CWS.QTTasks

When I do a spyware scan with my Cox security suite it says I have a highjacker CWS.QTTasks that it can't remove.

I have read and followed the "read and run me first" and everything came up clean. When I ran bitdefender it said "bitdefender failed to update the virus definitions, although it might be possible to check for viruses the result will probably be inaccurate". After the sccan it said no problems were found. I have the logs from activescan.txt, getrunkey.bat, newfiles.txt and hijackthis. I will send the first 3 mentioned first.

Thanks in advance for your help!

 

Here is the HJT log.....all others were clean so I did not save them.

 

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 8 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Using Add or Remove Programs in the Control Panel; uninstall the following:

Empty the Authentium Quarantine.
Empty thte Recycle Bin.
Run CCleaner.

HijackThis is not installed and named per our tutorial. You have it here: C:\Program Files\analyse.exe\HijackThis.exe. HijackThis needs to be in the following location: C:\Program Files\HJT\analyse.exe.

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Otherwise your system does not appear to be infected.

Please post a log from teh Cox Security Suite. So, I can see what it is finding and where.

 

I updated Java. I'm not sure what you mean by "empty the authentium quarantine" but I had several things in the quarantine on adaware and deleted it all, emptied the recycle bin and ran ccleaner. I think I reinstalled HJT correctly this time, checked the 2 boxes you told me to check and clicked on "fix checked".

This is what I get from the cox security suite when I do a spyware scan:

Type of spyware: Hijacker
Description: http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453077875
Threat: confidentiality, productivity

Spyware Pieces:
Registry: hkey_current_user \software\microsoft\windows\currentversion\run\quicktime task

 

False Positive

This is the Registry Key that Spybot is alerting on:
HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

This is not the CWS.QTTasks hijacker. The file for this threat is located at C:\Windows\qttasks.exe

The file and path listed in your registry is the valid Quicktime Task file from Apple.