Author Topic: Avast did not find a virus that the online Kaspersky scanner did?  (Read 2470 times)

0 Members and 1 Guest are viewing this topic.

Offline Enginebuilder

  • Newbie
  • *
  • Posts: 1
Here's a logfile from the Kaspersky Online Scanner:
-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Thursday, April 19, 2007 2:01:20 AM
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.83.0
 Kaspersky Anti-Virus database last update: 19/04/2007
 Kaspersky Anti-Virus database records: 281781
-------------------------------------------------------------------------------

Scan Settings:
   Scan using the following antivirus database: standard
   Scan Archives: true
   Scan Mail Bases: true

Scan Target - My Computer:
   C:\
   D:\
   E:\
   F:\

Scan Statistics:
   Total number of scanned objects: 73782
   Number of viruses found: 2
   Number of infected objects: 9 / 0
   Number of suspicious objects: 0
   Duration of the scan process: 01:20:09

Infected Object Name / Virus Name / Last Action
C:\Program Files\Avast Antivirus\DATA\aswResp.dat   Object is locked   skipped
C:\Program Files\Avast Antivirus\DATA\Avast4.db   Object is locked   skipped
C:\Program Files\Avast Antivirus\DATA\log\nshield.log   Object is locked   skipped
C:\Program Files\Avast Antivirus\DATA\report\Resident protection.txt   Object is locked   skipped
C:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
C:\System Volume Information\_restore{3BE1A432-9DE0-41A2-BD6F-5FFFA4D191B7}\RP18\A0002068.exe   Infected: Trojan.Win32.Obfuscated.fk   skipped
C:\System Volume Information\_restore{3BE1A432-9DE0-41A2-BD6F-5FFFA4D191B7}\RP26\change.log   Object is locked   skipped
D:\Documents and Settings\All Users\Application Data\Bolt Locks Dumb Grid\Mailfunk.exe   Infected: Trojan.Win32.Obfuscated.en   skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat   Object is locked   skipped
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat   Object is locked   skipped
D:\Documents and Settings\LocalService\Cookies\index.dat   Object is locked   skipped
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
D:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
D:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
D:\Documents and Settings\LocalService\NTUSER.DAT   Object is locked   skipped
D:\Documents and Settings\LocalService\ntuser.dat.LOG   Object is locked   skipped
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
D:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
D:\Documents and Settings\NetworkService\NTUSER.DAT   Object is locked   skipped
D:\Documents and Settings\NetworkService\ntuser.dat.LOG   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\cert8.db   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\formhistory.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\history.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\key3.db   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\parent.lock   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\search.sqlite   Object is locked   skipped
D:\Documents and Settings\Satellite\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\urlclassifier2.sqlite   Object is locked   skipped
D:\Documents and Settings\Satellite\Cookies\index.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\Cache\_CACHE_001_   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\Cache\_CACHE_002_   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\Cache\_CACHE_003_   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Application Data\Mozilla\Firefox\Profiles\gknufr36.default\Cache\_CACHE_MAP_   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\History\History.IE5\index.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\Local Settings\Temp\bis5C.exe   Infected: Trojan.Win32.Obfuscated.en   skipped
D:\Documents and Settings\Satellite\Local Settings\Temporary Internet Files\Content.IE5\index.dat   Object is locked   skipped
D:\Documents and Settings\Satellite\NTUSER.DAT   Object is locked   skipped
D:\Documents and Settings\Satellite\NTUSER.DAT.LOG   Object is locked   skipped
D:\Documents and Settings\Satellite\UserData\index.dat   Object is locked   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd29.exe/data.rar/DlPlugin-Moz/buddy.exe   Infected: Trojan.Win32.Obfuscated.fk   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd29.exe/data.rar   Infected: Trojan.Win32.Obfuscated.fk   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd29.exe   RarSFX: infected - 2   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd37\GridSupportGrey.exe   Infected: Trojan.Win32.Obfuscated.en   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd37\mode creative ford.exe   Infected: Trojan.Win32.Obfuscated.en   skipped
D:\RECYCLER\S-1-5-21-1715567821-1708537768-839522115-1003\Dd37\ryfqodbg.exe   Infected: Trojan.Win32.Obfuscated.en   skipped
D:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
D:\System Volume Information\_restore{3BE1A432-9DE0-41A2-BD6F-5FFFA4D191B7}\RP26\change.log   Object is locked   skipped
D:\WINDOWS\Debug\PASSWD.LOG   Object is locked   skipped
D:\WINDOWS\SchedLgU.Txt   Object is locked   skipped
D:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb   Object is locked   skipped
D:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log   Object is locked   skipped
D:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb   Object is locked   skipped
D:\WINDOWS\SoftwareDistribution\ReportingEvents.log   Object is locked   skipped
D:\WINDOWS\Sti_Trace.log   Object is locked   skipped
D:\WINDOWS\system32\CatRoot2\edb.log   Object is locked   skipped
D:\WINDOWS\system32\CatRoot2\tmp.edb   Object is locked   skipped
D:\WINDOWS\system32\config\Antivirus.Evt   Object is locked   skipped
D:\WINDOWS\system32\config\AppEvent.Evt   Object is locked   skipped
D:\WINDOWS\system32\config\default   Object is locked   skipped
D:\WINDOWS\system32\config\default.LOG   Object is locked   skipped
D:\WINDOWS\system32\config\SAM   Object is locked   skipped
D:\WINDOWS\system32\config\SAM.LOG   Object is locked   skipped
D:\WINDOWS\system32\config\SecEvent.Evt   Object is locked   skipped
D:\WINDOWS\system32\config\SECURITY   Object is locked   skipped
D:\WINDOWS\system32\config\SECURITY.LOG   Object is locked   skipped
D:\WINDOWS\system32\config\software   Object is locked   skipped
D:\WINDOWS\system32\config\software.LOG   Object is locked   skipped
D:\WINDOWS\system32\config\SysEvent.Evt   Object is locked   skipped
D:\WINDOWS\system32\config\system   Object is locked   skipped
D:\WINDOWS\system32\config\system.LOG   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA   Object is locked   skipped
D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP   Object is locked   skipped
D:\WINDOWS\Temp\Perflib_Perfdata_170.dat   Object is locked   skipped
D:\WINDOWS\wiadebug.log   Object is locked   skipped
D:\WINDOWS\wiaservc.log   Object is locked   skipped
D:\WINDOWS\WindowsUpdate.log   Object is locked   skipped
E:\System Volume Information\MountPointManagerRemoteDatabase   Object is locked   skipped
E:\System Volume Information\_restore{3BE1A432-9DE0-41A2-BD6F-5FFFA4D191B7}\RP27\change.log   Object is locked   skipped

Scan process completed.


_______________________________________________________________________________________


Now I just need to know how to safely get rid of this (these?) viruii.
Any help would be greatly appreciated.
For the record, I have been using Zone Alarm Security suite, apparently for no good reason.






Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: Avast did not find a virus that the online Kaspersky scanner did?
« Reply #1 on: April 19, 2007, 08:28:54 AM »
I'd suggest to submit the samples (if you still have them) to virus@avast.com for further analysis.

BTW According to the "virus" name Kaspersky detected them under, they all seem to be the same...

Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.