Computing.Net > Forums > Security and Virus > Viruses I need to delete I think

Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free!

Viruses I need to delete I think

Reply to Message Icon

Original Message
Name: Aaron Douglas (by Led Zeppelin)
Date: February 26, 2006 at 15:17:56 Pacific
Subject: Viruses I need to delete I think
OS: Xp sp2
CPU/Ram: 256
Model/Manufacturer: compaq presario
Comment:

I ran that panda scan and it found some spyware and viruses. Not sure what I should do to delete them. I could use the advice. This is what it detected:

Incident Status Location

Adware:adware/exact.searchbar Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\blank.gif
Adware:adware/gator Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\bundle.inf
Adware:adware/p2pnetworking Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\p2psetup.exe
Adware:adware/exact.bargainbuddy Not disinfected C:\WINDOWS\bargain3.exe
Spyware:spyware/clipgenie Not disinfected C:\WINDOWS\clipg.exe
Adware:adware/ieplugin Not disinfected C:\WINDOWS\kwv2.dat
Adware:adware/ncase Not disinfected C:\WINDOWS\msbbau.dat
Adware:adware/savenow Not disinfected C:\PROGRAM FILES\Save
Potentially unwanted tool:application/myway Not disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MYWAYSEARCHASSISTANT
Spyware:spyware/altnet Not disinfected Windows Registry
Potentially unwanted tool:application/need2find Not disinfected HKEY_CLASSES_ROOT\Interface\{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3}
Adware:adware/looksmart Not disinfected Windows Registry
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Owner\cookies\owner@as-us.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\cookies\owner@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\cookies\owner@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\cookies\owner@doubleclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\cookies\owner@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\cookies\owner@perf.overture[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.ask.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.valueclick.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.ad.yieldmanager.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[.servedby.advertising.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@2o7[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@advertising[1].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@ask[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@atdmt[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@centrport[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@com[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@fastclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@mediaplex[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@realmedia[1].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@rightmedia[1].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@rightmedia[2].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@rightmedia[3].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@valueclick[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@valueclick[2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@valueclick[3].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Owner\Application Data\Earthlink\6.0\douglasfamily4@earthlink.net\Cookies\owner@zedo[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\9ma00f0m.default\cookies.txt[]
Virus:Trj/ClassLoader.U Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-7bcd8284-4e949fbc.zip[BlackBox.class]
Virus:Trj/ClassLoader.V Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-7bcd8284-4e949fbc.zip[VB.class]
Virus:Exploit/ByteVerify Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-7bcd8284-4e949fbc.zip[Dummy.class]
Virus:Trj/Downloader.HAS Not disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive1213.jar-7bcd8284-4e949fbc.zip[Beyond.class]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Owner\Cookies\owner@as-us.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@ad.yieldmanager[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@atdmt[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@com[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\Cookies\owner@realmedia[2].txt
Adware:Adware/P2PNetworking Not disinfected C:\Documents and Settings\Owner\Local Settings\Temp\p2psetup.exe
Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe


Report Offensive Message For Removal


Response Number 1
Name: capt
Date: February 26, 2006 at 15:51:03 Pacific
Reply: (edit)

The cookies are no big deal, but you have downloaded a program that has Gator and this is not good! I would go into add/remove programs and remove My Way Search, Bargain Buddy and Gator. If they are not listed post back. You can safely delete all the tracking cookies.


Report Offensive Follow Up For Removal

Response Number 2
Name: Abnormal
Date: February 26, 2006 at 16:26:30 Pacific
Reply: (edit)

What malware sharing p2p did you download?

N-Case
Removal Instructions and Help


More removal instructions for the others
in above site.


Report Offensive Follow Up For Removal

Response Number 3
Name: Aaron Douglas (by Led Zeppelin)
Date: February 26, 2006 at 16:36:08 Pacific
Reply: (edit)

Ok thanks. Not sure what you mean by "What malware sharing p2p did you download?" though.

Also this computer is shared by my brother too, so I dont know if he downloaded something.


Report Offensive Follow Up For Removal

Response Number 4
Name: Aaron Douglas (by Led Zeppelin)
Date: February 26, 2006 at 16:38:59 Pacific
Reply: (edit)

Forgot to add, My Way Search, Gator, and Bargain Buddy did not appear on Add or Remove Programs.


Report Offensive Follow Up For Removal

Response Number 5
Name: capt
Date: February 26, 2006 at 18:07:25 Pacific
Reply: (edit)

Do you or your brother download music using any peer to peer software like; Shareza, Limewire, Bearshare, IMesh, EDonkey, Morpheus, etc.? These are sources of nasties.


Report Offensive Follow Up For Removal


Response Number 6
Name: Aaron Douglas (by Led Zeppelin)
Date: February 26, 2006 at 18:21:30 Pacific
Reply: (edit)

Limewire, yes. Anyway, since those programs did not appear in add or remove programs, what does that mean?


Report Offensive Follow Up For Removal

Response Number 7
Name: capt
Date: February 26, 2006 at 18:51:32 Pacific
Reply: (edit)

It means that you have probably picked them up when you installed a program that came with them. They are listed as small print items in the license authorization you approved. The problem is deleting them will stop the program from working properly. It may turn out to be a program you like. Web Photo is a program that many people like, but is full of spyware.


Report Offensive Follow Up For Removal

Response Number 8
Name: capt
Date: February 26, 2006 at 19:00:18 Pacific
Reply: (edit)

Here is a site to go to to get rid of My Way Search, which will require you using and posting a hijackthis log;

http://www.pchell.com/support/mywebsearch.shtml

To get rid of Gator, go here;
http://www.pchell.com/support/gator.shtml


Report Offensive Follow Up For Removal

Response Number 9
Name: Dragon306
Date: February 27, 2006 at 17:57:44 Pacific
Reply: (edit)

"Do you or your brother download music using any peer to peer software like; Shareza, Limewire, Bearshare, IMesh, EDonkey, Morpheus, etc.? These are sources of nasties"

Shareaza is perfectly clean if downloaded from it's home page not some 3rd party site; i know this because i use it and have never had a problem...

i would also run a virus scan with an actual AV not just an online scan. AVG is good and free:
http://free.grisoft.com/doc/2/lng/us/tpl/v5

also i would download and install Ad-Aware SE Personal and Spybot-Search and Destroy:
http://www.lavasoftusa.com/software/adaware/
http://www.safer-networking.org/en/download/

make sure you download the latest updates for all of these first!!!

after downloading, installing, updating, running full system scans with Spybot-S&D, Ad-Aware SE, and AVG, removing everything they find *then* i would come back and post HJT log, scan with Panda again, etc. to see if those three could have effectively erradicated the "nasties". i knwo Spybot-S&D is capable of taking out Gator, and i would bet that it plus ad-aware plus AVG all on latest updates you can probably clean your system. chances are likely they will also find things that Panda missed entirely.

Preform regular PC maintenance to keep your PC running like new. For suggestions on free security virus/spyware removal and optimizing utils and software, visit my web site.


Report Offensive Follow Up For Removal

Response Number 10
Name: Aaron Douglas (by Led Zeppelin)
Date: February 27, 2006 at 19:04:34 Pacific
Reply: (edit)

Ok thanks guys. May not have time for all this till the weekend, but saturday or sunday im gonna do all this.

I love this site lol


Why?

Ha ha, I put a question


Report Offensive Follow Up For Removal






Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home








Do you have your own blog?

Yes
No
I did before
I will soon


View Results

Poll Finishes In 4 Days.
Discuss in The Lounge
Poll History




Data Recovery Software