Kaspersky Online Scanner Report

I recently did a scan with kaspersky online scanner and I got this log.

Unfortunatly Befroe I did an avast! Scan but it said it was clean. :frowning:

kasperskky online scanner checks to see if there is bad things, but doesn’t remove them.

I have never in my life removed manually a file that is infected.

Can someone give me steps to remove these?

Thanks,
Joshua 8)


KASPERSKY ONLINE SCANNER REPORT

Friday, July 06, 2007 8:52:04 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 6/07/2007
Kaspersky Anti-Virus database records: 336628
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:
D:
E:
F:
G:
H:
I:
Scan Statistics
Total number of scanned objects 23463
Number of viruses found 1
Number of infected objects 8 / 0
Number of suspicious objects 0
Duration of the scan process 00:35:48

Infected Object Name Virus Name Last Action
C:\1d275fe27b9184a7d4459801973d\msxml4-KB927978-enu.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8d65b1f830a114ab330887cff9f40022_83e9f382-68f4-44ec-a9e8-422b984048b0 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-7860dd2e/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-7860dd2e/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-7860dd2e/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\6.0\20\7328ad54-7860dd2e ZIP: infected - 3 skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4aa07381.zip/BaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4aa07381.zip/VaaaaaaaBaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4aa07381.zip/Baaaaa.class Infected: Trojan.Java.ClassLoader.ao skipped
C:\Documents and Settings\Arthur\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms-counter.jar-4535331c-4aa07381.zip ZIP: infected - 3 skipped
C:\Documents and Settings\Arthur\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db Object is locked skipped
C:\Documents and Settings\Arthur\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Microsoft\Templates\Normal.dotm Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\cert8.db Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\formhistory.dat Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\history.dat Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\key3.db Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\parent.lock Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Joshua\Application Data\SiteAdvisor\SiteAdv.csh Object is locked skipped
C:\Documents and Settings\Joshua\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxxx@xxxxxx.xxx\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxx@xxxx.xxx\SharingMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxxx@xxxxxxx.xxx\SharingMetadata\Working\database_CE14_601C_1460_A33\dfsr.db Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxxx@xxxxxxx.xxx\SharingMetadata\Working\database_CE14_601C_1460_A33\fsr.log Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxxx@xxxxxxx.xxx\SharingMetadata\Working\database_CE14_601C_1460_A33\fsrtmp.log Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Messenger\xxxxxxxxx@xxxxx.xxx\SharingMetadata\Working\database_CE14_601C_1460_A33\tmp.edb Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Windows Live Contacts\xxxxxxxxx@xxxxxxx.xxx\real\members.stg Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Microsoft\Windows Live Contacts\xxxxxxxxx@xxxxxxx.xxx\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\Cache_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\Cache_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\Cache_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Application Data\Mozilla\Firefox\Profiles\bem4fqzn.default\Cache_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\History\History.IE5\MSHist012007070620070707\index.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp~DF3581.tmp Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp~DF3DD6.tmp Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp~DF4102.tmp Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp~DF7701.tmp Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temp~DF7711.tmp Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Joshua\Local Settings\Temporary Internet Files\Content.Word~WRS{E0CD8862-5C97-4F48-B6F3-4248E8E2850B}.tmp Object is locked skipped
C:\Documents and Settings\Joshua\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Joshua\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\eb92022b95e470e26098833e%temp%dd_msxml_retMSI.txt Object is locked skipped

Disguise your email address. You could get spamed. xxxxxxxxxxx@xxxxx.xxx

Delete them… Java Control Panel > Settings > Delete Files… > Ok.

Thanks for the advice rdmaloyjr. Forgot to do that :smiley:

And Thanks Tech for that. I never knew that that button was to clear the cache folder:

C:\Documents and Settings\UserName\Application Data\Sun\Java\Deployment\cache\

I’ll remember that next time!

Joshua ;D

You may need to update Sun Java as infections in the class loader are usually an indication that the version of JAVA you are running is out of date. The latest version is 1.6.0_02.

Get the latest version, once you have done this, uninstall all older versions from Control Panel > Add/Remove Programs.
http://www.java.com/en/download/index.jsp

But I do have the latest version of java!

I even check their website and told me that it was the latest version!

That is strange since the class loader issues are usually as a result of vulnerabilities that are being exploited.

Well, I have no clue why either.

I used to have the oldest version possible when it came with the computer (in 2004) And now since I’m a little bit older and am a guru at updates, I always check everything on mycomputer every day! ;D

I used to have spybot search and destroy untill a worm went though spybot to my computer and avast didn’t detect it and I had to do it my self. (Had to call microsoft, bigpond (Australian Internet Service, Part of Telstra) to fix it.)

If you want to know how I did it plz ask me and I will tell you.

So I uninstalled spybot this year in jan. Now today i reinstalled it and it’s doing a scan as i type.

So I’ll see if that helps. 8)

As far as I know having the latest Java doesn’t prevent malware seaking to exploit a vulnerability from downloading. It just that the vulnerability doesn’t exist so the malware becomes an impotent bit of code that can be deleted.

Thanks Keith.

I only recently installed Sun’s JAVA, having avoided it and JAVA VM for many years and now it is a constant update cycle with a hefty dial-up download for the very rare occasion I ever use it.

Sure David.

I usually turn automatic updates off for Java and just manually update when its convenient. Any active forum member will be aware of an update long before the updater notifies you of one.

I have turned auto updates off, I hate any form of autonomy on updates, I even have avast check and ask. You really have to be very selective on dial-up to do updates at a time of your choosing.

This is what upset me… the updater tool, even when manually run, will only detects the presence of an update after tons of other ways… FileForum alerts, Secunia alerts… you run the updater tool and nothing comes up… but the update was already released
http://www.countingcows.de/stop.gif

From their point of view I guess it eases the burden on their servers, and I suppose a late update is better than no update at all. Not the best situation though.

Well, the paid version has good servers available. It`s frustrating to use the free version. But, will you use an antivirus that does not update? No thanks, even a free one.

Exactly. ;D