Virus Infection W32/Sinowal-based Maximus. Please help remove.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bevjthomas1

Thread Starter
Joined
Oct 8, 2008
Messages
2
I did a scan with FProt Antivirus and it was not able to open alot of the files to scan them. The one thing that was found is W32/Sinowal-based Maximus. I did an online search to help remove it and came across this website. There was already someone who had the same thing but it was recommended to seek guidance. I do not have the full version of FProt Antivirus. It is the trial version. I also downloaded ClamWin Free Antivirus and did a scan. It found another virus or Trojan. I would like to be able to remove them from my computer. I know that there are probably many other problems with this computer and any guidance I can get will be appreciated. I was thinking I wanted to just start all over reinstall everything to the factory settings. If I were to do that would it get rid of all the problems on the computer including any Trojans or Virus'. Thank you.

Below is what FProt Antivirus found:

-----------------------------SCAN REPORT-----------------------------
F-PROT Antivirus for Windows
Antivirus Scanning Engine version number: 4.4.4
Virus signature file from: 4/28/2008, 4:17 PM
Scan name: [My Computer]
Path to scan: [My Computer]
Normal scan
Also scan: Inside subfolders, Compressed files, Streams
Scan started: 10/8/2008, 7:26:28 AM
---------------------------------------------------------------------
[Unscannable] <File is damaged> C:\DELL\Drivers\R43907\MANUAL\ACROBAT\AR500ENU.EXE->(embedded)
[Unscannable] <File is damaged> C:\DELL\Drivers\R48180\setup.exe->(embedded)->(CAB)
[Warning] <Could not open file> C:\Documents and Settings\Beverly\Application Data\FRISK Software\F-PROT Antivirus for Windows\ReportFiles\2008-10-08T07-26-28 - [My Computer].txt
[Warning] <Could not open file> C:\Documents and Settings\Beverly\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[Warning] <Could not open file> C:\Documents and Settings\Beverly\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[Warning] <Could not open file> C:\Documents and Settings\Beverly\NTUSER.DAT
[Warning] <Could not open file> C:\Documents and Settings\Beverly\ntuser.dat.LOG
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\0RG3WHIV\eBayISAPI[2].dll->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\0RG3WHIV\page_not_responding[1].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\E14DGV85\eBayISAPI[5].dll->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\E14DGV85\iframebody_e4654us[1].js->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\E14DGV85\page_not_responding[1].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\E14DGV85\page_not_responding[2].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\E14DGV85\page_not_responding[3].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\O9SZ630R\page_not_responding[1].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\SLAZG9I7\CA19V8E7->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Brittany\Local Settings\Temporary Internet Files\Content.IE5\SLAZG9I7\page_not_responding[1].html->(packed)
[Unscannable] <File is damaged> C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\0LARKLUN\notary_law_text[1].doc
[Warning] <Could not open file> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[Warning] <Could not open file> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[Warning] <Could not open file> C:\Documents and Settings\LocalService\NTUSER.DAT
[Warning] <Could not open file> C:\Documents and Settings\LocalService\ntuser.dat.LOG
[Warning] <Could not open file> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[Warning] <Could not open file> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[Warning] <Could not open file> C:\Documents and Settings\NetworkService\NTUSER.DAT
[Warning] <Could not open file> C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[Warning] <Could not open file> C:\WINDOWS\$NtUninstallKB824141$\user32.dll
[Warning] <Could not open file> C:\WINDOWS\$NtUninstallKB824141$\win32k.sys
[Warning] <Could not open file> C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll
[Warning] <Could not open file> C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll
[Warning] <Could not open file> C:\WINDOWS\system32\config\default
[Warning] <Could not open file> C:\WINDOWS\system32\config\default.LOG
[Warning] <Could not open file> C:\WINDOWS\system32\config\SAM
[Warning] <Could not open file> C:\WINDOWS\system32\config\SAM.LOG
[Warning] <Could not open file> C:\WINDOWS\system32\config\SECURITY
[Warning] <Could not open file> C:\WINDOWS\system32\config\SECURITY.LOG
[Warning] <Could not open file> C:\WINDOWS\system32\config\software
[Warning] <Could not open file> C:\WINDOWS\system32\config\software.LOG
[Warning] <Could not open file> C:\WINDOWS\system32\config\system
[Warning] <Could not open file> C:\WINDOWS\system32\config\system.LOG
[Unscannable] <Unknown format or compression method> C:\WINDOWS\system32\MSJAVX86.EXE
[Unscannable] <Unknown format or compression method> C:\WINDOWS\system32\MSJAVX86.EXE
[Unscannable] <Unknown format or compression method> C:\WINDOWS\system32\MSJAVX86.EXE
[Unscannable] <File is damaged> C:\WINDOWS\system32\MSJAVX86.EXE->(CAB)->osp.zip->com/ms/osp/DataSource.class
[Unscannable] <File is damaged> C:\WINDOWS\system32\MSJAVX86.EXE->(CAB)->osp.zip->com/ms/osp/DataSourceListener.class
[Unscannable] <File is damaged> C:\WINDOWS\system32\MSJAVX86.EXE->(CAB)->osp.zip->com/ms/osp/OLEDBSimpleProvider.class
[Unscannable] <File is damaged> C:\WINDOWS\system32\MSJAVX86.EXE->(CAB)->osp.zip->com/ms/osp/OLEDBSimpleProviderListener.class
[Found possible virus] <W32/Sinowal-based!Maximus (not disinfectable)> C:\WINDOWS\Temp\AolCoach.cab->.\Data.ns\Player\plugin\Extern\RegComm.dll
[Contains infected objects] C:\WINDOWS\Temp\AolCoach.cab
[Quarantined] C:\WINDOWS\Temp\AolCoach.cab->aolcoach_winhunter_ns.inf
---------------------------------------------------------------------
Scan ended: 10/8/2008, 9:25:56 AM
Duration: 1:59:28
Scan result:
Scanned files: 82024
Infected objects: 1
Disinfected objects: 0
Quarantined files: 1

Below is what ClamWin found:


Scan Started Mon Oct 06 18:11:36 2008
-------------------------------------------------------------------------------

C:\Documents and Settings\Beverly\Desktop\Beverly's Storage\Victoria Wieck Absolute™ Snowflake Line Bracelet.doc: Permission denied
C:\hiberfil.sys: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\$NtUninstallKB824141$\user32.dll: Permission denied
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys: Permission denied
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll: Permission denied
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll: Permission denied
C:\WINDOWS\system32\config\default: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\software: Permission denied
C:\WINDOWS\system32\config\system: Permission denied
C:\WINDOWS\system32\f3PSSavr.scr: Permission denied

C:\RECYCLER\S-1-5-21-746137067-1214440339-1801674531-1005\Dc3393\ISP6130\Utilities\ppal3ppc.exe: Adware.Agent-1329 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 434279
Engine version: 0.94
Scanned directories: 5741
Scanned files: 75141
Infected files: 1

Data scanned: 39885.32 MB
Time: 49412.281 sec (823 m 32 s)
--------------------------------------
Completed
--------------------------------------
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top