joe47 0 Posted March 19, 2014 Share Posted March 19, 2014 Just completed a full scan and the results show 1 cleaned and 54 infected objects. Where are 'infected objects' or are theycleared during the scan? Screenshot attached. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted March 19, 2014 Administrators Share Posted March 19, 2014 Unfortunately, no screen shot was enclosed. I assume it was an archive with more malicious files inside that was detected and cleaned, or some malicious files might have been running and cleaning would be completed after the next restart. Link to comment Share on other sites More sharing options...
SweX 871 Posted March 19, 2014 Share Posted March 19, 2014 You could navigate to the quarantine in the GUI to see how many items you have inside. It's safe to leave whatever is inside as they can't escape. Tools -> Quarantine Link to comment Share on other sites More sharing options...
joe47 0 Posted March 20, 2014 Author Share Posted March 20, 2014 @Marcos Can't understand why the screenshot attachment didn't appear but the following were on the scan results ppage: Scan completed successfully Scan completed in 7 hours 34 minutes Number of scanned objects 280612 Number of infected objects 54 Number of cleaned objects 1 Are you saying to me that the 54 infected objects are automatically cleared after I restart my computer after a scan has been completed? Link to comment Share on other sites More sharing options...
joe47 0 Posted March 20, 2014 Author Share Posted March 20, 2014 @SweX I checked tools>quarantine and there are items there from September 2010 including the one item which was cleaned on this scan, which is the subject of this post. I have never deleted any of the files in quarantine and I don't know thje total number of items there are Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted March 20, 2014 Administrators Share Posted March 20, 2014 In order to include an image, you must also click Add to Post after uploading the file. Anyways, it'd be best if you saved the entire on-demand scan log and attach it as a text file here so that we can see all information contained. Link to comment Share on other sites More sharing options...
SweX 871 Posted March 20, 2014 Share Posted March 20, 2014 @SweX I checked tools>quarantine and there are items there from September 2010 including the one item which was cleaned on this scan, which is the subject of this post. I have never deleted any of the files in quarantine and I don't know thje total number of items there are Continue on what Marcos suggested and try to get some log or image up here. I see that you only have "number of cleaned objects 1" and that one ended up in the quarantine as you said. If the results would say "number of cleaned objects 55" then I reckon all of them would end up in the quarantine, but that's not the case here. We need to sort this asap so those 54 objects get's quarantined too. Link to comment Share on other sites More sharing options...
joe47 0 Posted March 21, 2014 Author Share Posted March 21, 2014 Log file attached Computer Scan.txt Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted March 21, 2014 Administrators Share Posted March 21, 2014 These are just brief summaries of all scans you've run. Please double-click a record where the number of scanned files doesn't match the number of cleaned files and post the log details here. Link to comment Share on other sites More sharing options...
joe47 0 Posted March 21, 2014 Author Share Posted March 21, 2014 I'm sorry if I have done the wrong thing but I don't know hpow to get the log files you refer to a I'm not very experienced in this. The file I sent you was via tools.>computer scan and then the date ofthe scan. I'm not sure where I go to get the log you require. Hope you can help me Link to comment Share on other sites More sharing options...
joe47 0 Posted March 25, 2014 Author Share Posted March 25, 2014 @marcos and @ SweX Hope you haven't abandoned me. I have been checking in Tools>Computer Scan and they all seem to be summaries. I also checked Detected Threats but those also appear to be summaries. I then went to C:\Documents and Settings\All Users\Application Data\ESET\ESET NOD32 Antivirus\Logs and there is a folder named eScan which contains 19 dat files and another four dat files on the string C:\ above. I don't know really where else I can look. Still hoping you can help. Thank you Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted March 25, 2014 Administrators Share Posted March 25, 2014 Yeah, details from the binary logs in the eScan folder will be displayed after double-clicking a particular on-demand scan log in gui. Link to comment Share on other sites More sharing options...
joe47 0 Posted April 4, 2014 Author Share Posted April 4, 2014 I did another scan on 2 April and then looked at Detected Threats and the latest in there is 28 March. Is this the file you want? I have done a screenshot and copy of the latest entry but can't find how I add these to this post. I also didn't understand your post re 'scan log in gui'. Detected Threats.txt Link to comment Share on other sites More sharing options...
