re: Cant get rid of cutwail!!!!
Tuesday, March 31, 2009 at 11:47 pm
Windows XP Annoyances Discussion Forum
Posted by Anshul
(1 messages posted)
Hi guys,
I did a scan using malwarebytes anti malware and it did scan out a lot of infected
files. once i restarted the laptop and connected to the internet the cutwail warning
again showed up on avast. i did a scan again and again trojan was detected. Also,
when i open task manager, there are around 500 processes going on by the name user.exe
and everytime i shut down the laptop a user.exe error comes up which says the application
failed to intialize as the windows/system is shutting down.
Here is the log of the 1st scan i did...HELP!!!!
Malwarebytes' Anti-Malware 1.35
Database version: 1923
Windows 5.1.2600 Service Pack 2
4/1/2009 11:35:16 AM
mbam-log-2009-04-01 (11-35-16).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 107962
Time elapsed: 11 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 27
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\acpi32 (Rootkit.Spamtool) ->
Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter)
-> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter)
-> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter)
-> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined
and deleted successfully.
Files Infected:
C:\System Volume Information\_restore{44690B9D-DD72-4E58-888A-D2C262C3E6DA}\RP95\A0088837.rbf
(Rogue.SpyCleaner) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent)
-> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job (Rogue.Antispyware) -> Quarantined
and deleted successfully.
C:\setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN5.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN6.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN7.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN8.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN9.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN11.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN12.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN13.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN2A.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN2D.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN2B.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN14.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN16.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN17.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN18.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN15.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN10.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN19.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN1A.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN1B.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN1C.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN1D.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\BN1E.tmp (Trojan.Agent) -> Quarantined
and deleted successfully.
What do i do now. I am using a dell inspiron 1420 laptop with windows xp.
|
All messages in this thread [show all]
 | |  | re: Cant get rid of cutwail!!!! (Anshul: Tue, Mar 31, 2009, 11:47 pm) |
| |
| |
| |
Return to the Windows XP Discussion Forum
|
|
