new object found

Scan was just done with Kaspersky Virus Removal Tool and it detected 2 of what it called "new threat Hidden.Object". The Tool was unable to disinfect the file, so I chose quarrantine but only one object ended up being there and it was 88 bytes whereas the original file (before running the tool) was a bit over 12 KB. The log file is attached. I will run the other scans and attach the results asap. Meanwhile, since there was no info in the viruslist about this new threat, I wanted to get this logfile to you.

I can see nothing harmful in your logs. Your system seems to be clean.

Thank you for the reassurance. After the scan was completed, when I clicked on the option for neutralizing the objects found, since it could not disinfect them and the info in the window continued to show that 2 threats were detected and remained untreated, I thought my computer was still infected.

[size="1"][color="#666686"][B][I]Добавлено через 1 час 6 минут[/I][/B][/color][/size]

Something did not work and I think it is that I should have disabled system restore before using the Kaspersky Virus Removal Tool. When I restarted in normal mode, the suspicious file that started all this was present and ClamWin identified that the file contained Fakeav-42. So, I am back where I started from and am also wondering if the "new threat Hidden.Object" is actually Fakeav-42.

What files are infected?

It is a file found directly under Local Disk (C) when I explore the system. It has the name: ac31eb1bd29c28d6c62b6b98cb. It is 19.5 MB and I will try to attach the report from Clamwin.

Execute this script in avz or avptool:

[CODE]begin
ClearQuarantine;
ExecuteAutoQuarantine;
CreateQurantineArchive('C:\quarantine.zip');
RebootWindows(true);
end.[/CODE]
After restart upload file C:\quarantine.zip, by link [url]http://virusinfo.info/upload_virus.php?tid=61320[/url]

The infected computer is currently being scanned again - in safe mode - by the Kaspersky Virus Removal Tool and has 3 hours to go until finished. I tried copying the file to a flash drive but it wouldn't do it. I did copy it, just now, to the folder containing the Kaspersky Virus Removal Tool ... but that seems like a silly impulsive action arising from sleep deprivation!

I regained some sense after last post, removed that ac31etc file copy and deleted it from system. The original remained and no threats were found on 2nd scan in safe mode. I then tried to follow your instructions, albeit with quarantine spelled as such throughout (maybe I'm not the only one with sleep deprivation?). After putting the script in avptool, when I clicked on Execute, I got the message: <AVZ_Scan>failed. Tried execute several times with same result. I will attach system info from 2nd scan and report from that scan here.

[QUOTE=Aleksandra;517103]
After restart upload file C:\quarantine.zip, by link [url]http://virusinfo.info/upload_virus.php?tid=61320[/url][/QUOTE]Where is your quarantine?
If you will not do what helper reqiuered, you topic will be closed.
You have to make AVZ/AVPTool-Logs in normal mode!.

[QUOTE]It is a file found directly under Local Disk (C) when I explore the system. It has the name: ac31eb1bd29c28d6c62b6b98cb.
[/QUOTE]
Remove it: it seems to be the rest of broken setup of any software you'd try to installed.

RE: "You have to make AVZ/AVPTool-Logs in normal mode!."

When I scan the computer in safe mode, how do I keep any files made while in safe mode? How do I make an AVPTool-log in normal mode when the scan was performed with the computer in safe mode?

RE: "Where is your quarantine?"
As in my earlier post, After putting the script in avptool, when I clicked on Execute, I got the message: <AVZ_Scan>failed. Tried execute several times with same result.

(I also realize that I do not know how to quote parts of your post as you made quotes)

RE:
"Remove it: it seems to be the rest of broken setup of any software you'd try to installed. "
That's what I have been trying to do with the Kaspersky Virus Removal Tool. I did not think a Trojan could be completely removed from a system by simply deleting a file containing it. That also would not repair the registry or undo anything the virus did.

[QUOTE=Yamaha YSR;518059]
When I scan the computer in safe mode, how do I keep any files made while in safe mode?[/QUOTE][I] Scanning[/I] and [I]making of logs[/I] are [B]absolutely different things.[/B]

[QUOTE]I did not think a Trojan could be completely removed from a system by simply deleting a file containing it. [/QUOTE]It's correct, TIW pls. make a new log in normal mode.

I fell and am in too much pain to work on this issue right now. Will try again when less impaired.

[size="1"][color="#666686"][B][I]Добавлено через 4 минуты[/I][/B][/color][/size]

And what does TIW mean?

[QUOTE=Yamaha YSR;519849]And what does TIW mean?[/QUOTE]
[B]t[/B]hat [B]i[/B]s [B]w[/B]hy :)