Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help with problem from nail.exe [RESOLVED]


  • This topic is locked This topic is locked

#16
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
When I logged onto to my daughter's sign on, I still got the message from Microsoft Anti Spywhere that Huntbar Browser Modifier is trying to make a change.
This only seems to happen under her sign on.
  • 0

Advertisements


#17
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
please do the following under your daughters loggin.
  • open Spy Sweeper
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.
Then could you please run it again and paste the second log in your reply also.
  • 0

#18
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Here is the first log. I clicked the Summary tab, but I did not see any option to click "finish", so I hope I am doing this correctly.

********
5:41 PM: |··· Start of Session, Friday, October 07, 2005 ···|
5:41 PM: Spy Sweeper started
5:41 PM: Sweep initiated using definitions version 551
5:41 PM: Starting Memory Sweep
5:49 PM: Memory Sweep Complete, Elapsed Time: 00:07:59
5:49 PM: Starting Registry Sweep
5:49 PM: Found Trojan Horse: alwaysupdatednews
5:49 PM: HKLM\software\microsoft\code store database\distribution units\{47cd99df-8bcf-4b9b-94ef-02e51b2f79da}\ (8 subtraces) (ID = 103552)
5:49 PM: Found Adware: bookedspace
5:49 PM: HKLM\software\configuration manager\cfgmgr52\ (6 subtraces) (ID = 104873)
5:49 PM: Found Adware: elitebar
5:49 PM: HKLM\software\microsoft\windows\currentversion\internet settings\user agent\post platform\ || iebar (ID = 125752)
5:49 PM: Found Adware: gain-supported software
5:49 PM: HKCR\interface\{54e7e080-1da6-412e-96b5-c290fcef5329}\ (7 subtraces) (ID = 126745)
5:49 PM: Found Adware: ieplugin
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\intexp\ (2 subtraces) (ID = 128173)
5:49 PM: Found Adware: drsnsrch.com hijack
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1006\software\microsoft\search assistant\ || defaultsearchurl (ID = 128205)
5:49 PM: Found Adware: logih adware
5:49 PM: HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload\ || systemcheck2 (ID = 129814)
5:49 PM: Found Adware: minigolf
5:49 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/wildapp.dll\ (2 subtraces) (ID = 135051)
5:49 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/minigolf_affiliate.exe\ (2 subtraces) (ID = 135052)
5:49 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\wildapp.dll (ID = 135057)
5:49 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\minigolf_affiliate.exe (ID = 135058)
5:49 PM: Found Adware: searchtoolbar
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\search toolbar\ (3 subtraces) (ID = 141344)
5:49 PM: Found Adware: tvmedia
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\windows\currentversion\run\ || tv media (ID = 145312)
5:49 PM: Found Adware: abetterinternet
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\btgrab\ (15 subtraces) (ID = 145850)
5:49 PM: Found Adware: websearch toolbar
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\btiein\ (3 subtraces) (ID = 146368)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1008\software\btlink\ (7 subtraces) (ID = 146370)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\menuext\power search\ (2 subtraces) (ID = 146458)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146464)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\msietslink\ (4 subtraces) (ID = 146512)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\toolbar\ (16 subtraces) (ID = 146513)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\aurora\ (18 subtraces) (ID = 360174)
5:49 PM: Found Trojan Horse: sysnet
5:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\sysnet\ (2 subtraces) (ID = 381857)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 392934)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\toolbar\ (16 subtraces) (ID = 646239)
5:49 PM: Registry Sweep Complete, Elapsed Time:00:00:17
5:49 PM: Starting Cookie Sweep
5:49 PM: Found Spy Cookie: 2o7.net cookie
5:49 PM: kaycee@2o7[2].txt (ID = 1957)
5:49 PM: Found Spy Cookie: websponsors cookie
5:49 PM: kaycee@a.websponsors[2].txt (ID = 3665)
5:49 PM: Found Spy Cookie: about cookie
5:49 PM: kaycee@about[1].txt (ID = 2037)
5:49 PM: Found Spy Cookie: yieldmanager cookie
5:49 PM: kaycee@ad.yieldmanager[2].txt (ID = 3751)
5:49 PM: Found Spy Cookie: adknowledge cookie
5:49 PM: kaycee@adknowledge[1].txt (ID = 2072)
5:49 PM: Found Spy Cookie: adrevolver cookie
5:49 PM: kaycee@adrevolver[2].txt (ID = 2088)
5:49 PM: kaycee@adrevolver[3].txt (ID = 2088)
5:49 PM: Found Spy Cookie: advertising cookie
5:49 PM: kaycee@advertising[2].txt (ID = 2175)
5:49 PM: Found Spy Cookie: atlas dmt cookie
5:49 PM: kaycee@atdmt[2].txt (ID = 2253)
5:49 PM: Found Spy Cookie: belnk cookie
5:49 PM: kaycee@ath.belnk[1].txt (ID = 2293)
5:49 PM: Found Spy Cookie: banner cookie
5:49 PM: kaycee@banner[2].txt (ID = 2276)
5:49 PM: kaycee@belnk[2].txt (ID = 2292)
5:49 PM: Found Spy Cookie: bluestreak cookie
5:49 PM: kaycee@bluestreak[1].txt (ID = 2314)
5:49 PM: Found Spy Cookie: casalemedia cookie
5:49 PM: kaycee@casalemedia[2].txt (ID = 2354)
5:49 PM: Found Spy Cookie: classmates cookie
5:49 PM: kaycee@classmates[2].txt (ID = 2384)
5:49 PM: Found Spy Cookie: clickbank cookie
5:49 PM: kaycee@clickbank[2].txt (ID = 2398)
5:49 PM: kaycee@dist.belnk[1].txt (ID = 2293)
5:49 PM: Found Spy Cookie: fastclick cookie
5:49 PM: kaycee@fastclick[2].txt (ID = 2651)
5:49 PM: kaycee@hotels.about[1].txt (ID = 2038)
5:49 PM: Found Spy Cookie: howstuffworks cookie
5:49 PM: kaycee@howstuffworks[1].txt (ID = 2805)
5:49 PM: Found Spy Cookie: metareward.com cookie
5:49 PM: kaycee@metareward[2].txt (ID = 2990)
5:49 PM: Found Spy Cookie: mp3downloadhq cookie
5:49 PM: kaycee@mp3downloadhq[2].txt (ID = 3014)
5:49 PM: Found Spy Cookie: nextag cookie
