Options
Blaster Worm ???
hi guys.. i m getting this error since yesterday nite and i donno what has happened to the pc. i read somewhere it has to do with blaster worm to i dloaded the fix ..scnaned it on safe mode as well as normal..no worms were found..also i get RPCC error...please help me to cure this as it says the PC will shutdown in 1 minute.. if i click dont send or send button...plz help immediately guys..i have attached the hijack this log as well as the screen shot of the error
just nw scanned with panda antivirus..posting the log too..also scanning with ad-aware n ewido..lets see
was waiting for some response but i guess it takes time..anyways..i scanned using ewido n cleaned the following
ewido anti-spyware - Scan Report
+ Created at: 4:49:41 PM 8/9/2006
+ Scan result:
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000403.asw -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000406.asw -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\DaemonTools_WhenUSaveNow_Installer\DaemonTools_WhenUSaveNow_Installer.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000403.asw/Plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000406.asw/Plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Program Files\Mozilla Firefox\plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\kqae.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\rqqkxkor.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
::Report end
just nw scanned with panda antivirus..posting the log too..also scanning with ad-aware n ewido..lets see
was waiting for some response but i guess it takes time..anyways..i scanned using ewido n cleaned the following
ewido anti-spyware - Scan Report
+ Created at: 4:49:41 PM 8/9/2006
+ Scan result:
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000403.asw -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000406.asw -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\BearShare\BearShareZangoInstaller.exe/clientax.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\DaemonTools_WhenUSaveNow_Installer\DaemonTools_WhenUSaveNow_Installer.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000403.asw/Plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Program Files\Agnitum\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000406.asw/Plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Program Files\Mozilla Firefox\plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\kqae.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
C:\rqqkxkor.exe -> Trojan.ProcKill.DJ : Cleaned with backup (quarantined).
::Report end
0
Comments
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winzwr32 - winzwr32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Oracle OLAP 9.0.1.0.1 (OLAPServer) - Unknown owner - H:\oracle\ora90\bin\xsolap.exe (file missing)
O23 - Service: Oracle OLAP Agent - Unknown owner - H:\oracle\ora90\bin\xsaagent.exe (file missing)
O23 - Service: OracleOraHome90HTTPServer - Unknown owner - H:\oracle\ora90\Apache\Apache\apache.exe" --ntservice (file missing)
O23 - Service: OracleOraHome92PagingServer - Unknown owner - c:\oracle\ora92/bin/pagntsrv.exe (file missing)
O23 - Service: OracleOraHome92SNMPPeerEncapsulator - Unknown owner - c:\oracle\ora92\BIN\ENCSVC.EXE (file missing)
O23 - Service: OracleOraHome92SNMPPeerMasterAgent - Unknown owner - c:\oracle\ora92\BIN\AGNTSVC.EXE (file missing)
O23 - Service: OracleOraHome92TNSListener - Unknown owner - c:\oracle\ora92\BIN\TNSLSNR.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
Fix these post a new hjt log