Jump to content

What do I do with 'infected objects'


joe47

Recommended Posts

Just completed a full scan and the results show 1 cleaned and 54 infected objects. Where are 'infected objects' or are theycleared during the scan?

 

Screenshot attached.

Link to comment
Share on other sites

  • Administrators

Unfortunately, no screen shot was enclosed. I assume it was an archive with more malicious files inside that was detected and cleaned, or some malicious files might have been running and cleaning would be completed after the next restart.

Link to comment
Share on other sites

You could navigate to the quarantine in the GUI to see how many items you have inside. It's safe to leave whatever is inside as they can't escape.

 

Tools -> Quarantine

Link to comment
Share on other sites

@Marcos

 

Can't understand why the screenshot attachment didn't appear but the following were on the scan results ppage:

 

Scan completed successfully

Scan completed in 7 hours 34 minutes

Number of scanned objects 280612

Number of infected objects 54

Number of cleaned objects 1

 

Are you saying to me that the 54 infected objects are automatically cleared after I restart my computer after a scan has been completed?

Link to comment
Share on other sites

@SweX

 

I checked tools>quarantine and there are items there from September 2010 including the one item which was cleaned on this scan, which is the subject of this post. I have never deleted any of the files in quarantine and I don't know thje total number of items there are

Link to comment
Share on other sites

  • Administrators

In order to include an image, you must also click Add to Post after uploading the file. Anyways, it'd be best if you saved the entire on-demand scan log and attach it as a text file here so that we can see all information contained.

Link to comment
Share on other sites

@SweX

 

I checked tools>quarantine and there are items there from September 2010 including the one item which was cleaned on this scan, which is the subject of this post. I have never deleted any of the files in quarantine and I don't know thje total number of items there are

Continue on what Marcos suggested and try to get some log or image up here.

 

I see that you only have "number of cleaned objects 1" and that one ended up in the quarantine as you said.

If the results would say "number of cleaned objects 55" then I reckon all of them would end up in the quarantine, but that's not the case here. We need to sort this asap so those 54 objects get's quarantined too.

Link to comment
Share on other sites

  • Administrators

These are just brief summaries of all scans you've run. Please double-click a record where the number of scanned files doesn't match the number of cleaned files and post the log details here.

Link to comment
Share on other sites

I'm sorry if I have done the wrong thing but I don't know hpow to get the log files you refer to a I'm not very experienced in this. The file I sent you was via tools.>computer scan and then the date ofthe scan.

 

I'm not sure where I go to get the log you require.

 

Hope you can help me

Link to comment
Share on other sites

@marcos and @ SweX

 

Hope you haven't abandoned me. I have been checking  in Tools>Computer Scan and they all seem to be summaries. I also checked Detected Threats but those also appear to be summaries.

 

I then went to C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs and there is a folder named eScan which contains 19 dat files and another four dat files on the string C:\ above. I don't know really where else I can look.

 

Still hoping you can help.

 

Thank you

Link to comment
Share on other sites

  • Administrators

Yeah, details from the binary logs in the eScan folder will be displayed after double-clicking a particular on-demand scan log in gui.

Link to comment
Share on other sites

  • 2 weeks later...

I did another scan on 2 April and then looked at Detected Threats and the latest in there is 28 March. Is this the file you want?

 

I have done a screenshot and copy of the latest  entry but can't find how I add these to this post.  I also didn't understand your post re 'scan log in gui'.

post-3250-0-68294600-1396605301_thumb.jpg

Detected Threats.txt

Link to comment
Share on other sites

It will probably be the latter half of the year before I will be able to migrate off XP as it isn't within my budget at present.

 

It looks as if I will migrate to 7 as thgere appears to be a lot of problems with 8.

Link to comment
Share on other sites

  • Administrators

I have done a screenshot and copy of the latest  entry but can't find how I add these to this post.  I also didn't understand your post re 'scan log in gui'.

 

Not exactly but this log showed that all blocked objects were just potentially unwanted applications and not actual threats.

In the drop-down menu, select "Computer scan" instead of "Detected threats". Then double-click the record that belongs to the last on-demand scan to display scan details. Next right-click within the log window, select "Export" and save the log to a text file.

Link to comment
Share on other sites

It looks as if I will migrate to 7 as there appears to be a lot of problems with 8.

You're a smart guy Joe ;) That's what I would do as well. Unless you plan on using the OS on a notebook having a touch display. 

Edited by SweX
Link to comment
Share on other sites

@ marcos

 

Unable to send the txt file as it is 5.23mb.  Any ideas please?

 

Compress it using 7zip, winRAR, or winZIP, etc and upload it to a hosting server with a provided download link.

PM Marcos the download link.

 

Try Mediafire, Sendspace, or i kinda like Firedrive. :)

Link to comment
Share on other sites

  • Administrators

The detections below were logged. All are potentially unwanted applications, ie. the detection is optional and the applications do not pose any threat to users. What's more, there were no errors while cleaning logged which indicates that the scan was not run in cleaning mode, otherwise you would have been prompted for an action at the end of the scan which would also be logged next to each PUA detection by "Action postponed at the end of the scan" or something along this line.