5:49 PM: kaycee@nextag[2].txt (ID = 5014)
5:49 PM: Found Spy Cookie: overture cookie
5:49 PM: kaycee@perf.overture[1].txt (ID = 3106)
5:49 PM: Found Spy Cookie: questionmarket cookie
5:49 PM: kaycee@questionmarket[1].txt (ID = 3217)
5:49 PM: Found Spy Cookie: realmedia cookie
5:49 PM: kaycee@realmedia[1].txt (ID = 3235)
5:49 PM: Found Spy Cookie: revenue.net cookie
5:49 PM: kaycee@revenue[1].txt (ID = 3257)
5:49 PM: Found Spy Cookie: servedby advertising cookie
5:49 PM: kaycee@servedby.advertising[1].txt (ID = 3335)
5:49 PM: Found Spy Cookie: serving-sys cookie
5:49 PM: kaycee@serving-sys[1].txt (ID = 3343)
5:49 PM: Found Spy Cookie: statcounter cookie
5:49 PM: kaycee@statcounter[2].txt (ID = 3447)
5:49 PM: Found Spy Cookie: tmpad cookie
5:49 PM: kaycee@tmpad[1].txt (ID = 3545)
5:49 PM: Found Spy Cookie: trafficmp cookie
5:49 PM: kaycee@trafficmp[1].txt (ID = 3581)
5:49 PM: Found Spy Cookie: xiti cookie
5:49 PM: kaycee@xiti[1].txt (ID = 3717)
5:49 PM: Found Spy Cookie: adserver cookie
5:49 PM: kaycee@z1.adserver[1].txt (ID = 2142)
5:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:06
5:49 PM: Starting File Sweep
5:49 PM: c:\program files\epicenter (ID = -2147477846)
5:49 PM: Found Adware: abcsearch
5:49 PM: c:\documents and settings\all users\application data\msw (ID = -2147481510)
5:50 PM: e189e090-e615-403c-ad2e-9e5fd7 (ID = 48570)
5:50 PM: Found Adware: fizzlebar
5:50 PM: 8fbc0525-0655-4d91-b7a9-5f8583 (ID = 61054)
5:51 PM: deb751c7-1262-4da6-83d7-1d69f3 (ID = 83087)
5:52 PM: Found Adware: shopathomeselect
5:52 PM: giqd1c1l.dat (ID = 75801)
5:54 PM: 9aec0536-afed-43ad-9975-fb290d (ID = 61054)
5:56 PM: Found Adware: sicro dialer
5:56 PM: switchagreement.txt (ID = 76024)
5:56 PM: Found Adware: virtualbouncer
5:56 PM: d8bc6cd9-46a2-4bf9-b4a1-d086c8 (ID = 82816)
5:56 PM: Found Adware: sexfiles dialers
5:56 PM: dating.lnk (ID = 75396)
5:56 PM: Found Adware: 180search assistant/zango
5:56 PM: 41b03bb4-794f-47bd-b2d4-083134 (ID = 70624)
5:56 PM: 8b6ee25c-44ac-4d16-9a29-255eeb (ID = 84894)
5:56 PM: e9bb1d9f-14fc-4766-a6c2-c3f967 (ID = 84889)
5:56 PM: Found Trojan Horse: trojan-downloader-mediket
5:56 PM: backup-20051003-190321-411.inf (ID = 80748)
5:56 PM: backup-20051003-190322-755.inf (ID = 76012)
5:56 PM: backup-20051003-190323-404.inf (ID = 65702)
5:56 PM: Found Adware: mirar webband
5:56 PM: backup-20051003-190324-309.inf (ID = 70004)
5:56 PM: belt.inf (ID = 83154)
5:56 PM: polmx2.inf (ID = 83430)
5:56 PM: backup-20051003-190321-411.inf (ID = 80748)
5:56 PM: backup-20051003-190322-755.inf (ID = 76012)
5:56 PM: backup-20051003-190323-404.inf (ID = 65702)
5:56 PM: backup-20051003-190324-309.inf (ID = 70004)
5:57 PM: File Sweep Complete, Elapsed Time: 00:07:26
5:57 PM: Full Sweep has completed. Elapsed time 00:15:50
5:57 PM: Traces Found: 195
5:57 PM: Removal process initiated
5:58 PM: Quarantining All Traces: alwaysupdatednews
5:58 PM: Quarantining All Traces: bookedspace
5:58 PM: Quarantining All Traces: elitebar
5:58 PM: Quarantining All Traces: gain-supported software
5:58 PM: Quarantining All Traces: ieplugin
5:58 PM: Quarantining All Traces: drsnsrch.com hijack
5:58 PM: Quarantining All Traces: logih adware
5:58 PM: Quarantining All Traces: minigolf
5:58 PM: Quarantining All Traces: searchtoolbar
5:58 PM: Quarantining All Traces: tvmedia
5:58 PM: Quarantining All Traces: abetterinternet
5:58 PM: Quarantining All Traces: websearch toolbar
5:58 PM: Quarantining All Traces: sysnet
5:58 PM: Quarantining All Traces: 2o7.net cookie
5:58 PM: Quarantining All Traces: websponsors cookie
5:58 PM: Quarantining All Traces: about cookie
5:58 PM: Quarantining All Traces: yieldmanager cookie
5:58 PM: Quarantining All Traces: adknowledge cookie
5:58 PM: Quarantining All Traces: adrevolver cookie
5:58 PM: Quarantining All Traces: advertising cookie
5:58 PM: Quarantining All Traces: atlas dmt cookie
5:58 PM: Quarantining All Traces: belnk cookie
5:58 PM: Quarantining All Traces: banner cookie
5:58 PM: Quarantining All Traces: bluestreak cookie
5:58 PM: Quarantining All Traces: casalemedia cookie
5:58 PM: Quarantining All Traces: classmates cookie
5:58 PM: Quarantining All Traces: clickbank cookie
5:58 PM: Quarantining All Traces: fastclick cookie
5:58 PM: Quarantining All Traces: howstuffworks cookie
5:58 PM: Quarantining All Traces: metareward.com cookie
5:58 PM: Quarantining All Traces: mp3downloadhq cookie
5:58 PM: Quarantining All Traces: nextag cookie
5:58 PM: Quarantining All Traces: overture cookie
5:58 PM: Quarantining All Traces: questionmarket cookie
5:58 PM: Quarantining All Traces: realmedia cookie
5:58 PM: Quarantining All Traces: revenue.net cookie
5:58 PM: Quarantining All Traces: servedby advertising cookie
5:58 PM: Quarantining All Traces: serving-sys cookie
5:58 PM: Quarantining All Traces: statcounter cookie
5:58 PM: Quarantining All Traces: tmpad cookie
5:58 PM: Quarantining All Traces: trafficmp cookie
5:58 PM: Quarantining All Traces: xiti cookie
5:58 PM: Quarantining All Traces: adserver cookie
5:58 PM: Quarantining All Traces: abcsearch
5:58 PM: Quarantining All Traces: fizzlebar
5:58 PM: Quarantining All Traces: shopathomeselect
5:58 PM: Quarantining All Traces: sicro dialer
5:58 PM: Quarantining All Traces: virtualbouncer
5:58 PM: Quarantining All Traces: sexfiles dialers
5:58 PM: Quarantining All Traces: 180search assistant/zango
5:58 PM: Quarantining All Traces: trojan-downloader-mediket
5:58 PM: Quarantining All Traces: mirar webband
5:58 PM: Removal process completed. Elapsed time 00:00:50
5:59 PM: Processing Internet Explorer Favorites Alerts
5:59 PM: Allowed IE Favorite: RealPlayer Home Page
5:59 PM: Allowed IE Favorite: RealPlayer
5:59 PM: Allowed IE Favorite: Support.Dell.com
5:59 PM: Allowed IE Favorite: Dell Auction
********
5:39 PM: |··· Start of Session, Friday, October 07, 2005 ···|
5:39 PM: Spy Sweeper started
5:41 PM: |··· End of Session, Friday, October 07, 2005 ···|

