|
Hi Fred,
I have followed your instructions with varying degrees of success:
1) The first issue is that I could not delete file C:\Program Files\Common Files\System\lpt8.exe it returned the message 'Cannot delete lpt8.exe. Cannot find the specified file. Make sure you specify the correct path and file name'
2) I'm not sure what happened as the download seemed to work OK, but when I then came to run 'Cleanup!' it wouldn't run saying that it was the incorrect file size
On reboot back with normal mode the warning message from McAfee about the 'suspect file' what Windows first fires up no longer appears.
However, running AVG was OK but when I ran Panda ActiveScan it triggered the message from McAfee warning that a Trojan had been found.
I have appended the relevant logs.
Nick.
Incident Status Location
Potentially unwanted tool:application/funweb Not disinfected c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf
Potentially unwanted tool:application/regclean32 Not disinfected C:\Documents and Settings\Nick\Application Data\Registry Cleaner
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_current_user\software\MyWebSearch
Adware:adware/emediacodec Not disinfected Windows Registry
Adware:adware/zango Not disinfected Windows Registry
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Charlotte\Application Data\mp3daleweb\uawkmlap.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@atdmt[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@bs.serving-sys[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@casalemedia[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@com[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@fastclick[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@overture[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@serving-sys[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@tribalfusion[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Charlotte\Cookies\charlotte@xiti[1].txt
Spyware:Spyware/Overpro Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\APP162.tmp
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@888[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@adopt.hbmediapro[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@atwola[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@azjmp[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@belnk[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@cassava[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@dist.belnk[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@drivecleaner[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@media.adrevolver[1].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@winfixer[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@www.drivecleaner[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Charlotte\Local Settings\Temp\Cookies\charlotte@xmts[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Chris\Local Settings\Temp\Cookies\chris@atwola[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Chris\Local Settings\Temp\Cookies\chris@go[2].txt
Last edited by tetonbob; 03-03-2007 at 10:37 AM.
|