Tell you what Mike, just to be safe and to satisfy "my nit-picking"
can you run one more Kaspersky scan for me? I just want to be sure everything has been removed.
Judy
Administrator
Tell you what Mike, just to be safe and to satisfy "my nit-picking"
can you run one more Kaspersky scan for me? I just want to be sure everything has been removed.
Judy
Junior Member
Thorough is good, I like thorough. Seems it found a bunch of viruses in the restore folder, I should probably disable/enable restore to clear them, awaiting further instruction... I also downloaded bitdefender for the heck of it and will include that scan below.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, May 24, 2007 9:28:20 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 24/05/2007
Kaspersky Anti-Virus database records: 328421
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - Folders:
C:\
Scan Statistics:
Total number of scanned objects: 70674
Number of viruses found: 7
Number of infected objects: 15
Number of suspicious objects: 0
Duration of the scan process: 00:38:04
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrator\Desktop\SmitfraudFix\Reboot .exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00e7783144d6 c6252f2ee54767bac6ff_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\00ffe15e035d 3509cf13011bfdd37c12_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\08ae699a6ef2 9c48c4c57527056edb85_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\0db239c66c8d 6bdfc7ac4ee626497884_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\10a2805fd721 9827c6380a71934e4f94_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\112946cffac9 6b2850230cf5c215f05e_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12f27a363225 c37c955c6de191002fbf_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\161997ff5cda eab16baa20da03260049_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b5d89aaa9f2 91a8e215938f2a2274f2_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1b888b44b553 3aaadf2a9518eefc5bed_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1da672788f34 4a27fe341ce339757243_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e1275fea224 257bf54a3c16e88262c8_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\20cbb52e3d85 a015044db5a8ba5d6f8e_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\24eb5056984b d5398554301bc9281f7e_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2d08a662f782 5253edd45375df3b45e5_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\2ded95d7c892 30c20eefcedfcff6cb2a_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\35208da710cc 7a88e0d8b5c561b5f844_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\39587f7264e0 664e22a94b8a54e2ca1b_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3f3aa71ec2cf f995a9491f69aa7748e9_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\41915a57f6f8 3838f128a8e4ce86e4e2_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\467d746f2d01 79aa8696cbf3e962c632_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\49afee59013c 04d10621e30c348105c3_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5054b5e122d1 0733078219df357b51fc_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\507881fc5fd8 f7cb318cd16a44484b46_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5294b6b751b3 0c4ffbf1fd8001b2ace3_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\54d79302dd1a 3959dd87efeff761a941_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\56358aa43aee d5e643b52d4b91dab8ab_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\680765362ee1 81441ed71086ed8fe9ff_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\692cf9f90145 2a0c04221d6a2c1313b2_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6a239d52fdef 255f0cfdd65a5c5084e8_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\6aabb3a5bd30 f2a3c7626ddce62baba7_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\71123106ba95 f746d46cd3d36269b1b2_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\73793b419a7a 911aad5bd815aeef0b4c_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7687c9355808 c5599382c21b46974d6d_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7f8f234eb427 52f20d87db6d4397b1e4_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7fc3c2da6a2b 4b9f2a441e0c7f0d34f5_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\850dac0c09f5 29845a5ebea58f83f510_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8a3d2b8fe738 bebcffe05574496e4994_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8b23dd809be6 b1a0b7a6114b7bb66d7c_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\94bfb2f6df8a f7cdba8a8d2daf3f15a3_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\968756d2aef2 3b1d61eb7ae34a00a336_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\986103972a02 15a184c46616c2f5d015_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9d1e513ca724 ea6302b7ff9298ef6712_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9e06b386ff72 b2fcf8de41e42b3bb6a8_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\9fe112ac1902 63c1d94a49cfea45b7b7_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a26d657d91aa c899dcc94fb9e25bee20_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a39f9d638d24 b81b2b125e8eb6a85484_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aaf8eaae022f dc0e879254a854205ede_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\acb6215d2ed1 56a0983efb70ad86e7e8_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\aced40861ea2 86a01489a80dda14fa0a_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b8459a17fe18 f829272b9b94411955da_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b8a1b062ae5f f490dae42b2eee0be760_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bb0bd4533403 6bc68b4b19f9156a6aef_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf048c544b97 3116a34038f2a13ce3e7_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bfdbd45f1306 ab87cf90e90f75ae01d0_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c08a27e453a7 e8f8a2fffec6cff6b455_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c423667ed8a0 e65dde4750402a0bcf0b_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\c7b90f4e4e44 59ee1b8cf167aaa79ec8_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cd0e493b5c90 73b2e3af9afc0bfe0e4b_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\cfd603ceb714 552d61948a74bba7c446_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\db6f5a367328 14dcb42cbccf535beb1b_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\e4eeb3724674 3c8b3c23f5ecd288b984_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\f19cb3d98587 4f8d69dd85fce13f31d7_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ff5f12ceca97 7f15e34edeb989f8019e_04d92cac-802e-4444-87cd-59ba9e518210 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-05222007-195246.log Object is locked skipped
C:\Documents and Settings\God\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\God\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\God\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini .inuse Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\God\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\God\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\God\Local Settings\History\History.IE5\MSHist012007052320070 524\index.dat Object is locked skipped
C:\Documents and Settings\God\Local Settings\History\History.IE5\MSHist012007052420070 525\index.dat Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\Acr54.tmp Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\Acr66.tmp Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\Acr68.tmp Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\Acr88.tmp Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\Perflib_Perfdata_94c.dat Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temp\~DF8205.tmp Object is locked skipped
C:\Documents and Settings\God\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\God\ntuser.dat Object is locked skipped
C:\Documents and Settings\God\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\God\UserData\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\My Documents\LiquidDesktop.zip/Install Liquid Desktop FREE.exe/data/App/1/SuperBarInstaller.exe Infected: not-a-virus:AdWare.Win32.GigatechSuperBar skipped
C:\My Documents\LiquidDesktop.zip/Install Liquid Desktop FREE.exe Infected: not-a-virus:AdWare.Win32.GigatechSuperBar skipped
C:\My Documents\LiquidDesktop.zip ZIP: infected - 2 skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\LiquidDesktop.zip/Install Liquid Desktop FREE.exe/data/App/1/SuperBarInstaller.exe Infected: not-a-virus:AdWare.Win32.GigatechSuperBar skipped
C:\Program Files\LiquidDesktop.zip/Install Liquid Desktop FREE.exe Infected: not-a-virus:AdWare.Win32.GigatechSuperBar skipped
C:\Program Files\LiquidDesktop.zip ZIP: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP3\A0000051.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP3\A0000134.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP3\A0000135.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP3\A0000136.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP3\A0000147.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\System Volume Information\_restore{C83B4C48-EF5C-43A3-A0AE-13D0E78C54A0}\RP4\change.log Object is locked skipped
C:\VundoFix Backups\mljkijg.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped
C:\VundoFix Backups\vtuts.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Internet Logs\fwdbglog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\fwpktlog.txt Object is locked skipped
C:\WINDOWS\Internet Logs\GODSPUTER.ldb Object is locked skipped
C:\WINDOWS\Internet Logs\IAMDB.RDB Object is locked skipped
C:\WINDOWS\Internet Logs\tvDebug.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.lo g Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MA P Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DAT A Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat Object is locked skipped
C:\WINDOWS\Temp\tmp00006a92\tmp00000000 Object is locked skipped
C:\WINDOWS\Temp\ZLT01496.TMP Object is locked skipped
