Help - trying to remove BraveSentry etc

**StckFigure** · 05-15-2007, 05:24 PM

My Windows copy is genuine, although even if it weren't, I can't imagine MS blatantly asking for credit card info like that.... ESPECIALLY it would have no reason to ask for a PIN! I think the strange coincidence with that is what worried me. Here's the CF-quarantined log:

Code:

2004-08-18 11:00      542    --a------    C:\Qoobox\Quarantine\C\WINDOWS\g32.txt.vir
2004-08-18 11:00      87    --a------    C:\Qoobox\Quarantine\C\WINDOWS\s32.txt.vir
2004-08-18 11:00      96    --a------    C:\Qoobox\Quarantine\C\WINDOWS\ws386.ini.vir
2007-05-08 10:53      10129    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\win32.exe.vir
2007-05-08 10:53      14918    --a------    C:\Qoobox\Quarantine\C\WINDOWS\159x.exe.vir
2007-05-08 10:54      1174028    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\Install.dat.vir
2007-05-08 10:54      958    --a------    C:\Qoobox\Quarantine\C\temp\17O7\tmpTF.log.vir
2007-05-08 10:55      112    --a------    C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Documents\Settings\desktop.ini.vir
2007-05-08 11:40      108945    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\sony.exe.exe.vir
2007-05-08 11:41      49041    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\pdp.exe.exe.vir
2007-05-08 11:44      108945    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\sony.exe.vir
2007-05-10 12:10      687592    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\atmtd.dll._.vir
2007-05-10 12:10      687592    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\atmtd.dll.vir
2007-05-10 12:14      61    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\windev-peers.ini.vir
2007-05-10 20:11      14    --a------    C:\Qoobox\Quarantine\C\Documents and Settings\LOCALS~1\APPLIC~1\NetMon\domains.txt.vir
2007-05-10 20:11      992    --a------    C:\Qoobox\Quarantine\C\Documents and Settings\LOCALS~1\APPLIC~1\NetMon\log.txt.vir
2007-05-11 11:18      27089    --a------    C:\Qoobox\Quarantine\C\WINDOWS\9129837.exe.vir
2007-05-11 11:39      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\1314734.exe.vir
2007-05-11 11:59      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\2515765.exe.vir
2007-05-11 12:19      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\3716453.exe.vir
2007-05-11 12:39      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\4917171.exe.vir
2007-05-11 12:59      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\6117859.exe.vir
2007-05-11 13:19      1536    --a------    C:\Qoobox\Quarantine\C\WINDOWS\7318578.exe.vir
2007-05-14 22:15      1196    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_DRIVER.reg.cf
2007-05-14 22:15      1202    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_NEW_DRV.reg.cf
2007-05-14 22:15      2360    --a------    C:\Qoobox\Quarantine\Registry_backups\services_new_drv.reg.cf
2007-05-14 22:15      270    --a------    C:\Qoobox\Quarantine\Registry_backups\services_RpcApi.reg.cf
2007-05-14 22:15      2822    --a------    C:\Qoobox\Quarantine\Registry_backups\services_Network Monitor.reg.cf
2007-05-14 22:15      680    --a------    C:\Qoobox\Quarantine\Registry_backups\services_Driver.reg.cf
2007-05-14 22:15      832    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_CMDSERVICE.reg.cf
2007-05-14 22:15      836    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_CORE.reg.cf
2007-05-14 22:15      846    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_ASPI113210.reg.cf
2007-05-14 22:15      862    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_NETWORK_MONITOR.reg.cf
2007-05-14 22:15      868    --a------    C:\Qoobox\Quarantine\Registry_backups\LEGACY_WINCOM32.reg.cf


Folder PATH listing
Volume serial number is 10D3-D6EE
C:\QOOBOX
\---Quarantine
    +---C
    |   +---Documents and Settings
    |   |   +---All Users
    |   |   |   \---Documents
    |   |   |       \---Settings
    |   |   |               desktop.ini.vir
    |   |   |               
    |   |   \---LOCALS~1
    |   |       \---APPLIC~1
    |   |           \---NetMon
    |   |                   domains.txt.vir
    |   |                   log.txt.vir
    |   |                   
    |   +---temp
    |   |   \---17O7
    |   |           tmpTF.log.vir
    |   |           
    |   \---WINDOWS
    |       |   1314734.exe.vir
    |       |   159x.exe.vir
    |       |   2515765.exe.vir
    |       |   3716453.exe.vir
    |       |   4917171.exe.vir
    |       |   6117859.exe.vir
    |       |   7318578.exe.vir
    |       |   9129837.exe.vir
    |       |   g32.txt.vir
    |       |   s32.txt.vir
    |       |   ws386.ini.vir
    |       |   
    |       \---system32
    |           |   atmtd.dll.vir
    |           |   atmtd.dll._.vir
    |           |   pdp.exe.exe.vir
    |           |   sony.exe.exe.vir
    |           |   sony.exe.vir
    |           |   win32.exe.vir
    |           |   windev-peers.ini.vir
    |           |   
    |           \---config
    |               \---SYSTEM~1
    |                   \---APPLIC~1
    |                           Install.dat.vir
    |                           
    \---Registry_backups
            LEGACY_ASPI113210.reg.cf
            LEGACY_CMDSERVICE.reg.cf
            LEGACY_CORE.reg.cf
            LEGACY_DRIVER.reg.cf
            LEGACY_NETWORK_MONITOR.reg.cf
            LEGACY_NEW_DRV.reg.cf
            LEGACY_WINCOM32.reg.cf
            services_Driver.reg.cf
            services_Network Monitor.reg.cf
            services_new_drv.reg.cf
            services_RpcApi.reg.cf

check out all those .vir extensions! :-X

Thread: Help - trying to remove BraveSentry etc

Thread Tools

Display

Threaded View

Thread Information

Users Browsing this Thread

Posting Permissions