 

 

 

C:\Documents and Settings\UserA\My Documents\Firefox 3.5.7 (en-US) - 2010-01-21.pcv » ZIP » extensions/{5e34052d-4d61-4be4-9b6e-93836198886c}/chrome/ppcbully.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit.A potentially unwanted application
C:\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » BRANDDLLNAME - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Y potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Q potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.O potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.P potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » CT2956691.xpi » ZIP » chrome/serif_photoplus.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ch.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
D:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » stubWrapper.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
D:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » searchresultstb.dll - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
D:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dvdvideosofttoolbarX.dll - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
D:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dtUser.exe - probably a variant of Win32/Toolbar.Visicom.C potentially unwanted application
D:\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » TEMP_DLL_FILE_PATH - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
D:\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
D:\Folders 2014\Imprtant Follow Throughs Including Google Conversions Optimizations etc\Google website 1\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
D:\Folders 2014\Imprtant Follow Throughs Including Google Conversions Optimizations etc\Google website 1\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\iLividSetup-r362-n-bf.exe - a variant of Win32/iLivid.A potentially unwanted application - action selection postponed until scan completion
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » Script.nsi - Win32/DownWare.L potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » offer.exe » NSIS » Script.nsi - Win32/Packed.ScrambleWrapper.I potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » offer.exe » NSIS » WrapperUtils.dll - a variant of Win32/Packed.ScrambleWrapper.F potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » Script.nsi - Win32/DownWare.L potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » offer.exe » NSIS » Script.nsi - Win32/Packed.ScrambleWrapper.I potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » offer.exe » NSIS » WrapperUtils.dll - a variant of Win32/Packed.ScrambleWrapper.F potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Firefox 3.5.7 (en-US) - 2010-01-21.pcv » ZIP » extensions/{5e34052d-4d61-4be4-9b6e-93836198886c}/chrome/ppcbully.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit.A potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » BRANDDLLNAME - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
E:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Y potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Q potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.O potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.P potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » CT2956691.xpi » ZIP » chrome/serif_photoplus.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ch.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » stubWrapper.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » searchresultstb.dll - a variant of Win32/Toolbar.Visicom.A potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dvdvideosofttoolbarX.dll - a variant of Win32/Toolbar.Visicom.B potentially unwanted application
E:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dtUser.exe - probably a variant of Win32/Toolbar.Visicom.C potentially unwanted application
E:\_Genie Timeline\0\D\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » TEMP_DLL_FILE_PATH - a variant of Win32/Toolbar.Conduit.B potentially unwanted application
E:\_Genie Timeline\0\D\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application

Link to comment
Share on other sites

@marcos

 

A bit of an overview of my thread.

 

Does this mean that I now have no infected objects which was the problem I asked about in my original post? As these did not show in the later scan were these cleared when I shut down my computer and reastarted later.

 

What do I actually have to look for if I get infected objects again an a scan. Might some of these get cleared at computer shutdown and then start. Is it possible some would show in quarantine?

 

 

Should scans be run in no cleaning mode so as the scan logs have complete info on the scan if needed for investigation.

 

I have no need to worry about PUAs as shown in Detected threats.

 

I would like to thank you most sincerely for staying with me on this plus all the help you have provided,

Link to comment
Share on other sites

  • Administrators

Definitely you don't have any infection on your computer as potentially unwanted applications (PUA) do not pose any threat. If you want to remove all PUAs detected by ESET, the best course of action would be to uninstall them via the Control panel.

Link to comment
Share on other sites

Definitely you don't have any infection on your computer as potentially unwanted applications (PUA) do not pose any threat. If you want to remove all PUAs detected by ESET, the best course of action would be to uninstall them via the Control panel.

 

I'm not sure what "uninstall them via the Control Panel" Is this the computer Control Panel. If so, I cant find the PUAs. Could I use Cure It tfor this?

 

My computer is definitely playing up at times and is slower than usual.

 

I also looked in Eset Knowledge Base re "uninstallig PUAs" and found the following:

 

What are Potentially Unwanted Applications?

Potentially Unwanted Applications are programs that are not necessarily malicious, but may affect the performance, reliability or behavior of your computer. Such applications usually require consent for installation. Often computers will function differently after Potentially Unwanted Applications have been installed. Typical changes include:

  • New windows with advertisements or warning messages which you have not previously seen appear on your computer.

 

  • New processes are installed and run on your computer—often, they are hidden or masked to prevent casual discovery.

 

  • The computer responds slowly or displays error messages when performing normal operations that previously worked correctly. This change is often due to increased use of system resources by the Potentially Unwanted Application.

 

  • Changes in search results

 

  • You may notice your computer making unusual connections in order to transmit your web-browsing habits or other metadata to remote servers, and to download advertisements and search results based on this information.
NOTE:

Removing Potentially Unwanted Applications may cause other programs that came with them to behave erratically or no longer work.

 

I think I'm still a bit confused re PUAs.

Link to comment
Share on other sites

Yes the PUA's are not malware and they are not malicious or even seen as a threat. But they can bloat down your browser(s) and make your system crawl wich is why they are "unwanted".

 

Yes in the OS control panel -> (then I believe) "add/remove programs" then you should see a list of installed softwares and anything you don't need anymore like software you don't use wich only takes up space, and software you don't recognize you can remove. But don't uninstall anything that you are unsure about, can always ask here before if you want.

 

PUA's usually come with their own uninstaller, and it's best to use them in order to get the PUA off the PC.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...