Solved Virus alert!

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-07-24 15:39:43
PROTECTIONS: 1
MALWARE: 2
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus Free 8.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Claudine\My Documents\SmitfraudFix\Process.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\Claudine\My Documents\SmitfraudFix\Reboot.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location 
;===================================================================================================================================================================================
No C:\Documents and Settings\Claudine\My Documents\downloads\SmitfraudFix.exe 
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description 
;===================================================================================================================================================================================
;===================================================================================================================================================================================

 

Hi bombagirl
Ok That looks good. Those showing are from Smifraud.

Are still getting warnings from AVG?

Thanks
Geri

 

No avg warnings yet so what do you think was the problem? thanks 4 your help

spybot gives me alerts that registry files are being changed and to tell him whether to accept or not, it's really annoying what shall I do?

 

Hi bombagirl

I think What Combofix removed was part of the problem.

That depends. Tea Timer is an OK program, I like WinPatrol better, it is not as annoying and I think does a better job.

You can disable Tea timer and install Winpatrol if you like.
Here is how to disable Tea Timer.

First step:

• Right-click the Spybot Icon in the System Tray (looks like a blue/white calendar with a padlock symbol)
• If you have the new version 1.5, Click once on Resident Protection, then Right click the Spybot icon again and make sure Resident Protection is now Unchecked. The Spybot icon in the System tray should now be now colorless.
• If you have Version 1.4, Click on Exit Spybot S&D Resident

Second step, For Either Version :

• Open Spybot S&D
• Click Mode, choose Advanced Mode
• Go To the bottom of the Vertical Panel on the Left, Click Tools
• then, also in left panel, click Resident shows a red/white shield.
• If your firewall raises a question, say OK
• In the Resident protection status frame, Uncheck the box labeled Resident "Tea-Timer "(Protection of over-all system settings) active
• OK any prompts.
• Use File, Exit to terminate Spybot
• Reboot your machine for the changes to take effect.

Here is WinPatrols web site, this is a free program with the option to buy it.
You may get some alerts at first after it's installed but it won't bug you like Tea Timer does.
http://www.winpatrol.com/winpatrol.html

If everything seems OK, I'll mark this one resolved.
Let me know.

Surf Safely
Geri

 

OK settings done, will post soon

 

everything looks fine now thanks Geri

 

Hi bombagirl
OK That's good to hear.

I think you have seen this before, but I'll post it again.

Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Spyware and Virus Removal Forums.
http://www.windowsbbs.com/showthread.php?t=67958

I'll mark this one resolved.

Surf Safely
Geri