IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Threats found - cannot delete them!
Donnat
post 1.09.2008 21:29
Post #1


Member
**

Group: Members
Posts: 14
Joined: 1.09.2008




I ran a scan and found these threats.
Monday, September 1, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, September 01, 2008 15:37:42
Records in database: 1173783
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
Scan statistics
Files scanned 118245
Threat name 2
Infected objects 2
Suspicious objects 0
Duration of the scan 01:14:22

File name Threat name Threats count
C:\Windows\System32\SmitfraudFix\IEDFix.exe Infected: Hoax.Win32.Renos.vatg 1
C:\Windows\System32\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
The selected area was scanned.

I had a problem in March and the Reboot.exe came up (not the Renos.vatg). I posted on Malware forum. The rep said this: Let me first tell you what SmitfraudFix is - it is a tool for removing Smitfraud infections. It is incorrectly flagged as malware by most scanners. In short, those Kaspersky entries are of no concern

But I would like to delete them. I had removed SMITFRAUD FIX from my desktop. I have a SMITFRAUD folder in my windows system32 folder. Can I delete the entire folder? When I tried to delete the IEDfix.exe file - I got access denied message. It says you need to confirm this operation and a bunch of info about the file. Cannot copy and paste the message here.

Can I delete the Smitfraud folder? Do I need it? How do I delete when I get access denied. Why is access denied? thank you! What are these threats? thank you!


Go to the top of the page
 
+Quote Post
Lucian Bara
post 1.09.2008 21:33
Post #2


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




hello
yes, you can delete the whole smitfraudfix folder
since you are on vista, you need to run explorer as Administrator or confirm the user account control popups.
riskware are clean programs that may be missused by malware, let's take reboot.exe. it reboots your pc, smitfraudfix uses it to do that once, but a malware could use it to do random reboots or reboot the pc under certain conditions, or evne to reboot the pc so it might get installed

Go to the top of the page
 
+Quote Post
Donnat
post 1.09.2008 22:03
Post #3


Member
**

Group: Members
Posts: 14
Joined: 1.09.2008




QUOTE(Lucian Bara @ 1.09.2008 13:33) *
hello
yes, you can delete the whole smitfraudfix folder
since you are on vista, you need to run explorer as Administrator or confirm the user account control popups.
riskware are clean programs that may be missused by malware, let's take reboot.exe. it reboots your pc, smitfraudfix uses it to do that once, but a malware could use it to do random reboots or reboot the pc under certain conditions, or evne to reboot the pc so it might get installed


Thank you for the quick reply. I deleted the Smitfraud folder. But what were those infections? What is RENOS.VATG?
Go to the top of the page
 
+Quote Post
Lucian Bara
post 1.09.2008 22:16
Post #4


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




well in tihs case probably just detected because it has some code renos also has, basically renos is a hoax program which shows popups liek you are inected.
Go to the top of the page
 
+Quote Post
Donnat
post 1.09.2008 23:40
Post #5


Member
**

Group: Members
Posts: 14
Joined: 1.09.2008




QUOTE(Lucian Bara @ 1.09.2008 14:16) *
well in tihs case probably just detected because it has some code renos also has, basically renos is a hoax program which shows popups liek you are inected.


I ran another scan and it found 0 threats. Yeah! Thank you for your assistance and explanations. We need people like you to help fight the "baddies" out there trying to infect us.
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 31.10.2014 17:27