This is the new log after running it again: This time the "finish" button was visible...
********
9:11 PM: |··· Start of Session, Tuesday, October 11, 2005 ···|
9:11 PM: Spy Sweeper started
9:11 PM: Sweep initiated using definitions version 551
9:11 PM: Starting Memory Sweep
9:20 PM: Memory Sweep Complete, Elapsed Time: 00:08:25
9:20 PM: Starting Registry Sweep
9:20 PM: Found Adware: elitebar
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\lq\ (5 subtraces) (ID = 125741)
9:20 PM: Found Adware: ieplugin
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\intexp\ (2 subtraces) (ID = 128173)
9:20 PM: Found Adware: searchtoolbar
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\search toolbar\ (5 subtraces) (ID = 141344)
9:20 PM: Found Adware: tvmedia
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\microsoft\windows\currentversion\run\ || tv media (ID = 145312)
9:20 PM: Found Adware: abetterinternet
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\btgrab\ (18 subtraces) (ID = 145850)
9:20 PM: Found Adware: websearch toolbar
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\btlink\ (7 subtraces) (ID = 146370)
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\microsoft\internet explorer\menuext\power search\ (2 subtraces) (ID = 146458)
9:20 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1011\software\aurora\ (19 subtraces) (ID = 360174)
9:20 PM: Registry Sweep Complete, Elapsed Time:00:00:22
9:20 PM: Starting Cookie Sweep
9:20 PM: Found Spy Cookie: 2o7.net cookie
9:20 PM: kaycee@2o7[2].txt (ID = 1957)
9:20 PM: Found Spy Cookie: about cookie
9:20 PM: kaycee@about[2].txt (ID = 2037)
9:20 PM: Found Spy Cookie: yieldmanager cookie
9:20 PM: kaycee@ad.yieldmanager[1].txt (ID = 3751)
9:20 PM: Found Spy Cookie: adknowledge cookie
9:20 PM: kaycee@adknowledge[2].txt (ID = 2072)
9:20 PM: Found Spy Cookie: adrevolver cookie
9:20 PM: kaycee@adrevolver[2].txt (ID = 2088)
9:20 PM: kaycee@adrevolver[3].txt (ID = 2088)
9:20 PM: Found Spy Cookie: addynamix cookie
9:20 PM: kaycee@ads.addynamix[1].txt (ID = 2062)
9:20 PM: Found Spy Cookie: advertising cookie
9:20 PM: kaycee@advertising[2].txt (ID = 2175)
9:20 PM: Found Spy Cookie: apmebf cookie
9:20 PM: kaycee@apmebf[2].txt (ID = 2229)
9:20 PM: Found Spy Cookie: ask cookie
9:20 PM: kaycee@ask[1].txt (ID = 2245)
9:20 PM: Found Spy Cookie: atlas dmt cookie
9:20 PM: kaycee@atdmt[2].txt (ID = 2253)
9:20 PM: Found Spy Cookie: belnk cookie
9:20 PM: kaycee@ath.belnk[1].txt (ID = 2293)
9:20 PM: Found Spy Cookie: azjmp cookie
9:20 PM: kaycee@azjmp[2].txt (ID = 2270)
9:20 PM: Found Spy Cookie: banner cookie
9:20 PM: kaycee@banner[1].txt (ID = 2276)
9:20 PM: kaycee@belnk[2].txt (ID = 2292)
9:20 PM: Found Spy Cookie: bluestreak cookie
9:20 PM: kaycee@bluestreak[1].txt (ID = 2314)
9:20 PM: Found Spy Cookie: burstnet cookie
9:20 PM: kaycee@burstnet[2].txt (ID = 2336)
9:20 PM: Found Spy Cookie: casalemedia cookie
9:20 PM: kaycee@casalemedia[2].txt (ID = 2354)
9:20 PM: kaycee@dist.belnk[1].txt (ID = 2293)
9:20 PM: Found Spy Cookie: fastclick cookie
9:20 PM: kaycee@fastclick[2].txt (ID = 2651)
9:20 PM: Found Spy Cookie: linksynergy cookie
9:20 PM: kaycee@linksynergy[1].txt (ID = 2926)
9:20 PM: Found Spy Cookie: overture cookie
9:20 PM: kaycee@perf.overture[1].txt (ID = 3106)
9:20 PM: Found Spy Cookie: questionmarket cookie
9:20 PM: kaycee@questionmarket[1].txt (ID = 3217)
9:20 PM: Found Spy Cookie: realmedia cookie
9:20 PM: kaycee@realmedia[2].txt (ID = 3235)
9:20 PM: Found Spy Cookie: reunion cookie
9:20 PM: kaycee@reunion[2].txt (ID = 3255)
9:20 PM: Found Spy Cookie: revenue.net cookie
9:20 PM: kaycee@revenue[2].txt (ID = 3257)
9:20 PM: Found Spy Cookie: servedby advertising cookie
9:20 PM: kaycee@servedby.advertising[1].txt (ID = 3335)
9:20 PM: Found Spy Cookie: targetnet cookie
9:20 PM: kaycee@targetnet[1].txt (ID = 3489)
9:20 PM: Found Spy Cookie: tmpad cookie
9:20 PM: kaycee@tmpad[1].txt (ID = 3545)
9:20 PM: kaycee@top40.about[1].txt (ID = 2038)
9:20 PM: Found Spy Cookie: trafficmp cookie
9:20 PM: kaycee@trafficmp[1].txt (ID = 3581)
9:20 PM: Found Spy Cookie: adserver cookie
9:20 PM: kaycee@z1.adserver[1].txt (ID = 2142)
9:20 PM: Cookie Sweep Complete, Elapsed Time: 00:00:01
9:20 PM: Starting File Sweep
9:27 PM: File Sweep Complete, Elapsed Time: 00:06:57
9:27 PM: Full Sweep has completed. Elapsed time 00:15:53
9:27 PM: Traces Found: 99
9:33 PM: Removal process initiated
9:33 PM: Quarantining All Traces: elitebar
9:33 PM: Quarantining All Traces: ieplugin
9:33 PM: Quarantining All Traces: searchtoolbar
9:33 PM: Quarantining All Traces: tvmedia
9:33 PM: Quarantining All Traces: abetterinternet
9:33 PM: Quarantining All Traces: websearch toolbar
9:33 PM: Quarantining All Traces: 2o7.net cookie
9:33 PM: Quarantining All Traces: about cookie
9:33 PM: Quarantining All Traces: yieldmanager cookie
9:33 PM: Quarantining All Traces: adknowledge cookie
9:33 PM: Quarantining All Traces: adrevolver cookie
9:33 PM: Quarantining All Traces: addynamix cookie
9:33 PM: Quarantining All Traces: advertising cookie
9:33 PM: Quarantining All Traces: apmebf cookie
9:33 PM: Quarantining All Traces: ask cookie
9:33 PM: Quarantining All Traces: atlas dmt cookie
9:33 PM: Quarantining All Traces: belnk cookie
9:33 PM: Quarantining All Traces: azjmp cookie
9:33 PM: Quarantining All Traces: banner cookie
9:33 PM: Quarantining All Traces: bluestreak cookie
9:33 PM: Quarantining All Traces: burstnet cookie
9:33 PM: Quarantining All Traces: casalemedia cookie
9:33 PM: Quarantining All Traces: fastclick cookie
9:33 PM: Quarantining All Traces: linksynergy cookie
9:33 PM: Quarantining All Traces: overture cookie
9:33 PM: Quarantining All Traces: questionmarket cookie
9:33 PM: Quarantining All Traces: realmedia cookie
9:33 PM: Quarantining All Traces: reunion cookie
9:33 PM: Quarantining All Traces: revenue.net cookie
9:33 PM: Quarantining All Traces: servedby advertising cookie
9:33 PM: Quarantining All Traces: targetnet cookie
9:33 PM: Quarantining All Traces: tmpad cookie
9:33 PM: Quarantining All Traces: trafficmp cookie
9:33 PM: Quarantining All Traces: adserver cookie
9:35 PM: Removal process completed. Elapsed time 00:02:21
********
5:41 PM: |··· Start of Session, Friday, October 07, 2005 ···|
5:41 PM: Spy Sweeper started
5:41 PM: Sweep initiated using definitions version 551
5:41 PM: Starting Memory Sweep
5:49 PM: Memory Sweep Complete, Elapsed Time: 00:07:59
5:49 PM: Starting Registry Sweep
5:49 PM: Found Trojan Horse: alwaysupdatednews
5:49 PM: HKLM\software\microsoft\code store database\distribution units\{47cd99df-8bcf-4b9b-94ef-02e51b2f79da}\ (8 subtraces) (ID = 103552)
5:49 PM: Found Adware: bookedspace
5:49 PM: HKLM\software\configuration manager\cfgmgr52\ (6 subtraces) (ID = 104873)
5:49 PM: Found Adware: elitebar
5:49 PM: HKLM\software\microsoft\windows\currentversion\internet settings\user agent\post platform\ || iebar (ID = 125752)
5:49 PM: Found Adware: gain-supported software
5:49 PM: HKCR\interface\{54e7e080-1da6-412e-96b5-c290fcef5329}\ (7 subtraces) (ID = 126745)
5:49 PM: Found Adware: ieplugin
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\intexp\ (2 subtraces) (ID = 128173)
5:49 PM: Found Adware: drsnsrch.com hijack
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1006\software\microsoft\search assistant\ || defaultsearchurl (ID = 128205)
5:49 PM: Found Adware: logih adware
5:49 PM: HKLM\software\microsoft\windows\currentversion\shellserviceobjectdelayload\ || systemcheck2 (ID = 129814)
5:49 PM: Found Adware: minigolf
5:49 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/wildapp.dll\ (2 subtraces) (ID = 135051)
5:49 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/minigolf_affiliate.exe\ (2 subtraces) (ID = 135052)
5:49 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\wildapp.dll (ID = 135057)
5:49 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\minigolf_affiliate.exe (ID = 135058)
5:49 PM: Found Adware: searchtoolbar
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\search toolbar\ (3 subtraces) (ID = 141344)
5:49 PM: Found Adware: tvmedia
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\windows\currentversion\run\ || tv media (ID = 145312)
5:49 PM: Found Adware: abetterinternet
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\btgrab\ (15 subtraces) (ID = 145850)
5:49 PM: Found Adware: websearch toolbar
