[loophole]

So Norton doesnt find them anymore?

[Advertisements]

It doesn't allow me to copy/ paste the scan results and of course it won't delete the malware as I mentioned in an earlier post.

I did write the files down. though

01265912-1B27-4A Adware.Aurora
38CA2009-6100-43
499D7701-82AB-4B
5A089208-6C25-4C
5F7A4BBE-3609-4B
68833A37-83A1-48
8E2A3211-F1F0-46
AB529057-CFE7-4C
BBF80057-12E2-43
D5B83A66-E358-AD
FF437C8D-6002-4C
qkbzqvqsp.exe
tbslwb.exe
xkqqzxi.exe

I hope this helps.

[buildreamcb]

It doesn't allow me to copy/ paste the scan results and of course it won't delete the malware as I mentioned in an earlier post.

I did write the files down. though

01265912-1B27-4A Adware.Aurora
38CA2009-6100-43
499D7701-82AB-4B
5A089208-6C25-4C
5F7A4BBE-3609-4B
68833A37-83A1-48
8E2A3211-F1F0-46
AB529057-CFE7-4C
BBF80057-12E2-43
D5B83A66-E358-AD
FF437C8D-6002-4C
qkbzqvqsp.exe
tbslwb.exe
xkqqzxi.exe

I hope this helps.

[loophole]

Norton should give you the path to these files

qkbzqvqsp.exe
tbslwb.exe
xkqqzxi.exe

For instance C:\windows\system32\xkqqzxi.exe
or C:\windows\xkqqzxi.exe

Please let me know if it does and what they are

Thanks

[buildreamcb]

OK,

Only shows 13 threats now and 11 are in my Microsoft Antispyware Quarantine, which I cannot seem to locate. The paths are very long and will take a long time for me to write each one down. Must be an easier way.
Can you advise?

The other 2 are located here:

C:\WINNT\qkbzgrgsp.exe
C:\WINNT\tbslwb.exe

Thanks loophole

[loophole]

Ok great

The items in microsoft quarantine are harmless. Unfortunately I dont use the program and dont know how to delete them out of quarantine. I will ask around.

Now open pocketkillbox Select the option "Delete on reboot".
Now highlight and 'copy' (Ctrl + C) the entire list of filepaths below:
Click 'File' on the killbox menu at the top and choose 'Paste from clipboard'
The entire list should now be in the "Full Path of File to Delete"
field.To check, click on the dropdown-arrow next to that field.
If you expand it, these lines should all be there

C:\WINNT\qkbzgrgsp.exe
C:\WINNT\tbslwb.exe


Then press the red button with a white X in it.
Killbox will tell you that all listed files will be deleted on next reboot, click YES.When it asks if you would like to Reboot now, click YES.

Are you having any problems other than the microsoft quarantine one?

thanks

[buildreamcb]

Allright loophole,

I'm running another scan because apparently 1 file renamed itself from

C:\WINNT\tbslwb.exe

It is now

C:\!Submit\tbslwb.exe............amazing!

I'll be back in ten.

Thank you

[loophole]

thats fine too .killbox created thet folder for submitting files it can be deleted

how is the computer running?

[buildreamcb]

Hey it looks like we killed the .exe files.

I still don't know where the 14th threat dissappeared to.

I'll keep trying to delete the quarantine files in MS antispyware.

If you find out about it, let me know. I want this crap off my PC.

The computer is running great

Thanks loophole!

[loophole]

No problem I will look into it and let you know

[buildreamcb]

Hey loophole,

I just found something very interesting.
The files I was searching for are not in MS antispyware, they're here:

The file C:\Program Files\Microsoft AntiSpyware\Quarantine\A0888C61-03CA-4465-B9FC-56079A\01265912-1B27-4A1E-9379-A28A89 is an adware threat.

I'm sorry, I overlooked the program files part.

This is 1 of 12 folders with 1 of the folders being empty.
(Recap- There are 11 threats existing now)

I didn't know the proper way to delete them so I would like you to take me step by step, if you would, to remove these folders the right way.

I'm hoping I don't have to write each folder down for you, as you can see they're long. If I could have copy/ paste earlier, we wouldn't be here now.

I found 12 folders in this file but didn't make the connection until I ran the mouse arrow over it's path and "BINGO", the hidden number appeared.

Anyway, I'm here waiting for your reply.

Thanks

[loophole]

do they say this in them Microsoft AntiSpyware\Quarantine or quarantine in them?

Edited by loophole, 10 September 2005 - 09:51 PM.

[buildreamcb]

All 11 of them, just as I wrote it out only with their own numbers, etc.

[buildreamcb]

If it would help you, I'd be happy to write each one out for you. I'm familiar with this file now.

Did I answer your question?

[loophole]

No need they are harmless . The scanners detect them but they are locked in the microsoft quarantine. Thats also why it cant clean them. I'm still trying to figure out how to delete them out of there .they aren't a threat. Do you understand what I mean?

[buildreamcb]

So let me understand this.

Even though the quarantine area in MS spyware doesn't show any threats after a scan, the program files hosting these threats cannot be deleted?

And if this is true, most quarantine areas auto- delete after a while, does this not happen here?