Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: BAT/Fake.Privdanger, zlob.downloader.vcd & SPR/AdTool.WhenU.A problem please help.

  1. #11
    Member of Team Spybot roberto's Avatar
    Join Date
    Oct 2005
    Posts
    59

    Default

    Hi,

    there must be a unknown file which reinstalls the infection.

    Please run a Kaspersky Online Scan and post next the report.

    Kind regards,
    Roberto.

  2. #12
    Junior Member
    Join Date
    Mar 2008
    Posts
    24

    Default

    Uhmm..I don't know if this is right.

    file:///C:/Documents%20and%20Settings/Mike/My%20Documents/Matthew/kas%20report.html

  3. #13
    Junior Member
    Join Date
    Mar 2008
    Posts
    24

    Default

    Thursday, March 27, 2008 12:00:43 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 26/03/2008
    Kaspersky Anti-Virus database records: 664627
    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true
    Scan Target Critical Areas
    C:\WINDOWS
    C:\DOCUME~1\Mike\LOCALS~1\Temp\
    Scan Statistics
    Total number of scanned objects 24708
    Number of viruses found 6
    Number of infected objects 17
    Number of suspicious objects 0
    Duration of the scan process 00:42:31

    Infected Object Name Virus Name Last Action
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\ModemLog_Nokia 5610 XpressMusic USB Modem.txt Object is locked skipped
    C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt Object is locked skipped
    C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{2D06F699-7FDD-4A38-84D2-122BEA026EBD}.crmlog Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\Sti_Trace.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
    C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
    C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\wiadebug.log Object is locked skipped
    C:\WINDOWS\wiaservc.log Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\fla56C.tmp Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\MCLLog.txt Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\MMCULog.txt Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\Perflib_Perfdata_144.dat Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file01 Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file02/file01 Infected: Trojan-Downloader.Win32.Agent.alr skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file02 Infected: Trojan-Downloader.Win32.Agent.alr skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file18 Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file44 Infected: not-a-virus:FraudTool.Win32.BestSeller.k skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file45 Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe/file83 Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp/~freesetup.exe Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\ztv1A.tmp ZIP: infected - 8 skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~DF8CB5.tmp Object is locked skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file01 Infected: not-a-virus:Downloader.Win32.WinFixer.o skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file02/file01 Infected: Trojan-Downloader.Win32.Agent.alr skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file02 Infected: Trojan-Downloader.Win32.Agent.alr skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file18 Infected: not-a-virus:FraudTool.Win32.WinAntiVirus.2006 skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file44 Infected: not-a-virus:FraudTool.Win32.BestSeller.k skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file45 Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe/file83 Infected: not-a-virus:Downloader.Win32.WinFixer.x skipped
    C:\DOCUME~1\Mike\LOCALS~1\Temp\~freesetup.exe Inno: infected - 7 skipped

  4. #14
    Junior Member
    Join Date
    Mar 2008
    Posts
    24

    Default

    Bump........

  5. #15
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,445

    Default

    Hello Matthew03,

    Two topics started the same day and bumps, quite confusing. http://forums.spybot.info/showthread...952#post174952

    For future reference please read the stickies before starting a topic, thank you.

    "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

    If you still need assistance please use this topic:
    The Waiting Room: Post here if waiting for help four days
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •