Показано с 1 по 12 из 12.

new object found

  1. #1
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26

    new object found

    Scan was just done with Kaspersky Virus Removal Tool and it detected 2 of what it called "new threat Hidden.Object". The Tool was unable to disinfect the file, so I chose quarrantine but only one object ended up being there and it was 88 bytes whereas the original file (before running the tool) was a bit over 12 KB. The log file is attached. I will run the other scans and attach the results asap. Meanwhile, since there was no info in the viruslist about this new threat, I wanted to get this logfile to you.
    Вложения Вложения
    Последний раз редактировалось Yamaha YSR; 26.11.2009 в 00:21. Причина: to be clearer about post

  2. #2
    VIP Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для Aleksandra
    Регистрация
    13.01.2007
    Сообщений
    7,662
    Вес репутации
    2817
    I can see nothing harmful in your logs. Your system seems to be clean.
    Наша служба, будто сердце, отдыха не знает никогда.

  3. #3
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26
    Thank you for the reassurance. After the scan was completed, when I clicked on the option for neutralizing the objects found, since it could not disinfect them and the info in the window continued to show that 2 threats were detected and remained untreated, I thought my computer was still infected.

    Добавлено через 1 час 6 минут

    Something did not work and I think it is that I should have disabled system restore before using the Kaspersky Virus Removal Tool. When I restarted in normal mode, the suspicious file that started all this was present and ClamWin identified that the file contained Fakeav-42. So, I am back where I started from and am also wondering if the "new threat Hidden.Object" is actually Fakeav-42.
    Последний раз редактировалось Yamaha YSR; 26.11.2009 в 01:44. Причина: Добавлено

  4. #4
    VIP Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для Aleksandra
    Регистрация
    13.01.2007
    Сообщений
    7,662
    Вес репутации
    2817
    What files are infected?
    Наша служба, будто сердце, отдыха не знает никогда.

  5. #5
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26
    It is a file found directly under Local Disk (C) when I explore the system. It has the name: ac31eb1bd29c28d6c62b6b98cb. It is 19.5 MB and I will try to attach the report from Clamwin.
    Последний раз редактировалось Rene-gad; 26.11.2009 в 10:22. Причина: not requiered log removed

  6. #6
    VIP Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для Aleksandra
    Регистрация
    13.01.2007
    Сообщений
    7,662
    Вес репутации
    2817
    Execute this script in avz or avptool:

    Код:
    begin
    ClearQuarantine;
    ExecuteAutoQuarantine;
    CreateQurantineArchive('C:\quarantine.zip');
    RebootWindows(true);
    end.
    After restart upload file C:\quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=61320
    Наша служба, будто сердце, отдыха не знает никогда.

  7. #7
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26
    The infected computer is currently being scanned again - in safe mode - by the Kaspersky Virus Removal Tool and has 3 hours to go until finished. I tried copying the file to a flash drive but it wouldn't do it. I did copy it, just now, to the folder containing the Kaspersky Virus Removal Tool ... but that seems like a silly impulsive action arising from sleep deprivation!

    I regained some sense after last post, removed that ac31etc file copy and deleted it from system. The original remained and no threats were found on 2nd scan in safe mode. I then tried to follow your instructions, albeit with quarantine spelled as such throughout (maybe I'm not the only one with sleep deprivation?). After putting the script in avptool, when I clicked on Execute, I got the message: <AVZ_Scan>failed. Tried execute several times with same result. I will attach system info from 2nd scan and report from that scan here.
    Вложения Вложения
    Последний раз редактировалось Rene-gad; 26.11.2009 в 10:20.

  8. #8
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    2996
    Цитата Сообщение от Aleksandra Посмотреть сообщение
    After restart upload file C:\quarantine.zip, by link http://virusinfo.info/upload_virus.php?tid=61320
    Where is your quarantine?
    If you will not do what helper reqiuered, you topic will be closed.
    You have to make AVZ/AVPTool-Logs in normal mode!.

    It is a file found directly under Local Disk (C) when I explore the system. It has the name: ac31eb1bd29c28d6c62b6b98cb.
    Remove it: it seems to be the rest of broken setup of any software you'd try to installed.

  9. #9
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26
    RE: "You have to make AVZ/AVPTool-Logs in normal mode!."

    When I scan the computer in safe mode, how do I keep any files made while in safe mode? How do I make an AVPTool-log in normal mode when the scan was performed with the computer in safe mode?

    RE: "Where is your quarantine?"
    As in my earlier post, After putting the script in avptool, when I clicked on Execute, I got the message: <AVZ_Scan>failed. Tried execute several times with same result.

    (I also realize that I do not know how to quote parts of your post as you made quotes)

    RE:
    "Remove it: it seems to be the rest of broken setup of any software you'd try to installed. "
    That's what I have been trying to do with the Kaspersky Virus Removal Tool. I did not think a Trojan could be completely removed from a system by simply deleting a file containing it. That also would not repair the registry or undo anything the virus did.

  10. #10
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    2996
    Цитата Сообщение от Yamaha YSR Посмотреть сообщение
    When I scan the computer in safe mode, how do I keep any files made while in safe mode?
    Scanning and making of logs are absolutely different things.

    I did not think a Trojan could be completely removed from a system by simply deleting a file containing it.
    It's correct, TIW pls. make a new log in normal mode.

  11. #11
    Junior Member Репутация
    Регистрация
    25.11.2009
    Сообщений
    6
    Вес репутации
    26
    I fell and am in too much pain to work on this issue right now. Will try again when less impaired.

    Добавлено через 4 минуты

    And what does TIW mean?
    Последний раз редактировалось Yamaha YSR; 29.11.2009 в 03:25. Причина: Добавлено

  12. #12
    Senior Member Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    03.04.2006
    Сообщений
    21,108
    Вес репутации
    2996
    Цитата Сообщение от Yamaha YSR Посмотреть сообщение
    And what does TIW mean?
    that is why

Похожие темы

  1. KIS found this suspicious object whilst scanning.
    От JMO в разделе Malware Removal Service
    Ответов: 0
    Последнее сообщение: 30.08.2010, 22:20
  2. Дом.стр. 404 Not found
    От zetzor в разделе Помогите!
    Ответов: 5
    Последнее сообщение: 29.01.2010, 21:35
  3. Ответов: 1
    Последнее сообщение: 31.10.2009, 05:06
  4. many viruses found
    От SERROUKH в разделе Malware Removal Service
    Ответов: 1
    Последнее сообщение: 08.09.2009, 16:59
  5. two viruses found
    От Botta в разделе Malware Removal Service
    Ответов: 14
    Последнее сообщение: 25.08.2009, 18:33

Свернуть/Развернуть Ваши права в разделе

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •  
Page generated in 0.00549 seconds with 21 queries