Arakasi 549 Posted April 4, 2014 Share Posted April 4, 2014 Hi Joe, Sorry for jumping in ! Do you have plans for migrating off XP soon ? Link to comment Share on other sites More sharing options...
joe47 0 Posted April 4, 2014 Author Share Posted April 4, 2014 It will probably be the latter half of the year before I will be able to migrate off XP as it isn't within my budget at present. It looks as if I will migrate to 7 as thgere appears to be a lot of problems with 8. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted April 4, 2014 Administrators Share Posted April 4, 2014 I have done a screenshot and copy of the latest entry but can't find how I add these to this post. I also didn't understand your post re 'scan log in gui'. Not exactly but this log showed that all blocked objects were just potentially unwanted applications and not actual threats. In the drop-down menu, select "Computer scan" instead of "Detected threats". Then double-click the record that belongs to the last on-demand scan to display scan details. Next right-click within the log window, select "Export" and save the log to a text file. Link to comment Share on other sites More sharing options...
SweX 871 Posted April 4, 2014 Share Posted April 4, 2014 (edited) It looks as if I will migrate to 7 as there appears to be a lot of problems with 8. You're a smart guy Joe That's what I would do as well. Unless you plan on using the OS on a notebook having a touch display. Edited April 5, 2014 by SweX Link to comment Share on other sites More sharing options...
joe47 0 Posted April 5, 2014 Author Share Posted April 5, 2014 @ marcos Unable to send the txt file as it is 5.23mb. Any ideas please? Link to comment Share on other sites More sharing options...
Arakasi 549 Posted April 5, 2014 Share Posted April 5, 2014 @ marcos Unable to send the txt file as it is 5.23mb. Any ideas please? Compress it using 7zip, winRAR, or winZIP, etc and upload it to a hosting server with a provided download link. PM Marcos the download link. Try Mediafire, Sendspace, or i kinda like Firedrive. Link to comment Share on other sites More sharing options...
joe47 0 Posted April 5, 2014 Author Share Posted April 5, 2014 I used Sendspace and the download url is hxxp://www.sendspace.com/file/ypb4lw. Many thanks for for your guidance and for teachg me something else today. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted April 6, 2014 Administrators Share Posted April 6, 2014 The detections below were logged. All are potentially unwanted applications, ie. the detection is optional and the applications do not pose any threat to users. What's more, there were no errors while cleaning logged which indicates that the scan was not run in cleaning mode, otherwise you would have been prompted for an action at the end of the scan which would also be logged next to each PUA detection by "Action postponed at the end of the scan" or something along this line. C:\Documents and Settings\UserA\My Documents\Firefox 3.5.7 (en-US) - 2010-01-21.pcv » ZIP » extensions/{5e34052d-4d61-4be4-9b6e-93836198886c}/chrome/ppcbully.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit.A potentially unwanted applicationC:\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » BRANDDLLNAME - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationC:\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Y potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Q potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.O potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.P potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » CT2956691.xpi » ZIP » chrome/serif_photoplus.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ch.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationD:\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » stubWrapper.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationD:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » searchresultstb.dll - a variant of Win32/Toolbar.Visicom.A potentially unwanted applicationD:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dvdvideosofttoolbarX.dll - a variant of Win32/Toolbar.Visicom.B potentially unwanted applicationD:\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dtUser.exe - probably a variant of Win32/Toolbar.Visicom.C potentially unwanted applicationD:\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » TEMP_DLL_FILE_PATH - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationD:\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted applicationD:\Folders 2014\Imprtant Follow Throughs Including Google Conversions Optimizations etc\Google website 1\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationD:\Folders 2014\Imprtant Follow Throughs Including Google Conversions Optimizations etc\Google website 1\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\iLividSetup-r362-n-bf.exe - a variant of Win32/iLivid.A potentially unwanted application - action selection postponed until scan completionE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » Script.nsi - Win32/DownWare.L potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » offer.exe » NSIS » Script.nsi - Win32/Packed.ScrambleWrapper.I potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\SMRecorder_1.3.0.exe.part » NSIS » offer.exe » NSIS » WrapperUtils.dll - a variant of Win32/Packed.ScrambleWrapper.F potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » Script.nsi - Win32/DownWare.L potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » offer.exe » NSIS » Script.nsi - Win32/Packed.ScrambleWrapper.I potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\smrecorder_installer.exe.part » NSIS » offer.exe » NSIS » WrapperUtils.dll - a variant of Win32/Packed.ScrambleWrapper.F potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager.rar » RAR » Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager\tinyoffers.