Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Troj-Huntbar.A ? [RESOLVED]


  • This topic is locked This topic is locked

#31
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Rat Hat,

I have paused SuperAnti Spyware which has been running for 8 1/2 hours so far: the boy needs to do his maths homework! It has found no threats yet, but has scanned just over 1/2 million items. It seems like an awful lot for a hard drive that has 248 GB freeof 279 GB total.

P.
  • 0

Advertisements


#32
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Rat Hat,

I give up: I stopped SuperAntiSyware again after 22 hours of scanning. Something must be wrong. It says it has scanned 1.5 million files, but there can't be more than 100,000 files on the disc.

Here's the log:

SUPERAntiSpyware Scan Log
Generated 02/08/2008 at 07:02 AM

Application Version : 3.6.1000

Core Rules Database Version : 3395
Trace Rules Database Version: 1387

Scan type : Complete Scan
Total Scan Time : 23:26:55

Memory items scanned : 685
Memory threats detected : 0
Registry items scanned : 6030
Registry threats detected : 0
File items scanned : 1557956
File threats detected : 0


Should I uninstall it,reload and try again?

Thanks, P.
  • 0

#33
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Hey Peter,

That is strange. Try uninstalling it, and running AVG Antispyware instead:

Run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Start Update" link under Manual Update.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Do Not Automatically generate report"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

Hows you own machine doing by the way? Any further problems?

Regards,
RatHat
  • 0

#34
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Hi RatHat,

Uninstalled SuperAnti Syware and ran AVG:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:25:11 AM 8/02/2008

+ Scan result:



C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned.


::Report end


My machine seems to run well: I have installed AdAware and Spybot which I will run periodically,
although Spyware Guard and/or Spyware Blaster slowed it to a crawl, so I uninstalled them.
Is it alright to run some of these resident spyware programs, such as Spyguard, Tea Timer (in Spybot) or Ad Watch (in Ad Aware) or will they interfer with or diminish the effectiveness of my Micro Trend PC Cillin Security Suite (including firewall)??

Regards,
P.
  • 0

#35
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Rat Hat,

I was just checking out stuff on the vista pc we are presently looking at and upon investigating the Micro trend PC Cillin logs found this:

"Virus Scan Logs","2008/01/23","PETER-PC"
"Time","Security Feature","Source Type","Virus Name","File Name","First Action","Second Action"
"15:09","Manual Scan","File","BKDR_ODEROOR.F","[email protected] (C:\Users\Jacko\Documents\My Received Files\image97j6.zip)","Quarantine Fail",""
"15:09","Manual Scan","File","---","C:\Users\Jacko\Documents\My Received Files\image97j6.zip","Quarantine Success",""

(I have crossed out the boy's hotmail address with xxxxxxxxx)

Peter.
  • 0

#36
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Peter,

You can run one of the resident programs, and it should be enough. My preference would be SpywareGuard, but if it slows the machine, use TeaTimer instead.

Use Spybot's immunise section on all machines, and also SpywareBlaster. They will block bad sites by adding blocking entries into the registry, but not stay memory resident.

If you look at the Micro trend PC Cillin logs, you will see: C:\Users\Jacko\Documents\My Received Files\image97j6.zip","Quarantine Success",""

So it has been removed.

Warn him about attachments from people he does'nt know, and also about following links in Messenger. These can be directed straight to malware.

P2P programs are also a big NoNo, although kids love them. My son always wants Limewire so he can download music, but you never know when you will get a bug attached with it, so I make sure he stays clear of them, well most of the time!

I think you should be OK on all three machines now, just make sure you are vigilant on the sites that are visited, and carry out an online scan every week or so, then you should stay clean.

If not, you know where we are!

All the best,
RatHat
  • 0

#37
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Rat Hat,

Thanks for all your help and patience. it is very much appreciated. Being the nominated honorary resident home IT person is quite a challenge at the best of times, but when the brown stuff hits the fan, it is beyond my meagre capabilities. So a heartfelt thank you to you and your mates.

Just one last question: can you clarify what you mean by "carry out an online scan every week"?

Kind Regards,
Peter.
  • 0

#38
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Online scans are AV scans that you carry out on line. They have the advantage of not being installed on your system, so if a virus gets into your computer and injects code into your AV saying it isn't there, the online scan will likely spot it and remove it.

Here's a couple of good ones, you can try. You don't need to run them every week, but once or twice a month is good practice, unless you suspec that you may have a problem.


F-Secure online scan for Viruses, Spyware and RootKits:
  • Go to http://support.f-sec.../home/ols.shtml
  • Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
  • Allow the Active X control to be installed on your computer, then click the Accept button
  • Click Full System Scan and allow the components to download and the scan to complete.
  • If malware is found, check Submit samples to F-Secure then select Automatic cleaning
  • When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
  • Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) in a new reply to this post
If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan
  • When the cleaning option is presented, Uncheck Submit samples to F-Secure
  • Click Automatic cleaning
  • When cleaning has finitished, click Show report (this will open an Internet Explorer window containing the report)
Notes:
  • This scan will only work with Internet Explorer
  • You must have administrator rights to run this scan
  • This scan can take a while, so please be patient



TrendMicro™ HouseCall Java Scan
  • Please go HERE to run the Trend Micro™ HouseCall Scan.
  • Click Scan now. It's free!
  • Read and put a Check next to Yes I accept the terms of use.
  • Click the Launching HouseCall>> button.
  • Under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
  • You may receive a Security Warning about the TrendMicro Java applet, click YES.
  • Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
  • Please be patient while it installs, updates, and scans your system.
  • Once the scan is complete, it will take you to the summary page.
  • Under Cleanup options, choose clean all detected infections automatically.
  • Click the Clean now>> button.
  • If anything was found you may be prompted to run the scan again, you can just close the browser window.


If you have problems running the Java Scan, try the Active X scan:


TrendMicro™ HouseCall ActiveX Scan
  • Please go HERE to run the Trend Micro™ HouseCall Scan.
  • Click Scan now. It's free!
  • Read and put a Check next to Yes I accept the terms of use.
  • Click the Launching HouseCall>> button.
  • Under "Browser plug-in" Installing and using Housecall kernel, click the Starting HouseCall>> button.
  • You may receive a prompt to install the ActiveX, click install.
  • If you are taken back to the main page, click Launching HouseCall>> button again.
  • Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
  • Please be patient while it installs, updates, and scans your system.
  • Once the scan is complete, it will take you to the summary page.
  • Under Cleanup options, choose clean all detected infections automatically.
  • Click the Clean now>> button.
  • If anything was found you may be prompted to run the scan again, you can just close the browser window.


Regards,
RatHat
  • 0

#39
liverman

liverman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Thanks again RatHat,

Keep up the good work. Over and out.

Til next time,
Peter.
  • 0

#40
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements


#41
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP