Jump to content

Successful Malware Scan. Why did items get past my Antivirus Software?


Recommended Posts

I think my PC became infected after clicking on a mail item on Facebook. Fortunately Malwarebytes has eliminated the threats. I was just wondering why Norton 360 let so many threats through. Anyone got any ideas.

The scan log is below:

Malwarebytes' Anti-Malware 1.31

Database version: 1467

Windows 5.1.2600 Service Pack 3

06/12/2008 18:25:44

mbam-log-2008-12-06 (18-25-44).txt

Scan type: Quick Scan

Objects scanned: 55984

Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 0

Registry Keys Infected: 32

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 48

Files Infected: 102

Memory Processes Infected:

C:\Program Files\tinyproxy\tinyproxy.exe (Trojan.Proxy) -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\logical disk manager (dmserver) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\logical disk manager (dmserver) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\logical disk manager (dmserver) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\starware353 (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\starware353 (Adware.Starware) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysftray2 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\TinyProxy (Trojan.Proxy) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Layouts (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\images (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353 (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Weather (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Manager (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RecipeSearch_Foreign (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\contexts (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Recipes_Foreign (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Reference (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353 (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Configurator (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\images (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\images (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\icons (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353 (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\bin (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\101x135 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:

C:\Program Files\TinyProxy\tinyproxy.exe (Trojan.Proxy) -> Quarantined and deleted successfully.

C:\WINDOWS\bolivar28.exe (Trojan.Agent) -> Delete on reboot.

C:\WINDOWS\fmark2.dat (Malware.Trace) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\MoviesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Layouts\WeatherLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Weather\AlertArchive.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\Starware353Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\MoviesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\Highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\recipes.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\recipes.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\recipes_foreign_feed.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\recipes_foreign_feed.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\contexts\related.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\clear.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\cloudy.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\nclear.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\ncloudy.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\nmcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\npcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\nrain.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\pcloud.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\rain.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Recipes_Foreign\Recipes_ForeignOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Recipes_Foreign\Recipes_ForeignOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\GamesOptions.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\GamesOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Layouts\WeatherLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\brand.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\Starware353\Starware353Config.xml (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\Freyda\Application Data\Starware353\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.

D:\Documents and Settings\All Users\Application Data\Starware353\buttons\HighlightHot.bmp (Adware.Starware) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\wrkparam.lst (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\012AC951.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_bfeats.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\0013787F.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\00145468.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\00145EC8.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\003CD83B.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Link to post
Share on other sites

N360? What version, v1 or v2?

Honestly, it doesn't matter; it is next to impossible for well known malware, such as MyWebProducts, to slip past any AV unless you

A) turned it off

:) never ran a full system scan

C) add all your files to exclusions

Even if you disable LiveUpdate, Norton should at least be able to use its heuristic analysis technology, or Bloodhound, or use its signatures. MyWeb dates back a long time. It should be included in most signature sets within the past ... couple years.

And you may want to copy/paste your message and post it at the Norton forums. A employee may be able to assist you better in answering your questions or help in removal.

http://community.norton.com/norton/board?board.id=Norton_360

Link to post
Share on other sites

It could also have to do with the fact that many anti virus companies don't consider adware to be malicious and refuse to detect/remove it. In fact, that's the main reason anti-spyware programs were originally created.

Good point. Big companies often get sued for blocking adware/spyware. Kaspersky blocked Zango from installing, and they faced a showdown in court.

Small companies, on the other hand, like this one, go below the radar.

I found Adware.Starware on Symantec's site:

http://www.symantec.com/security_response/...-050313-4341-99

The initial defs were released 2005, well before N360 v1 was released in 2007

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.