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\btiein\ (3 subtraces) (ID = 146368)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1008\software\btlink\ (7 subtraces) (ID = 146370)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\menuext\power search\ (2 subtraces) (ID = 146458)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146464)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\msietslink\ (4 subtraces) (ID = 146512)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\toolbar\ (16 subtraces) (ID = 146513)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\aurora\ (18 subtraces) (ID = 360174)
5:49 PM: Found Trojan Horse: sysnet
5:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\sysnet\ (2 subtraces) (ID = 381857)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 392934)
5:49 PM: HKU\S-1-5-21-2448172095-1170726622-3096062353-1009\software\toolbar\ (16 subtraces) (ID = 646239)
5:49 PM: Registry Sweep Complete, Elapsed Time:00:00:17
5:49 PM: Starting Cookie Sweep
5:49 PM: Found Spy Cookie: 2o7.net cookie
5:49 PM: kaycee@2o7[2].txt (ID = 1957)
5:49 PM: Found Spy Cookie: websponsors cookie
5:49 PM: kaycee@a.websponsors[2].txt (ID = 3665)
5:49 PM: Found Spy Cookie: about cookie
5:49 PM: kaycee@about[1].txt (ID = 2037)
5:49 PM: Found Spy Cookie: yieldmanager cookie
5:49 PM: kaycee@ad.yieldmanager[2].txt (ID = 3751)
5:49 PM: Found Spy Cookie: adknowledge cookie
5:49 PM: kaycee@adknowledge[1].txt (ID = 2072)
5:49 PM: Found Spy Cookie: adrevolver cookie
5:49 PM: kaycee@adrevolver[2].txt (ID = 2088)
5:49 PM: kaycee@adrevolver[3].txt (ID = 2088)
5:49 PM: Found Spy Cookie: advertising cookie
5:49 PM: kaycee@advertising[2].txt (ID = 2175)
5:49 PM: Found Spy Cookie: atlas dmt cookie
5:49 PM: kaycee@atdmt[2].txt (ID = 2253)
5:49 PM: Found Spy Cookie: belnk cookie
5:49 PM: kaycee@ath.belnk[1].txt (ID = 2293)
5:49 PM: Found Spy Cookie: banner cookie
5:49 PM: kaycee@banner[2].txt (ID = 2276)
5:49 PM: kaycee@belnk[2].txt (ID = 2292)
5:49 PM: Found Spy Cookie: bluestreak cookie
5:49 PM: kaycee@bluestreak[1].txt (ID = 2314)
5:49 PM: Found Spy Cookie: casalemedia cookie
5:49 PM: kaycee@casalemedia[2].txt (ID = 2354)
5:49 PM: Found Spy Cookie: classmates cookie
5:49 PM: kaycee@classmates[2].txt (ID = 2384)
5:49 PM: Found Spy Cookie: clickbank cookie
5:49 PM: kaycee@clickbank[2].txt (ID = 2398)
5:49 PM: kaycee@dist.belnk[1].txt (ID = 2293)
5:49 PM: Found Spy Cookie: fastclick cookie
5:49 PM: kaycee@fastclick[2].txt (ID = 2651)
5:49 PM: kaycee@hotels.about[1].txt (ID = 2038)
5:49 PM: Found Spy Cookie: howstuffworks cookie
5:49 PM: kaycee@howstuffworks[1].txt (ID = 2805)
5:49 PM: Found Spy Cookie: metareward.com cookie
5:49 PM: kaycee@metareward[2].txt (ID = 2990)
5:49 PM: Found Spy Cookie: mp3downloadhq cookie
5:49 PM: kaycee@mp3downloadhq[2].txt (ID = 3014)
5:49 PM: Found Spy Cookie: nextag cookie
5:49 PM: kaycee@nextag[2].txt (ID = 5014)
5:49 PM: Found Spy Cookie: overture cookie
5:49 PM: kaycee@perf.overture[1].txt (ID = 3106)
5:49 PM: Found Spy Cookie: questionmarket cookie
5:49 PM: kaycee@questionmarket[1].txt (ID = 3217)
5:49 PM: Found Spy Cookie: realmedia cookie
5:49 PM: kaycee@realmedia[1].txt (ID = 3235)
5:49 PM: Found Spy Cookie: revenue.net cookie
5:49 PM: kaycee@revenue[1].txt (ID = 3257)
5:49 PM: Found Spy Cookie: servedby advertising cookie
5:49 PM: kaycee@servedby.advertising[1].txt (ID = 3335)
5:49 PM: Found Spy Cookie: serving-sys cookie
5:49 PM: kaycee@serving-sys[1].txt (ID = 3343)
5:49 PM: Found Spy Cookie: statcounter cookie
5:49 PM: kaycee@statcounter[2].txt (ID = 3447)
5:49 PM: Found Spy Cookie: tmpad cookie
5:49 PM: kaycee@tmpad[1].txt (ID = 3545)
5:49 PM: Found Spy Cookie: trafficmp cookie
5:49 PM: kaycee@trafficmp[1].txt (ID = 3581)
5:49 PM: Found Spy Cookie: xiti cookie
5:49 PM: kaycee@xiti[1].txt (ID = 3717)
5:49 PM: Found Spy Cookie: adserver cookie
5:49 PM: kaycee@z1.adserver[1].txt (ID = 2142)
5:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:06
5:49 PM: Starting File Sweep
5:49 PM: c:\program files\epicenter (ID = -2147477846)
5:49 PM: Found Adware: abcsearch
5:49 PM: c:\documents and settings\all users\application data\msw (ID = -2147481510)
5:50 PM: e189e090-e615-403c-ad2e-9e5fd7 (ID = 48570)
5:50 PM: Found Adware: fizzlebar
5:50 PM: 8fbc0525-0655-4d91-b7a9-5f8583 (ID = 61054)
5:51 PM: deb751c7-1262-4da6-83d7-1d69f3 (ID = 83087)
5:52 PM: Found Adware: shopathomeselect
5:52 PM: giqd1c1l.dat (ID = 75801)
5:54 PM: 9aec0536-afed-43ad-9975-fb290d (ID = 61054)
5:56 PM: Found Adware: sicro dialer
5:56 PM: switchagreement.txt (ID = 76024)
5:56 PM: Found Adware: virtualbouncer
5:56 PM: d8bc6cd9-46a2-4bf9-b4a1-d086c8 (ID = 82816)
5:56 PM: Found Adware: sexfiles dialers
5:56 PM: dating.lnk (ID = 75396)
5:56 PM: Found Adware: 180search assistant/zango
5:56 PM: 41b03bb4-794f-47bd-b2d4-083134 (ID = 70624)
5:56 PM: 8b6ee25c-44ac-4d16-9a29-255eeb (ID = 84894)
5:56 PM: e9bb1d9f-14fc-4766-a6c2-c3f967 (ID = 84889)
5:56 PM: Found Trojan Horse: trojan-downloader-mediket
5:56 PM: backup-20051003-190321-411.inf (ID = 80748)
5:56 PM: backup-20051003-190322-755.inf (ID = 76012)
5:56 PM: backup-20051003-190323-404.inf (ID = 65702)
5:56 PM: Found Adware: mirar webband
5:56 PM: backup-20051003-190324-309.inf (ID = 70004)
5:56 PM: belt.inf (ID = 83154)
5:56 PM: polmx2.inf (ID = 83430)
5:56 PM: backup-20051003-190321-411.inf (ID = 80748)
5:56 PM: backup-20051003-190322-755.inf (ID = 76012)
5:56 PM: backup-20051003-190323-404.inf (ID = 65702)
5:56 PM: backup-20051003-190324-309.inf (ID = 70004)
5:57 PM: File Sweep Complete, Elapsed Time: 00:07:26
5:57 PM: Full Sweep has completed. Elapsed time 00:15:50
5:57 PM: Traces Found: 195
5:57 PM: Removal process initiated
5:58 PM: Quarantining All Traces: alwaysupdatednews
5:58 PM: Quarantining All Traces: bookedspace
5:58 PM: Quarantining All Traces: elitebar
5:58 PM: Quarantining All Traces: gain-supported software
5:58 PM: Quarantining All Traces: ieplugin
5:58 PM: Quarantining All Traces: drsnsrch.com hijack
5:58 PM: Quarantining All Traces: logih adware
5:58 PM: Quarantining All Traces: minigolf
5:58 PM: Quarantining All Traces: searchtoolbar
5:58 PM: Quarantining All Traces: tvmedia
5:58 PM: Quarantining All Traces: abetterinternet
5:58 PM: Quarantining All Traces: websearch toolbar
5:58 PM: Quarantining All Traces: sysnet
5:58 PM: Quarantining All Traces: 2o7.net cookie
5:58 PM: Quarantining All Traces: websponsors cookie
5:58 PM: Quarantining All Traces: about cookie
5:58 PM: Quarantining All Traces: yieldmanager cookie
5:58 PM: Quarantining All Traces: adknowledge cookie
5:58 PM: Quarantining All Traces: adrevolver cookie
5:58 PM: Quarantining All Traces: advertising cookie
5:58 PM: Quarantining All Traces: atlas dmt cookie
5:58 PM: Quarantining All Traces: belnk cookie
5:58 PM: Quarantining All Traces: banner cookie
5:58 PM: Quarantining All Traces: bluestreak cookie
5:58 PM: Quarantining All Traces: casalemedia cookie
5:58 PM: Quarantining All Traces: classmates cookie
5:58 PM: Quarantining All Traces: clickbank cookie
5:58 PM: Quarantining All Traces: fastclick cookie
5:58 PM: Quarantining All Traces: howstuffworks cookie
5:58 PM: Quarantining All Traces: metareward.com cookie
5:58 PM: Quarantining All Traces: mp3downloadhq cookie
5:58 PM: Quarantining All Traces: nextag cookie
5:58 PM: Quarantining All Traces: overture cookie
5:58 PM: Quarantining All Traces: questionmarket cookie
5:58 PM: Quarantining All Traces: realmedia cookie
5:58 PM: Quarantining All Traces: revenue.net cookie
5:58 PM: Quarantining All Traces: servedby advertising cookie
5:58 PM: Quarantining All Traces: serving-sys cookie
5:58 PM: Quarantining All Traces: statcounter cookie
5:58 PM: Quarantining All Traces: tmpad cookie
5:58 PM: Quarantining All Traces: trafficmp cookie
5:58 PM: Quarantining All Traces: xiti cookie
5:58 PM: Quarantining All Traces: adserver cookie
5:58 PM: Quarantining All Traces: abcsearch
5:58 PM: Quarantining All Traces: fizzlebar
5:58 PM: Quarantining All Traces: shopathomeselect
5:58 PM: Quarantining All Traces: sicro dialer
5:58 PM: Quarantining All Traces: virtualbouncer
5:58 PM: Quarantining All Traces: sexfiles dialers
5:58 PM: Quarantining All Traces: 180search assistant/zango
5:58 PM: Quarantining All Traces: trojan-downloader-mediket
5:58 PM: Quarantining All Traces: mirar webband
5:58 PM: Removal process completed. Elapsed time 00:00:50
5:59 PM: Processing Internet Explorer Favorites Alerts
5:59 PM: Allowed IE Favorite: RealPlayer Home Page
5:59 PM: Allowed IE Favorite: RealPlayer
5:59 PM: Allowed IE Favorite: Support.Dell.com
5:59 PM: Allowed IE Favorite: Dell Auction
********
5:39 PM: |··· Start of Session, Friday, October 07, 2005 ···|
5:39 PM: Spy Sweeper started
5:41 PM: |··· End of Session, Friday, October 07, 2005 ···|
  • 0

