Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: SmitFraud cannot be removed?

  1. #11
    Junior Member
    Join Date
    Jan 2008
    Posts
    7

    Default

    New Kaspersky report:

    Thursday, January 24, 2008 10:17:50 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 24/01/2008
    Kaspersky Anti-Virus database records: 495527


    Scan Settings
    Scan using the following antivirus database standard
    Scan Archives true
    Scan Mail Bases true

    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    L:\
    M:\
    N:\

    Scan Statistics
    Total number of scanned objects 55659
    Number of viruses found 2
    Number of infected objects 4
    Number of suspicious objects 0
    Duration of the scan process 00:38:56

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

    C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped

    C:\Documents and Settings\DJ\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\History\History.IE5\MSHist012008012420080125\index.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temp\~DF6606.tmp Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temp\~DF6611.tmp Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temp\~DFF61E.tmp Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temp\~DFF629.tmp Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

    C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\DJ\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\DJ\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

    C:\RECYCLER\S-1-5-21-839522115-287218729-725345543-1003\Dc4\Quarantine\catchme2008-01-23_202340.42.zip/kss.sys Infected: Rootkit.Win32.Agent.to skipped

    C:\RECYCLER\S-1-5-21-839522115-287218729-725345543-1003\Dc4\Quarantine\catchme2008-01-23_202340.42.zip ZIP: infected - 1 skipped

    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    C:\System Volume Information\_restore{5C09D9E9-6741-4EA0-82E8-3C0E99146242}\RP213\A0075769.exe/data0006 Infected: Trojan-Downloader.Win32.VB.ceh skipped

    C:\System Volume Information\_restore{5C09D9E9-6741-4EA0-82E8-3C0E99146242}\RP213\A0075769.exe NSIS: infected - 1 skipped

    C:\System Volume Information\_restore{5C09D9E9-6741-4EA0-82E8-3C0E99146242}\RP214\change.log Object is locked skipped

    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

    C:\WINDOWS\SchedLgU.Txt Object is locked skipped

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

    C:\WINDOWS\Sti_Trace.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\default Object is locked skipped

    C:\WINDOWS\system32\config\default.LOG Object is locked skipped

    C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

    C:\WINDOWS\system32\config\SAM Object is locked skipped

    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY Object is locked skipped

    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

    C:\WINDOWS\system32\config\software Object is locked skipped

    C:\WINDOWS\system32\config\software.LOG Object is locked skipped

    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

    C:\WINDOWS\system32\config\system Object is locked skipped

    C:\WINDOWS\system32\config\system.LOG Object is locked skipped

    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

    C:\WINDOWS\system32\h323log.txt Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

    C:\WINDOWS\wiadebug.log Object is locked skipped

    C:\WINDOWS\wiaservc.log Object is locked skipped

    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

    Scan process completed.

  2. #12
    In Memoriam -Always in our heart pskelley's Avatar
    Join Date
    Oct 2005
    Location
    Clearwater, Florida
    Posts
    20,247

    Default

    Thanks for that scan result:
    Two items are in your Recycle Bin on the Desktop:
    http://www.microsoft.com/resources/d....mspx?mfr=true

    Restart and follow these directions to clean your System Restore files, two of those are infected.
    http://www.microsoft.com/windowsxp/u...s/mcgill1.mspx

    Thanks and safe surfing
    MS-MVP Consumer Security 2007-08-09
    Proud Member ASAP
    UNITE Member 2006

  3. #13
    Junior Member
    Join Date
    Jan 2008
    Posts
    7

    Default

    Re-ran Kaspersky, and no threats found. All problems have been fixed. Thanks again!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •