Antivirus Live [Solved]

Upon your advice I downloaded Super AntiSypware and am running it it.

I am concerned that you tell me my computer is clean but this program, which you recommended, has already found the following:

Under Registry Items: Trojan Agent/Gen; 68 items
Under File Items: Adware Tracking Cookies; 42 items

If my system is clean, then what are these?

Edited by cphillips, 29 January 2010 - 09:46 AM.

Hello,


Please post the report from SuperAntiSpyware so I can see what it found. Tracking cookies are not something to worry about as they are added anytime you surf the web. As far as the other regisrty entrys it found, they may just be left overs from the infection, and since the files are removed, they would be harmless. But I would like to see it just to make sure.

Here is the requested log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/29/2010 at 11:16 AM

Application Version : 4.33.1000

Core Rules Database Version : 4446
Trace Rules Database Version: 1978

Scan type : Quick Scan
Total Scan Time : 00:37:34

Memory items scanned : 418
Memory threats detected : 0
Registry items scanned : 530
Registry threats detected : 68
File items scanned : 15838
File threats detected : 43

Adware.Tracking Cookie
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\mom@revsci[1].txt
C:\Documents and Settings\Mom\Cookies\mom@findarticles[1].txt
C:\Documents and Settings\Mom\Cookies\mom@pointroll[2].txt
C:\Documents and Settings\Mom\Cookies\mom@realmedia[2].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\mom@tacoda[1].txt
C:\Documents and Settings\Mom\Cookies\mom@tripod[1].txt
C:\Documents and Settings\Mom\Cookies\mom@collective-media[1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][3].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\mom@neuroxmedia[2].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\mom@mediafire[1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\mom@insightexpressai[1].txt
C:\Documents and Settings\Mom\Cookies\mom@2o7[1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\mom@naked[1].txt
C:\Documents and Settings\Mom\Cookies\mom@questionmarket[2].txt
C:\Documents and Settings\Mom\Cookies\mom@interclick[2].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\mom@webmediaspider[1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][1].txt
C:\Documents and Settings\Mom\Cookies\mom@adbrite[1].txt
C:\Documents and Settings\Mom\Cookies\[email protected][2].txt
C:\Documents and Settings\Mom\Cookies\mom@specificclick[2].txt
C:\Documents and Settings\Family\Cookies\[email protected][2].txt
C:\Documents and Settings\Family\Cookies\[email protected][1].txt
C:\Documents and Settings\Family\Cookies\family@atwola[1].txt
C:\Documents and Settings\Family\Cookies\[email protected][2].txt
C:\Documents and Settings\Family\Cookies\family@interclick[1].txt
C:\Documents and Settings\Family\Cookies\family@specificclick[1].txt
C:\Documents and Settings\Family\Cookies\family@tacoda[1].txt

Trojan.Agent/Gen
HKU\.DEFAULT\SOFTWARE\XML
HKU\.DEFAULT\SOFTWARE\XML#dig15
HKU\.DEFAULT\SOFTWARE\XML#dig4
HKU\.DEFAULT\SOFTWARE\XML#dig5
HKU\.DEFAULT\SOFTWARE\XML#dig20
HKU\.DEFAULT\SOFTWARE\XML#dig25
HKU\.DEFAULT\SOFTWARE\XML#dig10
HKU\.DEFAULT\SOFTWARE\XML#str6
HKU\.DEFAULT\SOFTWARE\XML#str7
HKU\.DEFAULT\SOFTWARE\XML#str8
HKU\.DEFAULT\SOFTWARE\XML#str9
HKU\.DEFAULT\SOFTWARE\XML#str10
HKU\.DEFAULT\SOFTWARE\XML#str11
HKU\.DEFAULT\SOFTWARE\XML#str13
HKU\.DEFAULT\SOFTWARE\XML#str1
HKU\.DEFAULT\SOFTWARE\XML#str2
HKU\.DEFAULT\SOFTWARE\XML#str3
HKU\.DEFAULT\SOFTWARE\XML#str5
HKU\.DEFAULT\SOFTWARE\XML#dig7
HKU\.DEFAULT\SOFTWARE\XML#dig8
HKU\.DEFAULT\SOFTWARE\XML#dig6
HKU\.DEFAULT\SOFTWARE\XML#str16
HKU\.DEFAULT\SOFTWARE\XML#str17
HKU\.DEFAULT\SOFTWARE\XML#str18
HKU\.DEFAULT\SOFTWARE\XML#str19
HKU\.DEFAULT\SOFTWARE\XML#dig18
HKU\.DEFAULT\SOFTWARE\XML#dig17
HKU\.DEFAULT\SOFTWARE\XML#str22
HKU\.DEFAULT\SOFTWARE\XML#str23
HKU\.DEFAULT\SOFTWARE\XML#str24
HKU\.DEFAULT\SOFTWARE\XML#str25
HKU\.DEFAULT\SOFTWARE\XML#str26
HKU\.DEFAULT\SOFTWARE\XML#dig24
HKU\.DEFAULT\SOFTWARE\XML#dig23
HKU\S-1-5-18\SOFTWARE\XML
HKU\S-1-5-18\SOFTWARE\XML#dig15
HKU\S-1-5-18\SOFTWARE\XML#dig4
HKU\S-1-5-18\SOFTWARE\XML#dig5
HKU\S-1-5-18\SOFTWARE\XML#dig20
HKU\S-1-5-18\SOFTWARE\XML#dig25
HKU\S-1-5-18\SOFTWARE\XML#dig10
HKU\S-1-5-18\SOFTWARE\XML#str6
HKU\S-1-5-18\SOFTWARE\XML#str7
HKU\S-1-5-18\SOFTWARE\XML#str8
HKU\S-1-5-18\SOFTWARE\XML#str9
HKU\S-1-5-18\SOFTWARE\XML#str10
HKU\S-1-5-18\SOFTWARE\XML#str11
HKU\S-1-5-18\SOFTWARE\XML#str13
HKU\S-1-5-18\SOFTWARE\XML#str1
HKU\S-1-5-18\SOFTWARE\XML#str2
HKU\S-1-5-18\SOFTWARE\XML#str3
HKU\S-1-5-18\SOFTWARE\XML#str5
HKU\S-1-5-18\SOFTWARE\XML#dig7
HKU\S-1-5-18\SOFTWARE\XML#dig8
HKU\S-1-5-18\SOFTWARE\XML#dig6
HKU\S-1-5-18\SOFTWARE\XML#str16
HKU\S-1-5-18\SOFTWARE\XML#str17
HKU\S-1-5-18\SOFTWARE\XML#str18
HKU\S-1-5-18\SOFTWARE\XML#str19
HKU\S-1-5-18\SOFTWARE\XML#dig18
HKU\S-1-5-18\SOFTWARE\XML#dig17
HKU\S-1-5-18\SOFTWARE\XML#str22
HKU\S-1-5-18\SOFTWARE\XML#str23
HKU\S-1-5-18\SOFTWARE\XML#str24
HKU\S-1-5-18\SOFTWARE\XML#str25
HKU\S-1-5-18\SOFTWARE\XML#str26
HKU\S-1-5-18\SOFTWARE\XML#dig24
HKU\S-1-5-18\SOFTWARE\XML#dig23

Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID

Hello,


It looks to be some left overs from the infection. Run one more scan with SuperAntiSpyware and make sure it comes up clean after it removed them. Let me know if it does.

Ok, I re-ran the Super AntiSpyware and it came up clean.

I have another concern though as when I clicked on the "Find out what is running on your computer" link in Super AntiSpayware it immediately restarted my computer. This also happened to me today when I was using an application that uses Flash.

Hello,


Does the computer just shut off or do you get the Blue Screen Of Death? If you do get the Blue Screen Of Death, can you give me the error code?


Also, try uninstalling the flash player and re-installing it and see if that fixes the problem.

No blue screen of death, so no error code.

I can understand flash crashing once in awhile, but what about clicking on that link in the Antivirus program.

Hello,



That is a good question. It could be more than just a flash problem. I think the tech's here might be able to help you out better than I can about this. I would recommend you make a new thread in the Windows XP Forum. Make sure you include a link to this thread in that post and describe the problem your having. Then come back here and post a link the new thread so I can let the tech's know I sent you over there.

Here is the thread I started in the Windows XP thread.

Hello,


I see that rshaffer61 has jumped in to help you over in the Windows XP forum.

I am going to go ahead and close this thread since your getting help over there. Good Luck and I hope you can get it figured out.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.