#19
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
hi, no I hadn't forgot about you, for some reason I didn't get notified of your response. Thank you for contacting me about it.

if you could please, Web Root has recently released a new version of Spy Sweeper, so what I would like you to do is uninstall the current version you have and then download and install the latest version.
I am working with a member of the Webroot team on this reocurring Huntbar issue, so I may be a litte delayed in my response afterwards.
  • open Spy Sweeper
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.

Edited by Efwis, 16 October 2005 - 05:54 PM.

  • 0

#20
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Thanks for the reply. I downloaded the latest and here is the results. I seem to have only 5 days left on my Spy Sweeper Trial.

********
9:49 PM: | Start of Session, Sunday, October 16, 2005 |
9:49 PM: Spy Sweeper started
9:49 PM: Sweep initiated using definitions version 555
9:49 PM: Starting Memory Sweep
9:52 PM: Memory Sweep Complete, Elapsed Time: 00:02:40
9:52 PM: Starting Registry Sweep
9:52 PM: Found Adware: bookedspace
9:52 PM: HKLM\software\microsoft\windows\currentversion\internet settings\zonemap\domains\net-nucleus.com\ (2 subtraces) (ID = 662284)
9:52 PM: Found Adware: ieplugin
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\intexp\ (2 subtraces) (ID = 128173)
9:52 PM: Found Adware: searchtoolbar
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\search toolbar\ (3 subtraces) (ID = 141344)
9:52 PM: Found Adware: tvmedia
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\microsoft\internet explorer\urlsearchhooks\ || {20ec3d2d-33c1-4c9d-bc37-c2d500688da2} (ID = 145309)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\microsoft\windows\currentversion\run\ || tv media (ID = 145312)
9:52 PM: Found Adware: abetterinternet
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\btgrab\ (18 subtraces) (ID = 145850)
9:52 PM: Found Adware: websearch toolbar
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\btiein\ (3 subtraces) (ID = 146368)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\btlink\ (7 subtraces) (ID = 146370)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\microsoft\internet explorer\menuext\power search\ (2 subtraces) (ID = 146458)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146464)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\msietslink\ (7 subtraces) (ID = 146512)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\toolbar\ (17 subtraces) (ID = 146513)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\aurora\ (18 subtraces) (ID = 360174)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 392934)
9:52 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1010\software\toolbar\ (17 subtraces) (ID = 646239)
9:53 PM: Found Adware: ebates money maker
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\extensions\cmdmapping\ || {6685509e-b47b-4f47-8e16-9a5f3a62f683} (ID = 125587)
9:53 PM: Found Adware: webrebates
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\extensions\{6685509e-b47b-4f47-8e16-9a5f3a62f683}\ (6 subtraces) (ID = 125589)
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\extensions\{6685509e-b47b-4f47-8e16-9a5f3a62f683}\ (6 subtraces) (ID = 125589)
9:53 PM: Found Adware: elitebar
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\toolbar\webbrowser\ || {825cf5bd-8862-4430-b771-0c15c5ca8def} (ID = 125745)
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\btlink\ (7 subtraces) (ID = 146370)
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 146464)
9:53 PM: HKU\WRSS_Profile_S-1-5-21-2448172095-1170726622-3096062353-1007\software\microsoft\internet explorer\toolbar\webbrowser\ || {339bb23f-a864-48c0-a59f-29ea915965ec} (ID = 392934)
9:53 PM: Registry Sweep Complete, Elapsed Time:00:00:27
9:53 PM: Starting Cookie Sweep
9:53 PM: Found Spy Cookie: gamespy cookie
9:53 PM: jimmy@gamespy[1].txt (ID = 2719)
9:53 PM: Found Spy Cookie: about cookie
9:53 PM: kaycee@about[2].txt (ID = 2037)
9:53 PM: Found Spy Cookie: yieldmanager cookie
9:53 PM: kaycee@ad.yieldmanager[1].txt (ID = 3751)
9:53 PM: Found Spy Cookie: adknowledge cookie
9:53 PM: kaycee@adknowledge[2].txt (ID = 2072)
9:53 PM: Found Spy Cookie: adrevolver cookie
9:53 PM: kaycee@adrevolver[2].txt (ID = 2088)
9:53 PM: kaycee@adrevolver[3].txt (ID = 2088)
9:53 PM: Found Spy Cookie: addynamix cookie
9:53 PM: kaycee@ads.addynamix[1].txt (ID = 2062)
9:53 PM: Found Spy Cookie: pointroll cookie
9:53 PM: kaycee@ads.pointroll[2].txt (ID = 3148)
9:53 PM: Found Spy Cookie: advertising cookie
9:53 PM: kaycee@advertising[1].txt (ID = 2175)
9:53 PM: Found Spy Cookie: ask cookie
9:53 PM: kaycee@ask[1].txt (ID = 2245)
9:53 PM: Found Spy Cookie: atlas dmt cookie
9:53 PM: kaycee@atdmt[2].txt (ID = 2253)
9:53 PM: Found Spy Cookie: belnk cookie
9:53 PM: kaycee@ath.belnk[1].txt (ID = 2293)
9:53 PM: Found Spy Cookie: azjmp cookie
9:53 PM: kaycee@azjmp[2].txt (ID = 2270)
9:53 PM: Found Spy Cookie: banner cookie
9:53 PM: kaycee@banner[1].txt (ID = 2276)
9:53 PM: kaycee@belnk[2].txt (ID = 2292)
9:53 PM: Found Spy Cookie: clickbank cookie
9:53 PM: kaycee@clickbank[2].txt (ID = 2398)
9:53 PM: kaycee@dist.belnk[1].txt (ID = 2293)
9:53 PM: Found Spy Cookie: fastclick cookie
9:53 PM: kaycee@fastclick[2].txt (ID = 2651)
9:53 PM: Found Spy Cookie: netster cookie
9:53 PM: kaycee@lb1.netster[1].txt (ID = 3072)
9:53 PM: Found Spy Cookie: questionmarket cookie
9:53 PM: kaycee@questionmarket[1].txt (ID = 3217)
9:53 PM: Found Spy Cookie: realmedia cookie
9:53 PM: kaycee@realmedia[2].txt (ID = 3235)
9:53 PM: Found Spy Cookie: servedby advertising cookie
9:53 PM: kaycee@servedby.advertising[2].txt (ID = 3335)
9:53 PM: Found Spy Cookie: statcounter cookie
9:53 PM: kaycee@statcounter[1].txt (ID = 3447)
9:53 PM: Found Spy Cookie: targetnet cookie
9:53 PM: kaycee@targetnet[1].txt (ID = 3489)
9:53 PM: kaycee@top40.about[1].txt (ID = 2038)
9:53 PM: Found Spy Cookie: tradedoubler cookie
9:53 PM: kaycee@tradedoubler[1].txt (ID = 3575)
