Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Helpppp Please


  • Please log in to reply
1 reply to this topic

#1 KoBoVy

KoBoVy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:37 PM

Posted 12 April 2008 - 03:41 AM

I SCANNED MY PC WITH AVIRA ANTIVIRUS AND THIS IS MY REPORT.....WHAT SHOULD I DO?



AntiVir PersonalEdition Classic
Report file date: Saturday, April 12, 2008 10:23

Scanning for 1193831 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: STUDENT-S50NQ5U

Version information:
BUILD.DAT : 270 15603 Bytes 9/19/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 10/9/2007 21:21:17
AVSCAN.DLL : 7.0.6.0 49192 Bytes 10/9/2007 21:21:17
LUKE.DLL : 7.0.5.3 147496 Bytes 10/9/2007 21:21:18
LUKERES.DLL : 7.0.6.1 10280 Bytes 10/9/2007 21:21:18
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 7/18/2007 21:21:20
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 3/7/2008 11:06:11
ANTIVIR2.VDF : 7.0.3.127 649216 Bytes 4/7/2008 18:44:19
ANTIVIR3.VDF : 7.0.3.152 137216 Bytes 4/11/2008 09:02:56
AVEWIN32.DLL : 7.6.0.84 3461632 Bytes 4/11/2008 09:02:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2/26/2007 08:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 10/9/2007 21:21:17
AVREP.DLL : 7.0.0.1 155688 Bytes 4/16/2007 11:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 1/15/2008 20:17:55
AVREG.DLL : 7.0.1.6 30760 Bytes 10/9/2007 21:21:17
AVARKT.DLL : 1.0.0.20 278568 Bytes 10/9/2007 21:21:16
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 10/9/2007 21:21:17
NETNT.DLL : 7.0.0.0 7720 Bytes 3/8/2007 09:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 10/9/2007 21:21:09
RCTEXT.DLL : 7.0.62.0 86056 Bytes 10/9/2007 21:21:09
SQLITE3.DLL : 3.3.17.1 339968 Bytes 10/9/2007 21:21:18

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: e:\program files\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: Saturday, April 12, 2008 10:23

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'save2pc.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtection.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ACU.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'sp_rsser.exe' - '1' Module(s) have been scanned
Scan process 'mdm.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'acs.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!

Starting to scan the registry.
E:\WINDOWS\system32\vtUNfGYO.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] The file could not be deleted!
E:\WINDOWS\system32\vtUNfGYO.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen

The registry was scanned ( '24' files ).


Starting the file scan:

Begin scan in 'C:\' <Ovidiu>
Begin scan in 'E:\' <windows xp>
E:\hiberfil.sys
[WARNING] The file could not be opened!
E:\pagefile.sys
[WARNING] The file could not be opened!
E:\WINDOWS\system32\mlJYrrSL.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
E:\WINDOWS\system32\vtUNfGYO.dll
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
E:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!


End of the scan: Saturday, April 12, 2008 11:29
Used time: 1:05:56 min

The scan has been done completely.

7254 Scanning directories
245503 Files were scanned
3 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
245500 Files not concerned
1371 Archives were scanned
6 Warnings
1 Notes

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:37 PM

Posted 12 April 2008 - 10:45 PM

Hello KoBoVy, welcome to BC.
Let's start with this application. Follow the instructions and post back with the report. SmitFraudFix by S!Ri
The report can be found at the root of the system drive, usually at C:\rapport.txt .

Next follow the instuctions from this BC self help tutorial, How to Remove WinFixer / Virtumonde
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users