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\Desktop\Tiny Download manager\tinyoffers.exe » NSIS » jbsctrlr.exe » NSIS » Script.nsi - Win32/InstallMonetizer.AG potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Firefox 3.5.7 (en-US) - 2010-01-21.pcv » ZIP » extensions/{5e34052d-4d61-4be4-9b6e-93836198886c}/chrome/ppcbully.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit.A potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » BRANDDLLNAME - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationE:\_Genie Timeline\0\C\Documents and Settings\UserA\My Documents\Downloads\Bronson {2009} DVDRIP. Jaybob\Jaybob's_Movies_Toolbar.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Y potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.Q potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - Win32/Toolbar.Conduit.O potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » TB_IE_EXE_NAME » NSIS » ?? - a variant of Win32/Toolbar.Conduit.P potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ff.exe » NSIS » CT2956691.xpi » ZIP » chrome/serif_photoplus.jar » ZIP » content/ctoolbar.js - Win32/Toolbar.Conduit potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » CT2956691_ch.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\ESDPK-HLX4-PhotoPlusStarterEdition_Setup.exe » WISE » stubWrapper.exe » NSIS » conduitinstaller.exe » NSIS » Script.nsi - Win32/Toolbar.Conduit potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » searchresultstb.dll - a variant of Win32/Toolbar.Visicom.A potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dvdvideosofttoolbarX.dll - a variant of Win32/Toolbar.Visicom.B potentially unwanted applicationE:\_Genie Timeline\0\D\Downloads\FreeStudio.exe » INNO » {cf}\DVDVideoSoft\AskTB\DVDVideoSoftToolbar.exe » NSIS » dtUser.exe - probably a variant of Win32/Toolbar.Visicom.C potentially unwanted applicationE:\_Genie Timeline\0\D\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » TEMP_DLL_FILE_PATH - a variant of Win32/Toolbar.Conduit.B potentially unwanted applicationE:\_Genie Timeline\0\D\Folders 2011\R.E.A,P. Warrior WSO\EZ_IM.exe » WISE » ALERTDLLNAME - Win32/Toolbar.Conduit.Y potentially unwanted application Link to comment Share on other sites More sharing options...
joe47 0 Posted April 7, 2014 Author Share Posted April 7, 2014 @marcos A bit of an overview of my thread. Does this mean that I now have no infected objects which was the problem I asked about in my original post? As these did not show in the later scan were these cleared when I shut down my computer and reastarted later. What do I actually have to look for if I get infected objects again an a scan. Might some of these get cleared at computer shutdown and then start. Is it possible some would show in quarantine? Should scans be run in no cleaning mode so as the scan logs have complete info on the scan if needed for investigation. I have no need to worry about PUAs as shown in Detected threats. I would like to thank you most sincerely for staying with me on this plus all the help you have provided, Link to comment Share on other sites More sharing options...
Administrators Marcos 5,069 Posted April 8, 2014 Administrators Share Posted April 8, 2014 Definitely you don't have any infection on your computer as potentially unwanted applications (PUA) do not pose any threat. If you want to remove all PUAs detected by ESET, the best course of action would be to uninstall them via the Control panel. Link to comment Share on other sites More sharing options...
joe47 0 Posted April 9, 2014 Author Share Posted April 9, 2014 Definitely you don't have any infection on your computer as potentially unwanted applications (PUA) do not pose any threat. If you want to remove all PUAs detected by ESET, the best course of action would be to uninstall them via the Control panel. I'm not sure what "uninstall them via the Control Panel" Is this the computer Control Panel. If so, I cant find the PUAs. Could I use Cure It tfor this? My computer is definitely playing up at times and is slower than usual. I also looked in Eset Knowledge Base re "uninstallig PUAs" and found the following: What are Potentially Unwanted Applications? Potentially Unwanted Applications are programs that are not necessarily malicious, but may affect the performance, reliability or behavior of your computer. Such applications usually require consent for installation. Often computers will function differently after Potentially Unwanted Applications have been installed. Typical changes include: New windows with advertisements or warning messages which you have not previously seen appear on your computer. New processes are installed and run on your computer—often, they are hidden or masked to prevent casual discovery. The computer responds slowly or displays error messages when performing normal operations that previously worked correctly. This change is often due to increased use of system resources by the Potentially Unwanted Application. Changes in search results You may notice your computer making unusual connections in order to transmit your web-browsing habits or other metadata to remote servers, and to download advertisements and search results based on this information. NOTE:Removing Potentially Unwanted Applications may cause other programs that came with them to behave erratically or no longer work. I think I'm still a bit confused re PUAs. Link to comment Share on other sites More sharing options...
SweX 871 Posted April 9, 2014 Share Posted April 9, 2014 Yes the PUA's are not malware and they are not malicious or even seen as a threat. But they can bloat down your browser(s) and make your system crawl wich is why they are "unwanted". Yes in the OS control panel -> (then I believe) "add/remove programs" then you should see a list of installed softwares and anything you don't need anymore like software you don't use wich only takes up space, and software you don't recognize you can remove. But don't uninstall anything that you are unsure about, can always ask here before if you want. PUA's usually come with their own uninstaller, and it's best to use them in order to get the PUA off the PC. Link to comment Share on other sites More sharing options...
Recommended Posts