9:53 PM: Found Spy Cookie: myaffiliateprogram.com cookie
9:53 PM: kaycee@www.myaffiliateprogram[1].txt (ID = 3032)
9:53 PM: linda@ad.yieldmanager[2].txt (ID = 3751)
9:53 PM: linda@advertising[2].txt (ID = 2175)
9:53 PM: Found Spy Cookie: apmebf cookie
9:53 PM: linda@apmebf[2].txt (ID = 2229)
9:53 PM: linda@atdmt[2].txt (ID = 2253)
9:53 PM: Found Spy Cookie: bluestreak cookie
9:53 PM: linda@bluestreak[1].txt (ID = 2314)
9:53 PM: Found Spy Cookie: casalemedia cookie
9:53 PM: linda@casalemedia[1].txt (ID = 2354)
9:53 PM: Found Spy Cookie: mp3downloadhq cookie
9:53 PM: linda@mp3downloadhq[2].txt (ID = 3014)
9:53 PM: Found Spy Cookie: overture cookie
9:53 PM: linda@perf.overture[1].txt (ID = 3106)
9:53 PM: linda@servedby.advertising[1].txt (ID = 3335)
9:53 PM: Found Spy Cookie: trafficmp cookie
9:53 PM: linda@trafficmp[2].txt (ID = 3581)
9:53 PM: Found Spy Cookie: adserver cookie
9:53 PM: linda@z1.adserver[1].txt (ID = 2142)
9:53 PM: Found Spy Cookie: zedo cookie
9:53 PM: linda@zedo[1].txt (ID = 3762)
9:53 PM: Found Spy Cookie: 2o7.net cookie
9:53 PM: john@2o7[2].txt (ID = 1957)
9:53 PM: john@adknowledge[2].txt (ID = 2072)
9:53 PM: john@advertising[1].txt (ID = 2175)
9:53 PM: john@ask[1].txt (ID = 2245)
9:53 PM: john@atdmt[2].txt (ID = 2253)
9:53 PM: Found Spy Cookie: atwola cookie
9:53 PM: john@atwola[1].txt (ID = 2255)
9:53 PM: john@bluestreak[2].txt (ID = 2314)
9:53 PM: Found Spy Cookie: burstnet cookie
9:53 PM: john@burstnet[2].txt (ID = 2336)
9:53 PM: john@casalemedia[1].txt (ID = 2354)
9:53 PM: john@clickbank[2].txt (ID = 2398)
9:53 PM: Found Spy Cookie: coremetrics cookie
9:53 PM: john@data.coremetrics[1].txt (ID = 2472)
9:53 PM: john@fastclick[1].txt (ID = 2651)
9:53 PM: john@microsofteup.112.2o7[2].txt (ID = 1958)
9:53 PM: Found Spy Cookie: aptimus cookie
9:53 PM: john@network.aptimus[1].txt (ID = 2235)
9:53 PM: Found Spy Cookie: nextag cookie
9:53 PM: john@nextag[1].txt (ID = 5014)
9:53 PM: Found Spy Cookie: pricegrabber cookie
9:53 PM: john@pricegrabber[1].txt (ID = 3185)
9:53 PM: john@questionmarket[1].txt (ID = 3217)
9:53 PM: john@servedby.advertising[1].txt (ID = 3335)
9:53 PM: Found Spy Cookie: web-stat cookie
9:53 PM: john@server3.web-stat[2].txt (ID = 3649)
9:53 PM: Found Spy Cookie: serving-sys cookie
9:53 PM: john@serving-sys[1].txt (ID = 3343)
9:53 PM: Found Spy Cookie: webtrendslive cookie
9:53 PM: john@statse.webtrendslive[1].txt (ID = 3667)
9:53 PM: john@test.coremetrics[1].txt (ID = 2472)
9:53 PM: Found Spy Cookie: tribalfusion cookie
9:53 PM: john@tribalfusion[1].txt (ID = 3589)
9:53 PM: Found Spy Cookie: burstbeacon cookie
9:53 PM: john@www.burstbeacon[2].txt (ID = 2335)
9:53 PM: Cookie Sweep Complete, Elapsed Time: 00:00:02
9:53 PM: Starting File Sweep
10:04 PM: File Sweep Complete, Elapsed Time: 00:10:58
10:04 PM: Full Sweep has completed. Elapsed time 00:14:18
10:04 PM: Traces Found: 200
10:31 PM: Removal process initiated
10:31 PM: Quarantining All Traces: abetterinternet
10:31 PM: Quarantining All Traces: elitebar
10:31 PM: Quarantining All Traces: websearch toolbar
10:31 PM: Quarantining All Traces: bookedspace
10:32 PM: IE Security Shield: found: C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\WRSSSDK.EXE -- IE Security modification allowed at user request
10:32 PM: Quarantining All Traces: ebates money maker
10:32 PM: Quarantining All Traces: ieplugin
10:32 PM: Quarantining All Traces: searchtoolbar
10:32 PM: Quarantining All Traces: tvmedia
10:32 PM: Quarantining All Traces: webrebates
10:32 PM: Quarantining All Traces: 2o7.net cookie
10:32 PM: Quarantining All Traces: about cookie
10:32 PM: Quarantining All Traces: addynamix cookie
10:32 PM: Quarantining All Traces: adknowledge cookie
10:32 PM: Quarantining All Traces: adrevolver cookie
10:32 PM: Quarantining All Traces: adserver cookie
10:32 PM: Quarantining All Traces: advertising cookie
10:32 PM: Quarantining All Traces: apmebf cookie
10:32 PM: Quarantining All Traces: aptimus cookie
10:32 PM: Quarantining All Traces: ask cookie
10:32 PM: Quarantining All Traces: atlas dmt cookie
10:32 PM: Quarantining All Traces: atwola cookie
10:32 PM: Quarantining All Traces: azjmp cookie
10:32 PM: Quarantining All Traces: banner cookie
10:32 PM: Quarantining All Traces: belnk cookie
10:32 PM: Quarantining All Traces: bluestreak cookie
10:32 PM: Quarantining All Traces: burstbeacon cookie
10:32 PM: Quarantining All Traces: burstnet cookie
10:32 PM: Quarantining All Traces: casalemedia cookie
10:32 PM: Quarantining All Traces: clickbank cookie
10:32 PM: Quarantining All Traces: coremetrics cookie
10:32 PM: Quarantining All Traces: fastclick cookie
10:32 PM: Quarantining All Traces: gamespy cookie
10:32 PM: Quarantining All Traces: mp3downloadhq cookie
10:32 PM: Quarantining All Traces: myaffiliateprogram.com cookie
10:32 PM: Quarantining All Traces: netster cookie
10:32 PM: Quarantining All Traces: nextag cookie
10:32 PM: Quarantining All Traces: overture cookie
10:32 PM: Quarantining All Traces: pointroll cookie
10:32 PM: Quarantining All Traces: pricegrabber cookie
10:32 PM: Quarantining All Traces: questionmarket cookie
10:32 PM: Quarantining All Traces: realmedia cookie
10:32 PM: Quarantining All Traces: servedby advertising cookie
10:32 PM: Quarantining All Traces: serving-sys cookie
10:32 PM: Quarantining All Traces: statcounter cookie
10:32 PM: Quarantining All Traces: targetnet cookie
10:32 PM: Quarantining All Traces: tradedoubler cookie
10:32 PM: Quarantining All Traces: trafficmp cookie
10:32 PM: Quarantining All Traces: tribalfusion cookie
10:32 PM: Quarantining All Traces: web-stat cookie
10:32 PM: Quarantining All Traces: webtrendslive cookie
10:32 PM: Quarantining All Traces: yieldmanager cookie
10:32 PM: Quarantining All Traces: zedo cookie
10:32 PM: Removal process completed. Elapsed time 00:01:29
********
9:45 PM: | Start of Session, Sunday, October 16, 2005 |
9:45 PM: Spy Sweeper started
9:45 PM: Your spyware definitions have been updated.
9:49 PM: | End of Session, Sunday, October 16, 2005 |
  • 0

