- Main Page
- News Editions

PC Review

Forums

Symantec provided by Yahoo

Reply

Symantec provided by Yahoo

Rate Thread

20-03-2007, 07:46 PM	#1
a_monk Guest Posts: n/a	Symantec provided by Yahoo A friend used the "Symantec provided by Yahoo" scanned her laptop which reported that her computer is infected with at least one known virus or Trojan horse. These two virus/trojans were: D:\RECYCLER\S-1-521...\Dd209\NetCat\nc.exe is infected with NetCat. C:\WINDOWS\Downloaded Program Files\pinstall.dll is infected with Adware.Look2Me. We looked at the D:\ drive and could not find the "RECYCLER" folder. (We have enabled to show hidden files and folders.) Is this a false positive? We also checked the C:\WINDOWS to find the pinstall.dll infected by Adware.Look2Me, but to no avail. Again, it is a false positive too. Any comments/suggestions are appreciated. Thanks, A Monk

20-03-2007, 08:56 PM	#2
David H. Lipman Guest Posts: n/a	Re: Symantec provided by Yahoo From: "a_monk" <dfox138@hotmail.com> \| A friend used the "Symantec provided by Yahoo" scanned her laptop \| which reported that her computer is infected with at least one known \| virus or Trojan horse. \| \| These two virus/trojans were: \| D:\RECYCLER\S-1-521...\Dd209\NetCat\nc.exe is infected with NetCat. \| C:\WINDOWS\Downloaded Program Files\pinstall.dll is infected with \| Adware.Look2Me. \| \| We looked at the D:\ drive and could not find the "RECYCLER" folder. \| (We have enabled to show hidden files and folders.) Is this a false \| positive? \| \| We also checked the C:\WINDOWS to find the pinstall.dll infected by \| Adware.Look2Me, but to no avail. Again, it is a false positive too. \| \| Any comments/suggestions are appreciated. \| \| Thanks, \| \| A Monk D:\RECYCLER\. represents the Recycle Bin and is a Hidden & System folder. If a file was found in this folder, the infected was deleted but not yet purged. Look2Me is NOT easy to remove. Here are sevweral approaches. Ad-aware SE v1.06 http://www.lavasoftusa.com/ http://download.lavasoft.com/utils/Look2Me_Remover.exe F-Secure Look2Me Removal Tool: http://www.f-secure.com/tools/f-look2me.zip VX2/Look2Me Fix: http://www.downloads.subratam.org/VX2Finder.exe Merijin's Kill2me 1.11 http://www.softpedia.com/progDownlo...load-10653.html Look2Me Remover 1.1.0 http://www.simplytech.it/L2MRemover/L2MRemover.zip -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm

21-03-2007, 12:44 AM	#3
a_monk Guest Posts: n/a	Re: Symantec provided by Yahoo On Mar 20, 4:56 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net> wrote: > From: "a_monk" <dfox...@hotmail.com> > > \| A friend used the "Symantec provided by Yahoo" scanned her laptop > \| which reported that her computer is infected with at least one known > \| virus or Trojan horse. > \| > \| These two virus/trojans were: > \| D:\RECYCLER\S-1-521...\Dd209\NetCat\nc.exe is infected with NetCat. > \| C:\WINDOWS\Downloaded Program Files\pinstall.dll is infected with > \| Adware.Look2Me. > \| > \| We looked at the D:\ drive and could not find the "RECYCLER" folder. > \| (We have enabled to show hidden files and folders.) Is this a false > \| positive? > \| > \| We also checked the C:\WINDOWS to find the pinstall.dll infected by > \| Adware.Look2Me, but to no avail. Again, it is a false positive too. > \| > \| Any comments/suggestions are appreciated. > \| > \| Thanks, > \| > \| A Monk > > D:\RECYCLER\. represents the Recycle Bin and is a Hidden & System folder. > If a file was found in this folder, the infected was deleted but not yet purged. > > Look2Me is NOT easy to remove. Here are sevweral approaches. > > Ad-aware SE v1.06http://www.lavasoftusa.com/http://download.lavasoft.com/utils/Look2Me_Remover.exe > > F-Secure Look2Me Removal Tool:http://www.f-secure.com/tools/f-look2me.zip > > VX2/Look2Me Fix:http://www.downloads.subratam.org/VX2Finder.exe > > Merijin's Kill2me 1.11http://www.softpedia.com/progDownload/Killme-Download-10653.html > > Look2Me Remover 1.1.0http://www.simplytech.it/L2MRemover/L2MRemover.zip > > -- > Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm Many thanks, Dave!