C:\WINDOWS\Temp\ZLT0149d.TMP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
************************************************** *
BitDefender
************************************************** *
//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 23/05/2007 22:14:54
//
//-----------------------------------------------------------------
Statistics
Scan path : C:\
Folders : 7207
Files : 237449
Archives : 4450
Packed files : 16188
Identified viruses : 2
Infected files : 2
Warnings : 0
Suspect files : 2
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 2
Renamed files : 0
I/O errors : 95
Scan time : 00:39:18
Scan speed (files/sec) : 100
Virus definitions : 508125
Scan plugins : 14
Archive plugins : 38
Unpack plugins : 6
Mail plugins : 6
System plugins : 1
Scan options
Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email
File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;
Action
Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user
Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user
Scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report
Summary:
C:\My Documents\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Suspect BehavesLike:Trojan.Downloader
C:\My Documents\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Disinfection failed
C:\My Documents\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Move failed
C:\Program Files\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Suspect BehavesLike:Trojan.Downloader
C:\Program Files\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Disinfection failed
C:\Program Files\LiquidDesktop.zip=>Install Liquid Desktop FREE.exe=>(CAB Sfx o)=>data\App\1\SuperBarInstaller.exe Move failed
C:\VundoFix Backups\qljqpfri.dll.bad Infected Trojan.Vundo.AY
C:\VundoFix Backups\qljqpfri.dll.bad Disinfection failed
C:\VundoFix Backups\qljqpfri.dll.bad Moved
C:\VundoFix Backups\qwplbkvh.dll.bad Infected MemScan:Trojan.BHO.BG
C:\VundoFix Backups\qwplbkvh.dll.bad Disinfection failed
C:\VundoFix Backups\qwplbkvh.dll.bad Moved
Junior Member
Kaspersky log is a MESS to read, I was going to attach the html version of the log but the manage attachments didn't list html as a valid attachment.
Administrator
Ok Mike, Let's do some final cleanup to be sure that everything is gone;
First though, update your AdAwareSE and SpyBot Search & Destroy.
Also, in Spybot Search & Destroy be sure to activate the Immunize portion of that program if you are not all ready using it.
You can get rid of the VundoFix program and the SmitfraudFix programs entirely, including their backup files. We know everything in those are bad. If the need should arise again, hopefully it won't, you would need to download new copies of those two anyway.
Navigate to the following and delete the items I note in RED
C:\My Documents\LiquidDesktop.zip/
C:\Program Files\LiquidDesktop.zip ZIP
Next Run Ad-Aware SE. Make sure all other windows, including your browser, is closed.
* Click on the gear icon in the upper right (Settings).
* Click "Scanning".
* Select:
- "Scan within archives"
- "Scan my IE Favorites for banned URLs"
- "Scan my hosts file"
* Click "Tweaks".
* Click "Cleaning Engine".
* Select "Automatically try to unregister objects prior to deletion".
* Click "Proceed".
* Click "Start".
* Select "Use custom scanning options".
* Click "Next" and wait for the scanning process to complete.
* Select all the items found for removal.
* Reboot your computer.
* Repeat the last 5 steps from "Start" until no more items are found.
Run SpyBot S&D. Make sure all other windows are Closed and your browser isn't running.
* Check that all Internet Explorer (web browser) windows are closed.
* Click "Search and Destroy" in the left column.
* Click "Check for Problems".
* Have Spybot remove/fix all the problems it identifies in RED.
Go to Start | Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure these 3 are checked and then press "ok" to remove:
Temporary Files
Temporary Internet Files
Recycle Bin
Next; Set a new, CLEAN restore point in System Restore
# Right click the My Computer icon on the Desktop and click on Properties.
# Click on the System Restore tab.
# Put a check mark next to 'Turn off System Restore on All Drives'. It will give you a warning that you are turning it off and you will lose all restore points.
# Click the 'OK' button.
# You will be prompted to restart the computer. Click Yes.
When the computer comes back on then Turn System Restore back on by doing the reverse of those steps above. This should give you a new, clean Restore Point.
I would also recommend that you download and install one more program if you don't all ready have it SpywareBlaster
This also is a FREE program which willThe nice thing I like about it is that it DOES NOT run in the background. Just keep it manually updated and be sure to also enable the Restricted Sites portion of the program too. This program is a must and really does work.Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.
Judy
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote