahead\Nero Home\is2.db Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff7f5-cf6f-11db-ab64-0019d11f8e3b}.TM.blf Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff7f5-cf6f-11db-ab64-0019d11f8e3b}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\David\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff7f5-cf6f-11db-ab64-0019d11f8e3b}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\David\AppData\Local\MigWiz\diagerr.xml Object is locked skipped C:\Users\David\AppData\Local\MigWiz\diagwrn.xml Object is locked skipped C:\Users\David\AppData\Local\MigWiz\setupact.log Object is locked skipped C:\Users\David\AppData\Local\MigWiz\setuperr.log Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm00.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm01.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm02.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm03.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm04.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\mwsqm05.sqm Object is locked skipped C:\Users\David\AppData\Local\Temp\sqlite_BXdbf8QyuQPW6Ve Object is locked skipped C:\Users\David\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\David\NTUSER.DAT Object is locked skipped C:\Users\David\ntuser.dat.LOG1 Object is locked skipped C:\Users\David\ntuser.dat.LOG2 Object is locked skipped C:\Users\David\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped C:\Users\David\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\David\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\Public\StarzEntertainment\Vongo\Data\vongo.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Ahead\Nero Home\bl.db Object is locked skipped C:\Users\Tiffanie\AppData\Local\Ahead\Nero Home\is2.db Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbc2e.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbdam Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbdao Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbeam Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbeao Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbm Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbu2d.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbvm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\dbvmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\fii.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\fiih.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\hp Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\hpt2i.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\rpm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\rpm1m.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\rpm1mh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\rpmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-black-enchashm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-black-enchashmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-black-urlm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-black-urlmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-malware-domainm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-malware-domainmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-white-domainm.cf1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Google\Google Desktop\19b34b26e4e5\safeweb\goog-white-domainmh.ht1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\History\Low\History.IE5\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\History\Low\History.IE5\MSHist012007103120071101\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9ROE178\download[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9ROE178\download[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9ROE178\download[1].exe NSIS: infected - 2 skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RZWOLXJV\download[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RZWOLXJV\download[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RZWOLXJV\download[1].exe NSIS: infected - 2 skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB2WROW2\download[1].exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB2WROW2\download[1].exe/stream Infected: Trojan-Downloader.Win32.Zlob.dkb skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB2WROW2\download[1].exe NSIS: infected - 2 skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GVV8GE9R\lancebassbritney10311[1].dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Tiffanie\AppData\Local\Microsoft\Windows Media\11.0\WMSDKNSD.XML Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff80c-cf6f-11db-ab64-0019d11f8e3b}.TM.blf Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff80c-cf6f-11db-ab64-0019d11f8e3b}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\Tiffanie\AppData\Local\Microsoft\Windows\UsrClass.dat{793ff80c-cf6f-11db-ab64-0019d11f8e3b}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\Tiffanie\AppData\Local\Temp\Low\~DF5041.tmp Object is locked skipped C:\Users\Tiffanie\AppData\Local\Temp\~DF3FE0.tmp Object is locked skipped C:\Users\Tiffanie\AppData\Local\Temp\~DFC92.tmp Object is locked skipped C:\Users\Tiffanie\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\Tiffanie\AppData\Roaming\Microsoft\Windows\Cookies\Low\index.dat Object is locked skipped C:\Users\Tiffanie\NTUSER.DAT Object is locked skipped C:\Users\Tiffanie\ntuser.dat.LOG1 Object is locked skipped C:\Users\Tiffanie\ntuser.dat.LOG2 Object is locked skipped C:\Users\Tiffanie\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf Object is locked skipped C:\Users\Tiffanie\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\Tiffanie\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped C:\Windows\Logs\CBS\CBS.log Object is locked skipped C:\Windows\Logs\CBS\CBS.persist.log Object is locked skipped C:\Windows\Logs\DPX\setupact.log Object is locked skipped C:\Windows\Logs\DPX\setuperr.log Object is locked skipped C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config Object is locked skipped C:\Windows\Panther\UnattendGC\diagerr.xml Object is locked skipped C:\Windows\Panther\UnattendGC\diagwrn.xml Object is locked skipped C:\Windows\Panther\UnattendGC\setupact.log Object is locked skipped C:\Windows\Panther\UnattendGC\setuperr.log Object is locked skipped C:\Windows\security\database\secedit.sdb Object is locked skipped C:\Windows\SoftwareDistribution\EventCache\{B4AA4220-792B-49C4-AA04-012F45111D13}.bin Object is locked skipped C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\COMPONENTS Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\DEFAULT Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\SAM Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\SECURITY Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\SOFTWARE Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\SYSTEM Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\restore\MachineGuid.txt Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\sysprep\Panther\diagerr.xml Object is locked skipped C:\Windows\System32\sysprep\Panther\diagwrn.xml Object is locked skipped C:\Windows\System32\sysprep\Panther\setupact.log Object is locked skipped C:\Windows\System32\sysprep\Panther\setuperr.log Object is locked skipped C:\Windows\System32\wbem\AutoRecover\E478A5DB75C9721E744C05D78DBACFD3.mof Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Networking%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnostics-Performance%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DiskDiagnosticDataCollector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-GroupPolicy%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Help%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Kernel-WHEA.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-MUI%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ParentalControls%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Program-Compatibility-Assistant%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReadyBoost%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\ODiag.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\OSession.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Tasks\RegCure.job Object is locked skipped C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped C:\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16386_none_cef7ceb03914a67f\dnary.xsd Object is locked skipped Scan process completed. Last edited by RaiseH; 11-01-2007 at 04:23 PM. Reason: Ah ha moment |
|
|
|
|
11-02-2007, 08:13 PM
|
#33 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 28,174
OS: WinXP Home, Vista, Windows 7 64bit
|
Re: PSW x-Vir trojan
Thanks--now it's making more sense.
 1. Empty your Recycle Bin. 2. You need to clear out your Temp Internet Files:
Your logs are now clean. If there aren't any more problems, please continue with these final instructions. Create a new System Restore point Click Start >> Run - type SYSDM.CPL & press Enter * Select the System Restore Tab * Tick on the checkbox - "Turn off System Restore on all drives" Click Apply * Then untick the same checkbox & click OK This will flush out previous restore points (which contain the infections) and create a new restore point. To help protect your computer in the future I recommend that you get the following free program if you do not already have it: McAfee Site Advisor--free version. The folks there check out websites and based on their findings, rate it as Safe, Unknown, Caution, or Bad. In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles: PC Safety and Security--What Do I Need? HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein MAKING INTERNET EXPLORER SAFER Understanding and Using Firewalls **Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them. ----------------------------------------------------- **Kindly respond one more time so we may mark this as resolved.
__________________
Microsoft MVP - 2010 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
|
|
|
|
|
11-02-2007, 09:14 PM
|
#34 (permalink) |
|
Registered User
Join Date: Feb 2006
Posts: 25
OS: WinXP Vista
|
Re: PSW x-Vir trojan
OH MY GOSH IT WORKED! THANK YOU THANK YOU THANK YOU!!!
I can't pay rent or my bills this month but I am SOOO donating what little I have to this web site. I can't thank you enough and like I said before, computer nerds rock! 
|
|
|
|
| Thread Tools | |
|
|