21-03-2007, 12:49 AM	#4
a_monk Guest Posts: n/a	Re: Symantec provided by Yahoo On Mar 20, 4:56 pm, "David H. Lipman" <DLipman~nosp...@Verizon.Net> wrote: > From: "a_monk" <dfox...@hotmail.com> > > \| A friend used the "Symantec provided by Yahoo" scanned her laptop > \| which reported that her computer is infected with at least one known > \| virus or Trojan horse. > \| > \| These two virus/trojans were: > \| D:\RECYCLER\S-1-521...\Dd209\NetCat\nc.exe is infected with NetCat. > \| C:\WINDOWS\Downloaded Program Files\pinstall.dll is infected with > \| Adware.Look2Me. > \| > \| We looked at the D:\ drive and could not find the "RECYCLER" folder. > \| (We have enabled to show hidden files and folders.) Is this a false > \| positive? > \| > \| We also checked the C:\WINDOWS to find the pinstall.dll infected by > \| Adware.Look2Me, but to no avail. Again, it is a false positive too. > \| > \| Any comments/suggestions are appreciated. > \| > \| Thanks, > \| > \| A Monk > > D:\RECYCLER\. represents the Recycle Bin and is a Hidden & System folder. > If a file was found in this folder, the infected was deleted but not yet purged. > > Look2Me is NOT easy to remove. Here are sevweral approaches. > > Ad-aware SE v1.06http://www.lavasoftusa.com/http://download.lavasoft.com/utils/Look2Me_Remover.exe > > F-Secure Look2Me Removal Tool:http://www.f-secure.com/tools/f-look2me.zip > > VX2/Look2Me Fix:http://www.downloads.subratam.org/VX2Finder.exe > > Merijin's Kill2me 1.11http://www.softpedia.com/progDownload/Killme-Download-10653.html > > Look2Me Remover 1.1.0http://www.simplytech.it/L2MRemover/L2MRemover.zip > > -- > Davehttp://www.claymania.com/removal-trojan-adware.htmlhttp://www.ik-cs.com/got-a-virus.htm Hi Dave; The property of the "pinstall.dll" shows the file was used by "Picasa", a Google Photo Organizer. Any idea that Look2Me is tied to it? Many thanks again! A Monk

21-03-2007, 01:00 AM	#5
David H. Lipman Guest Posts: n/a	Re: Symantec provided by Yahoo From: "a_monk" <dfox138@hotmail.com> \| \| Hi Dave; \| \| The property of the "pinstall.dll" shows the file was used by \| "Picasa", a Google Photo Organizer. Any idea that Look2Me is tied to \| it? \| \| Many thanks again! \| \| A Monk No but it may be a False Positive. Let's find out... Please submit a sample of "pinstall.dll" to Virus Total -- http://www.virustotal.com/flash/index_en.html The submission will then be tested against many different AV vendor's scanners. That will give you an idea what it is and who recognizes it. In addition, unless told otherwise, Virus Total will provide the sample to all participating vendors. You can also submit a suspect, one at a time, via the following email URL... mailto:scan@virustotal.com?subject=SCAN When you get the report, please post back the exact results. -- Dave http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm

Reply

Thread Tools
Show Printable Version Email this Page
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

Please enter the search terms in the box below to search the entire site.