Member Avatar for aliasger5251

Hello.. I am having alot of problems.. i cant format my computer nor run antivirus programe i tried it in safemode even.. but nothing seems to work.. I tried SDFix.. And here is the report..
Help Needed.. Thank You Very Much..

SDFix: Version 1.240
Run by Administrator on Sat 04/18/2009 at 11:53 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\Documents and Settings\Administrator\Desktop\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found


Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-18 23:57:20
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...

disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\aLiAsGeR\ntuser.dat, 0
scanning hidden files ...

disk error: C:\WINDOWS\

please note that you need administrator rights to perform deep scan

Remaining Services :


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"C:\\WINDOWS\\system32\\msupdate.exe"="C:\\WINDOWS\\system32\\msupdate.exe:*:Enabled:msupdate"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\\Program Files\\FlashGet\\FlashGet.exe"="C:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Tue 6 Jan 2009 139,264 ...H. --- "C:\WINDOWS\system32\BITC.tmp"
Sat 18 Apr 2009 36,171,640 A..H. --- "C:\Documents and Settings\aLiAsGeR\Local Settings\Temp\BIT6.tmp"
Sat 15 Nov 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 18 Apr 2009 9,924,040 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1323c87e2eec76b34ba4d9b0e0d63c4f\BITC.tmp"
Sat 18 Apr 2009 1,264,016 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2b1986a64e0cc312574841b096ea246a\BIT8.tmp"
Fri 13 Mar 2009 7,771,584 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3048c71d7a395651db2df38cd046d015\BIT16.tmp"
Sat 18 Apr 2009 244,656 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3385b5e709509d6e2e40ffe6fcdd8ec9\BITD.tmp"
Sat 18 Apr 2009 244,368 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\542ca89b62f4b2b2eebea38f60812a7c\BIT9.tmp"
Fri 13 Mar 2009 2,552,176 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a09e4d6c8ef6df2d966f9bd348e8cd41\BIT18.tmp"
Sat 18 Apr 2009 4,574,080 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a7a44f3060b9de093f833176e196dff7\BITB.tmp"
Fri 13 Mar 2009 6,483,344 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b480950229a9d748d1c7ba9835d2b2c3\BIT12.tmp"
Fri 13 Mar 2009 9,005,936 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c47336b4131812a4d1c2451b65456451\BIT19.tmp"
Sat 18 Apr 2009 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f4fd4ee77827c38e3468e43ad219025c\BITE.tmp"

Finished!

  • 2 Contributors
  • 9 Replies
  • 169 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by jholland1964
Member Avatar for jholland1964

Please turn off ALL of the P2P programs until this is complete. Better yet, uninstall them.
Download and run a Full System Scan with HiJackThis and save the log. Post back here with that log.

Member Avatar for aliasger5251

I Tried To Instal HijackThis but it doesnt seem to install..! if u can help me with SDFix only! i have no way out i cant format it too...!
thanks

Member Avatar for jholland1964

You all ready ran SDFix, it doesn't need to be run again. What happens when you try to install HiJackThis?

Member Avatar for jholland1964

You need to run Disk Cleanup and go in and DELETE all your TEMP files.
WHY can't you format your computer? It may very well be your only option.

Member Avatar for aliasger5251

The Window opens then closes itself! So cant run Hijackthis i tried it in safemode too!is there any other way? i cant even instal ny other antivirus!
Please help

Member Avatar for aliasger5251

It cant check for errors nor i can defrag the disk...! while formatting i get the blue screen telling me to check for viruses..! i tried many other ways!! but stil i couldnt manage..! thought hijackthis would help.. but it doesnt run.. what to do?

Member Avatar for jholland1964

while formatting i get the blue screen telling me to check for viruses

I have never heard of a format telling you to check for viruses, a format will WIPE everything off a drive, INCLUDING viruses so there should be no reason to check for viruses before formatting.
Exactly HOW are you trying to format the drive? Give me step by step maybe I can help.

Member Avatar for aliasger5251

Well i just boot the windows Xp Cd..! when the files loads up suddenly a bluescreen apears (stop Message) telling me to check if devices r installled properly or check for viruses...! i tried changing ide cables n everything but nuthing seems to work yet..! i just want to remov the virus

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.