computer auto shut down and auto on

April 16, 2010 at 19:24:24
Specs: Windows Vista
i need help removing virus and i dont no how to fix this this my malware log SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/14/2010 at 06:11 PM

Application Version : 4.35.1002

Core Rules Database Version : 4807
Trace Rules Database Version: 2619

Scan type : Quick Scan
Total Scan Time : 00:00:29

Memory items scanned : 138
Memory threats detected : 0
Registry items scanned : 258
Registry threats detected : 42
File items scanned : 0
File threats detected : 2

Trojan.Agent/Gen-Sino[TAO]
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01443AEC-0FD1-40FD-9C87-E93D1494C233}
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}#AppID
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\InprocServer32
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\InprocServer32#ThreadingModel
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\ProgID
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\Programmable
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\TypeLib
HKCR\CLSID\{01443AEC-0FD1-40FD-9C87-E93D1494C233}\VersionIndependentProgID
HKCR\XLF24.ThunderAtOnce.1
HKCR\XLF24.ThunderAtOnce.1\CLSID
HKCR\XLF24.ThunderAtOnce
HKCR\XLF24.ThunderAtOnce\CLSID
HKCR\XLF24.ThunderAtOnce\CurVer
HKCR\TypeLib\{A3187009-B303-458C-9F01-0DAF932ECA17}
C:\PROGRAM FILES (X86)\THUNDER NETWORK\THUNDER\COMDLLS\TDATONCE_NOW.DLL

Unclassified.Unknown Origin
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B13A8E-EB71-4421-B417-4EC0995D5BFC}
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8755CE6E-0BF7-4441-8751-FB728941B0B4}
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D}

Trojan.Smitfraud Variant-Gen/IEDef
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{889D2FEB-5411-4565-8998-1DD2C5261283}
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\Control
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\InprocServer32
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\InprocServer32#ThreadingModel
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\ProgID
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\Programmable
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\TypeLib
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\Version
HKCR\CLSID\{889D2FEB-5411-4565-8998-1DD2C5261283}\VersionIndependentProgID
HKCR\XunLeiBHO.ThunderIEHelper.1
HKCR\XunLeiBHO.ThunderIEHelper.1\CLSID
HKCR\XunLeiBHO.ThunderIEHelper
HKCR\XunLeiBHO.ThunderIEHelper\CLSID
HKCR\XunLeiBHO.ThunderIEHelper\CurVer
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}\1.0
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}\1.0\0
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}\1.0\0\win32
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}\1.0\FLAGS
HKCR\TypeLib\{87CA3845-37FE-414C-81CF-E08A7D0F6779}\1.0\HELPDIR
C:\PROGRAM FILES (X86)\THUNDER NETWORK\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL

Trojan.Agent/Gen
HKU\S-1-5-21-3968901160-2759726070-778273491-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C}


See More: computer auto shut down and auto on

Report •

#1
April 16, 2010 at 22:10:01
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3930

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.18904

4/16/2010 22:06:06
mbam-log-2010-04-16 (22-06-06).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 538979
Time elapsed: 2 hour(s), 48 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qvodplayer (Adware.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files (x86)\QvodPlayer\QvodPlayer\QvodBand.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Program Files (x86)\QvodPlayer\QvodPlayer\QvodUninst.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\john\AppData\Local\VirtualStore\Program Files (x86)\QvodPlayer\admovie.jpg (Adware.Agent) -> Quarantined and deleted successfully.


Report •

#2
April 16, 2010 at 22:36:56
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 3930

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

4/16/2010 22:36:11
mbam-log-2010-04-16 (22-36-11).txt

Scan type: Quick scan
Objects scanned: 3412
Time elapsed: 3 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 9
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Typelib\{b1a7c2cf-bf40-4597-8142-7615d74d0cc3} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e5d5d4a1-17f0-41d7-b1c6-0979f91e6f46} (Adware.BDSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77fef28e-eb96-44ff-b511-3185dea48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7f05ee4-0426-454f-8013-c41e3596e9e9} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b580cf65-e151-49c3-b73f-70b13fca8e86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{77fef28e-eb96-44ff-b511-3185dea48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b580cf65-e151-49c3-b73f-70b13fca8e86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e5d5d4a1-17f0-41d7-b1c6-0979f91e6f46} (Adware.BDSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a7f05ee4-0426-454f-8013-c41e3596e9e9} (Trojan.Cinmus) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Tencent\QQToolbar\IEBar.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\admovie.jpg (Adware.Agent) -> Quarantined and deleted successfully.


Report •
Related Solutions


Ask Question