infisoul
2010-05-27, 19:52
Hello I search this forum for related thread and found: this one http://forums.spybot.info/showthread.php?t=39875
but my case has completely different scenario:
Before the log let me just say a few words.
How I learned that i have something is that my websites got hacked and hosting company and google webmaster tools team both suggested that my ftp login info was hijacked and used- and i only use it from my laptop via cuteFTP.
So I ran full Norton scan and it found the following adware and 3 cookies.
(i ran it with internet unplugged) and after the removal and restart the same adware and cookies appeared again in norton scan).
I also ran Spybot in advanced mode and it didn't find a single thing.
Please if someone can provide me with step by step instructions on how to get writ it I would highly appreciate it.
Here is my Norton 360 log:
Resolved Threats:
Adware.Hotbar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Restart Required
-----------
13 Registry Entries
HKEY_USERS\S-1-5-19\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-20\Software\sbusa - Restart Required
HKEY_USERS\.DEFAULT\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-19\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-20\Software\ShoppingReport - Restart Required
HKEY_USERS\.DEFAULT\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search->SearchAssistant:http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm - Repaired
2 Tracking Cookies
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Cookie
Status: Fully Resolved
-----------
2 Tracking Cookies
Cookie:administrator@atdmt.com/ - Deleted
- Deleted
-----
thank you
but my case has completely different scenario:
Before the log let me just say a few words.
How I learned that i have something is that my websites got hacked and hosting company and google webmaster tools team both suggested that my ftp login info was hijacked and used- and i only use it from my laptop via cuteFTP.
So I ran full Norton scan and it found the following adware and 3 cookies.
(i ran it with internet unplugged) and after the removal and restart the same adware and cookies appeared again in norton scan).
I also ran Spybot in advanced mode and it didn't find a single thing.
Please if someone can provide me with step by step instructions on how to get writ it I would highly appreciate it.
Here is my Norton 360 log:
Resolved Threats:
Adware.Hotbar
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Medium Performance, Low Privacy)
Categories: Adware
Status: Restart Required
-----------
13 Registry Entries
HKEY_USERS\S-1-5-19\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-20\Software\sbusa - Restart Required
HKEY_USERS\.DEFAULT\Software\sbusa - Restart Required
HKEY_USERS\S-1-5-19\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-20\Software\ShoppingReport - Restart Required
HKEY_USERS\.DEFAULT\Software\ShoppingReport - Restart Required
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\S-1-5-21-507921405-2077806209-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3->1601:1 - Repaired
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search->SearchAssistant:http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm - Repaired
2 Tracking Cookies
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Cookie
Status: Fully Resolved
-----------
2 Tracking Cookies
Cookie:administrator@atdmt.com/ - Deleted
- Deleted
-----
thank you