Tech Support Forum - View Single Post

curtiswheat · 08-03-2006, 08:53 AM

SmitFraudFix v2.79

Scan done at 9:00:46.62, Thu 08/03/2006
Run from C:\Documents and Settings\CWheat\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\isnotify.exe Deleted
C:\WINDOWS\system32\issearch.exe Deleted
C:\WINDOWS\system32\ixt?.dll Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\ts.ico Deleted
C:\DOCUME~1\CWheat\FAVORI~1\Antivirus Test Online.url Deleted
C:\Program Files\Safety Bar\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:49:17 AM 8/3/2006

+ Scan result:

HKU\S-1-5-21-3634350574-3908311374-3679408370-1150\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined).

::Report end

Incident Status Location

Potentially unwanted tool:application/sysprotect Not disinfected hkey_local_machine\software\classes\appid\CheckProduct2_1.DLL
Adware:adware/sidesearch Not disinfected Windows Registry
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\CWheat\Cookies\cwheat@stats1.reliablestats[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\CWheat\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\CWheat\Local Settings\Application Data\Mozilla\Firefox\Profiles\p6uhelm0.default\Cache\633285D9d01[SmitfraudFix/Process.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{B0A5AD2A-0711-1033-0727-051109040001}\services.dll
Virus:Trj/Downloader.JUC Disinfected C:\WINDOWS\system32\iifggdd.dll

08-03-2006, 08:53 AM	#5 (permalink)
curtiswheat Registered User Join Date: Aug 2006 Posts: 9 OS: xp	SmitFraudFix v2.79 Scan done at 9:00:46.62, Thu 08/03/2006 Run from C:\Documents and Settings\CWheat\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\system32\isnotify.exe Deleted C:\WINDOWS\system32\issearch.exe Deleted C:\WINDOWS\system32\ixt?.dll Deleted C:\WINDOWS\system32\ot.ico Deleted C:\WINDOWS\system32\ts.ico Deleted C:\DOCUME~1\CWheat\FAVORI~1\Antivirus Test Online.url Deleted C:\Program Files\Safety Bar\ Deleted »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 9:49:17 AM 8/3/2006 + Scan result: HKU\S-1-5-21-3634350574-3908311374-3679408370-1150\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined). ::Report end Incident Status Location Potentially unwanted tool:application/sysprotect Not disinfected hkey_local_machine\software\classes\appid\CheckProduct2_1.DLL Adware:adware/sidesearch Not disinfected Windows Registry Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\CWheat\Cookies\cwheat@stats1.reliablestats[1].txt Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\CWheat\Desktop\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\CWheat\Local Settings\Application Data\Mozilla\Firefox\Profiles\p6uhelm0.default\Cache\633285D9d01[SmitfraudFix/Process.exe] Spyware:Spyware/Virtumonde Not disinfected C:\Program Files\Common Files\{B0A5AD2A-0711-1033-0727-051109040001}\services.dll Virus:Trj/Downloader.JUC Disinfected C:\WINDOWS\system32\iifggdd.dll