#21
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
Please do an online scan with Kaspersky WebScanner

Note: this has to be done with Internet Explorer as it relies on ActiveX to run

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Edited by Efwis, 17 October 2005 - 05:56 AM.

  • 0

#22
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Here is the result of the Kaspersky scan:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, October 17, 2005 16:46:16
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 17/10/2005
Kaspersky Anti-Virus database records: 154649
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 96218
Number of viruses found: 45
Number of infected objects: 175
Number of suspicious objects: 0
Duration of the scan process: 5249 sec

Infected Object Name - Virus Name
C:\eied_s7.cab/eied_s7_c_7.exe Infected: Trojan-Downloader.Win32.Mediket.ag
C:\eied_s7.cab Infected: Trojan-Downloader.Win32.Mediket.ag
C:\Program Files\Norton AntiVirus\Quarantine\02F90172 Infected: not-a-virus:AdWare.Win32.EliteBar.af
C:\Program Files\Norton AntiVirus\Quarantine\0300556B Infected: not-a-virus:AdWare.Win32.EliteBar.z
C:\Program Files\Norton AntiVirus\Quarantine\058C6A32 Infected: Trojan-Downloader.Win32.Qoologic.ae
C:\Program Files\Norton AntiVirus\Quarantine\05F2603A.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\06585641.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\08032057 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\09231076.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\Program Files\Norton AntiVirus\Quarantine\09434049 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\10641245 Infected: not-a-virus:AdWare.Win32.VirtualBouncer.i
C:\Program Files\Norton AntiVirus\Quarantine\111C2631 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\11821C38 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\11E81240 Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\150D07B1 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\169415DF.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\Program Files\Norton AntiVirus\Quarantine\1CAC622F Infected: Trojan-Clicker.Win32.Small.et
C:\Program Files\Norton AntiVirus\Quarantine\1D125837 Infected: not-a-virus:AdWare.Win32.WebSearch.d
C:\Program Files\Norton AntiVirus\Quarantine\22EA034B Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\283D1E2E Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\28A31436 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\28DD66DE Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\29090A3D Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\2A6E7DA4 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\318E4FA0 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\31DA2E5A Infected: not-a-virus:AdWare.Win32.EliteBar.z
C:\Program Files\Norton AntiVirus\Quarantine\320B31A6.exe Infected: Trojan-Downloader.Win32.Small.ajm
C:\Program Files\Norton AntiVirus\Quarantine\32E87062 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\32F92A9F Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\32F92A9F.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\32FD549C Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\33007E98 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33032894 Infected: Trojan-Downloader.Win32.Qoologic.r
C:\Program Files\Norton AntiVirus\Quarantine\33032894.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33075291.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\330A7C8D Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\330D268A Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\330D268A.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33105086 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33147A82 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33147A82.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\3317247F Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\331A4E7B Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\331D7878/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer
C:\Program Files\Norton AntiVirus\Quarantine\331D7878 Infected: not-a-virus:AdWare.Win32.VirtualBouncer
C:\Program Files\Norton AntiVirus\Quarantine\331D7878.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33212274 Infected: Trojan-Downloader.Win32.Agent.ed
C:\Program Files\Norton AntiVirus\Quarantine\33244C70 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\33244C70.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\3327766D Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\332A2069 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\332A2069.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\332E4A66 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\33317462 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33341E5E Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\3338485B Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\333B7257 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\333E1C54 Infected: not-a-virus:AdWare.Win32.BHO.l
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe/data0000.bin Infected: Trojan-Downloader.Win32.Apropo.g
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe/data0002.bin Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\3345704D Infected: Trojan-Clicker.Win32.Delf.r
C:\Program Files\Norton AntiVirus\Quarantine\33481A49.cab/Belt.exe Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\33481A49.cab Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\334B4445 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\334B4445.cab/bi.dll Infected: not-a-virus:AdWare.Win32.BiSpy.o
C:\Program Files\Norton AntiVirus\Quarantine\334B4445.cab Infected: not-a-virus:AdWare.Win32.BiSpy.o
C:\Program Files\Norton AntiVirus\Quarantine\334E6E42 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\3352183E Infected: Trojan-Downloader.Win32.Qoologic.p
C:\Program Files\Norton AntiVirus\Quarantine\3355423B Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33586C37 Infected: not-a-virus:AdWare.Win32.CoolBar.a
C:\Program Files\Norton AntiVirus\Quarantine\335B1633 Infected: not-a-virus:AdWare.Win32.CoolBar.a
C:\Program Files\Norton AntiVirus\Quarantine\335B1633.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\335F4030 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\33626A2C Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\33651429.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33683E25 Infected: Trojan-Clicker.Win32.Small.et
C:\Program Files\Norton AntiVirus\Quarantine\33683E25.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\Program Files\Norton AntiVirus\Quarantine\336C6821.exe Infected: Trojan-Dropper.Win32.Small.wc
C:\Program Files\Norton AntiVirus\Quarantine\336C6821.ocx Infected: Trojan-Downloader.Win32.Agent.ex
C:\Program Files\Norton AntiVirus\Quarantine\339035FA.exe Infected: Trojan-Dropper.Win32.Small.pv
C:\Program Files\Norton AntiVirus\Quarantine\33935FF6.dat Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33935FF6.exe Infected: not-a-virus:AdWare.Win32.BetterInternet
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.cpl Infected: Trojan-Downloader.Win32.Qoologic.ad
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.exe Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A007E8.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A007E8.exe Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A331E4.dll Infected: Trojan-Downloader.Win32.Qoologic.q
C:\Program Files\Norton AntiVirus\Quarantine\34335034 Infected: Trojan-Downloader.Win32.VB.eu
C:\Program Files\Norton AntiVirus\Quarantine\3499463C Infected: Trojan-Downloader.Win32.Qoologic.ae
C:\Program Files\Norton AntiVirus\Quarantine\34FF3C43 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\38A5729A Infected: Trojan-Clicker.Win32.Small.et
C:\Program Files\Norton AntiVirus\Quarantine\3FC30C33 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\3FC30C33.cab/BTGrab.dll Infected: not-a-virus:AdWare.Win32.BiSpy.v
C:\Program Files\Norton AntiVirus\Quarantine\3FC30C33.cab/polall1b.exe Infected: Trojan.Win32.Agent.ay
C:\Program Files\Norton AntiVirus\Quarantine\3FC30C33.cab Infected: Trojan.Win32.Agent.ay
C:\Program Files\Norton AntiVirus\Quarantine\3FCE7398 Infected: Trojan-Downloader.Win32.Qoologic.p
C:\Program Files\Norton AntiVirus\Quarantine\402A023A Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\40907842 Infected: Trojan-Downloader.Win32.Qoologic.r
C:\Program Files\Norton AntiVirus\Quarantine\4B395983 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\4B544831.cab/WToolsB.dll Infected: not-a-virus:AdWare.Win32.Wintol.y
C:\Program Files\Norton AntiVirus\Quarantine\4B544831.cab Infected: not-a-virus:AdWare.Win32.Wintol.y
C:\Program Files\Norton AntiVirus\Quarantine\4B983AFF.cab/BTGrab.dll Infected: not-a-virus:AdWare.Win32.BiSpy.t
C:\Program Files\Norton AntiVirus\Quarantine\4B983AFF.cab/polall1b.exe Infected: Trojan-Dropper.Win32.Small.pv
C:\Program Files\Norton AntiVirus\Quarantine\4B983AFF.cab Infected: Trojan-Dropper.Win32.Small.pv
C:\Program Files\Norton AntiVirus\Quarantine\4BBA3E39 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\4C203440/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\4C203440 Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\4E0F178F Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\552F698B Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\56E40430 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\574A7A38 Infected: Trojan-Downloader.Win32.VB.eu
C:\Program Files\Norton AntiVirus\Quarantine\59D85EF7 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\5D1F504C Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\5D42013C.exe Infected: Trojan-Downloader.Win32.Mediket.ag
C:\Program Files\Norton AntiVirus\Quarantine\5E825462.exe Infected: not-a-virus:AdWare.Win32.BetterInternet.l
C:\Program Files\Norton AntiVirus\Quarantine\63412C3E Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\68A57E6B.cab/polmx2.exe Infected: Trojan-Downloader.Win32.Agent.ae
C:\Program Files\Norton AntiVirus\Quarantine\68A57E6B.cab Infected: Trojan-Downloader.Win32.Agent.ae
C:\Program Files\Norton AntiVirus\Quarantine\69F634FE Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\6A5C1ED2 Infected: Trojan.Win32.Agent.cp
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe/data0000.bin Infected: Trojan-Downloader.Win32.Apropo.g
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe/data0002.bin Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\6ED1683C Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\73E24A56 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\7995382C.exe Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\79FB2E33.cab/Belt.exe Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\79FB2E33.cab Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\7A61243B Infected: Trojan-Clicker.Win32.Small.ez
C:\Program Files\Norton AntiVirus\Quarantine\7A61243B.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7AC71A43 Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7B031C52 Infected: not-a-virus:AdWare.Win32.VirtualBouncer.i
C:\Program Files\Norton AntiVirus\Quarantine\7EBF5F3D.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7EC2093A.dat Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7EC2093A.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\Program Files\Norton AntiVirus\Quarantine\7F604167.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP726\A0200798.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP726\A0200810.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP727\A0200846.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP728\A0200878.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP729\A0200928.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP731\A0200959.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP734\A0201012.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP736\A0201038.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP738\A0201088.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP740\A0201132.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP740\A0201166.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP748\A0201413.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP748\A0201525.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202028.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202070.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202091.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202109.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202127.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0202145.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0203143.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP776\A0203170.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205568.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205603.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205784.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205789.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205790.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205791.exe Infected: Trojan-Downloader.Win32.Small.ajm
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205792.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205859.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205860.exe Infected: Trojan-Downloader.Win32.Small.ajm
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0205894.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0206440.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0206569.ocx Infected: not-a-virus:AdWare.Win32.Coupons
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0206572.dll Infected: Trojan-Clicker.Win32.Agent.ac
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0206573.dll Infected: Trojan-Downloader.Win32.Qoologic.af
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP799\A0206574.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\WINDOWS\SYSTEM32\tcos8bu0.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao

Scan process completed.

I just realized that I ran this scan under my sign on and not my daughter's. I will run another scan under her sign on as soon as I can and post that on also.

Edited by mccartj4, 18 October 2005 - 06:42 PM.

  • 0

#23
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
This is the scan report done under my daughter's sign on in case that makes a difference:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, October 19, 2005 06:26:38
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 19/10/2005
Kaspersky Anti-Virus database records: 154897
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 70368
Number of viruses found: 34
Number of infected objects: 86
Number of suspicious objects: 0
Duration of the scan process: 3695 sec

Infected Object Name - Virus Name
C:\eied_s7.cab/eied_s7_c_7.exe Infected: Trojan-Downloader.Win32.Mediket.ag
C:\eied_s7.cab Infected: Trojan-Downloader.Win32.Mediket.ag
C:\Program Files\Norton AntiVirus\Quarantine\02F90172 Infected: not-a-virus:AdWare.Win32.EliteBar.af
C:\Program Files\Norton AntiVirus\Quarantine\0300556B Infected: not-a-virus:AdWare.Win32.EliteBar.z
C:\Program Files\Norton AntiVirus\Quarantine\058C6A32 Infected: Trojan-Downloader.Win32.Qoologic.ae
C:\Program Files\Norton AntiVirus\Quarantine\05F2603A.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\06585641.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\09434049 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\10641245 Infected: not-a-virus:AdWare.Win32.VirtualBouncer.i
C:\Program Files\Norton AntiVirus\Quarantine\11821C38 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\169415DF.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\Program Files\Norton AntiVirus\Quarantine\1D125837 Infected: not-a-virus:AdWare.Win32.WebSearch.d
C:\Program Files\Norton AntiVirus\Quarantine\28A31436 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\28DD66DE Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\318E4FA0 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\31DA2E5A Infected: not-a-virus:AdWare.Win32.EliteBar.z
C:\Program Files\Norton AntiVirus\Quarantine\320B31A6.exe Infected: Trojan-Downloader.Win32.Small.ajm
C:\Program Files\Norton AntiVirus\Quarantine\32E87062 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\32F92A9F.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\32FD549C Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\33032894.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33075291.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\330D268A Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\330D268A.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33147A82.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\3317247F Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\331A4E7B Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\331D7878/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer
C:\Program Files\Norton AntiVirus\Quarantine\331D7878 Infected: not-a-virus:AdWare.Win32.VirtualBouncer
C:\Program Files\Norton AntiVirus\Quarantine\331D7878.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33212274 Infected: Trojan-Downloader.Win32.Agent.ed
C:\Program Files\Norton AntiVirus\Quarantine\33244C70 Infected: Trojan-Downloader.Win32.Qoologic.o
C:\Program Files\Norton AntiVirus\Quarantine\33244C70.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\3327766D Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\332A2069.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\333E1C54 Infected: not-a-virus:AdWare.Win32.BHO.l
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe/data0000.bin Infected: Trojan-Downloader.Win32.Apropo.g
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe/data0002.bin Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\33414650.exe Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\3345704D Infected: Trojan-Clicker.Win32.Delf.r
C:\Program Files\Norton AntiVirus\Quarantine\334B4445 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\334E6E42 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\335B1633 Infected: not-a-virus:AdWare.Win32.CoolBar.a
C:\Program Files\Norton AntiVirus\Quarantine\335B1633.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33651429.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33683E25 Infected: Trojan-Clicker.Win32.Small.et
C:\Program Files\Norton AntiVirus\Quarantine\33683E25.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\Program Files\Norton AntiVirus\Quarantine\336C6821.exe Infected: Trojan-Dropper.Win32.Small.wc
C:\Program Files\Norton AntiVirus\Quarantine\336C6821.ocx Infected: Trojan-Downloader.Win32.Agent.ex
C:\Program Files\Norton AntiVirus\Quarantine\33935FF6.dat Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\33935FF6.exe Infected: not-a-virus:AdWare.Win32.BetterInternet
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.cpl Infected: Trojan-Downloader.Win32.Qoologic.ad
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\339D5DEB.exe Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A007E8.exe/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A007E8.exe Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\33A331E4.dll Infected: Trojan-Downloader.Win32.Qoologic.q
C:\Program Files\Norton AntiVirus\Quarantine\3499463C Infected: Trojan-Downloader.Win32.Qoologic.ae
C:\Program Files\Norton AntiVirus\Quarantine\38A5729A Infected: Trojan-Clicker.Win32.Small.et
C:\Program Files\Norton AntiVirus\Quarantine\3FCE7398 Infected: Trojan-Downloader.Win32.Qoologic.p
C:\Program Files\Norton AntiVirus\Quarantine\402A023A Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\40907842 Infected: Trojan-Downloader.Win32.Qoologic.r
C:\Program Files\Norton AntiVirus\Quarantine\4C203440/WISE0001.BIN Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\4C203440 Infected: not-a-virus:AdWare.Win32.VirtualBouncer.j
C:\Program Files\Norton AntiVirus\Quarantine\4E0F178F Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\56E40430 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\574A7A38 Infected: Trojan-Downloader.Win32.VB.eu
C:\Program Files\Norton AntiVirus\Quarantine\59D85EF7 Infected: Trojan-Downloader.Win32.Qoologic.l
C:\Program Files\Norton AntiVirus\Quarantine\5D1F504C Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\5D42013C.exe Infected: Trojan-Downloader.Win32.Mediket.ag
C:\Program Files\Norton AntiVirus\Quarantine\5E825462.exe Infected: not-a-virus:AdWare.Win32.BetterInternet.l
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe/data0000.bin Infected: Trojan-Downloader.Win32.Apropo.g
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe/data0002.bin Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\6E6B7235.exe Infected: Trojan-Downloader.Win32.Apropo.u
C:\Program Files\Norton AntiVirus\Quarantine\73E24A56 Infected: Trojan.Win32.Agent.db
C:\Program Files\Norton AntiVirus\Quarantine\7995382C.exe Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\79FB2E33.cab/Belt.exe Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\79FB2E33.cab Infected: Trojan-Downloader.Win32.Stubby.a
C:\Program Files\Norton AntiVirus\Quarantine\7A61243B Infected: Trojan-Clicker.Win32.Small.ez
C:\Program Files\Norton AntiVirus\Quarantine\7A61243B.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7AC71A43 Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7EBF5F3D.asq Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7EC2093A.dat Infected: Trojan.Win32.Pakes
C:\Program Files\Norton AntiVirus\Quarantine\7EC2093A.dll Infected: Trojan-Downloader.Win32.Qoologic.ak
C:\Program Files\Norton AntiVirus\Quarantine\7F604167.exe Infected: Trojan-Downloader.Win32.Agent.oa
C:\WINDOWS\SYSTEM32\tcos8bu0.ini Infected: not-a-virus:AdWare.Win32.Sahat.ao

Scan process completed.
  • 0

#24
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
hi,
got a few things to do here under both screen names.

first,
please make sure you can see hidden files/folders to do this open my computer and choose tools at the top. Next click on folder options and then click on the view tab.Scroll down and find Hidden files and folders, click Show hidden files and folders.

find these files and delete them:

C:\eied_s7.cab
C:\WINDOWS\SYSTEM32\tcos8bu0.ini


2nd,
Empty the quarantine file for Norton. directions here

Before you begin: You must be in the Finder. Click the desktop or the Finder icon in the Dock to be in the Finder.

To delete the QuarantineFile.qtn file1. On the Go menu, click Computer.
2. Double-click your hard disk.
3. Double-click Library.
4. Double-click Application Support.
5. Double-click Norton Solutions Support.
6. Double-click Norton AntiVirus.
7. Delete the QuarantineFile.qtn file.
8. Type your administrator password, then click OK.
9. Open Norton AntiVirus.
10. Click Quarantine.
There should not be any files left in Quarantine.
and the last step. resetting your restore points.

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb;en-us;310405

then let us know if the huntbar is still trying to install.
  • 0

#25
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
"Before you begin: You must be in the Finder. Click the desktop or the Finder icon in the Dock to be in the Finder"

I'm sorry, I deleted the two files that you indicated, but I don't know what "the Finder" is. I don't believe I have a Finder icon, and I don't know what the Dock is. What is the Go menu, is that the Start button? Because I am not familiar with any of these terms, I don't know how to follow the rest of your instructions. Please help.
  • 0

Advertisements


#26
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
i'll have to do a little research, these instructions are from the symantec website. I will respond back shortly
  • 0

#27
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
sorry for the delayed response,
What version of Norton are you using??
  • 0

#28
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
It is Norton AntiVirus 2005 version 11.0.11.4. It is a free subscription that I downloaded.
  • 0

#29
Dragon

Dragon

    All Around Computer Nut

  • Retired Staff
  • 2,678 posts
To remove Norton AntiVirus 2005 files from quarantine1. Start Norton AntiVirus.
If Norton AntiVirus is installed as part of Norton SystemWorks or Norton Internet Security, then start that program and click Norton AntiVirus.
2. In the left pane, click Reports.
3. Click View Quarantined Items.
4. In the right pane, select the files that you want to remove.
To select multiple items, press and hold down the Ctrl key while clicking the items that you want to select for deletion. To select everything in Quarantine, click the first item in the list, and then press Shift+End.
5. Click Delete Item.
6. When prompted "Warning! Are you sure that you want to remove this item from Quarantine," click Yes.
7. Close the Quarantine window, and then exit Norton AntiVirus.

Edited by Efwis, 20 October 2005 - 01:54 PM.

  • 0

#30
mccartj4

mccartj4

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Success! This finally seems to have solved the last of all known problems. Thank you very much.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP