Help
All my scans (avg and malwarbytes) come up clean and everything seems fine but 3 times now in a matter of a week I have gotten a "threat detected" while looking at friends pics on Myspace and now it happened on Facebook while looking at someones pics. The first time I think it was just the avg threat detected pop up, the 2nd time I got the avg threat detected pop up and my address bar turned red. This time my page jumped to superantispyware. I closed it before the page loaded but again got the avg threat detected. Ran scans again and they are all clean but I'm worried that something is lurking. What should I do?
Page 1 of 1
I think I might be infected
Back to top
#2
- Forum Regular
-
- Group: Members
- Posts: 159
- Joined: 19-December 08
- Gender:Male
Posted 05 February 2010 - 11:32 AM
Sounds a bit like a Browser exploit because I cannot see AVG redirecting you to Superantispyware if indeed it was Superantispywares site.I have had no dealings with AVG but still don't think they would redirect you.Try A Squared.It is a large download about 60mb.Download the free version which I will link to.Its a good on demand scanner that can scan pretty deep with its Icarus Engine.Once downloaded check for updates then run a Smart Scan.Takes longer than the quick one but scans more.Takes about 1.5.hrs on my machine.A quick scan only takes minutes but does not go deep enough.If it finds anything Quarantine it in case its a false positive then post back what it has or has not found.Download A Squared Free Here.
http://www.emsisoft.com/en/software/free
http://www.emsisoft.com/en/software/free
#3
- Computer Masochist
-
- Group: Staff Emeritus
- Posts: 27,809
- Joined: 27-January 07
- Location:Cleveland, Ohio
Posted 05 February 2010 - 12:23 PM
Before going through the remove and install procedure try a couple of online virus scanners
Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully
http://www.superantispyware.com/onlinescan.html&rid=3324
http://housecall.trendmicro.com
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.kaspersky.com/virusscanner Scan Only - no removal
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/
<links compiled on 02/14/2008>
Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully
http://www.superantispyware.com/onlinescan.html&rid=3324
http://housecall.trendmicro.com
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.kaspersky.com/virusscanner Scan Only - no removal
http://www.bitdefender.com/scan8/ie.html
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
http://onlinescan.avast.com/
http://ca.com/us/securityadvisor/virusinfo/scan.aspx
http://www.eset.com/onlinescan/
<links compiled on 02/14/2008>
Mark
why won't my laptop work?
Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter
why won't my laptop work?
Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter
#4
- Forum Regular
-
- Group: Members
- Posts: 159
- Joined: 19-December 08
- Gender:Male
Posted 05 February 2010 - 12:41 PM
A Squared free is a on demand scanner,it does no live protection so the OP should not have to uninstall his AVG.I use it as a on demand scanner and have Avast 5 with no problems.A Squared plus does real time scanning.But I agree that the on line scans are a good option.Just a bit confused about installing and uninstalling.
#5
- Member
-
- Group: Members
- Posts: 97
- Joined: 03-October 08
Posted 05 February 2010 - 03:18 PM
Thank you! Here is the a square report...
a-squared Free - Version 4.5
Last update: 2/5/2010 11:53:31 AM
Scan settings:
Scan type: Smart Scan
Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files
Scan archives: On
Heuristics: Off
ADS Scan: On
Scan start: 2/5/2010 12:21:28 PM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> Changed detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> SlowInfoCache detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> LogService detected: Trace.Registry.Smart Keystroke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> sma detected: Trace.Registry.Smart Keystroke Recorder!A2
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt detected: Trace.TrackingCookie.advertising!A2
C:\Windows\System32\msnuncer-.dll detected: Virus.Win32.KeyLogger.NT!IK
Scanned
Files: 195855
Traces: 569857
Cookies: 138
Processes: 65
Found
Files: 1
Traces: 4
Cookies: 1
Processes: 0
Registry keys: 0
Scan end: 2/5/2010 3:15:23 PM
Scan time: 2:53:55
C:\Windows\System32\msnuncer-.dll Quarantined Virus.Win32.KeyLogger.NT!IK
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt Quarantined Trace.TrackingCookie.advertising!A2
Quarantined
Files: 1
Traces: 4
Cookies: 1
a-squared Free - Version 4.5
Last update: 2/5/2010 11:53:31 AM
Scan settings:
Scan type: Smart Scan
Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files
Scan archives: On
Heuristics: Off
ADS Scan: On
Scan start: 2/5/2010 12:21:28 PM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> Changed detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> SlowInfoCache detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> LogService detected: Trace.Registry.Smart Keystroke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> sma detected: Trace.Registry.Smart Keystroke Recorder!A2
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt detected: Trace.TrackingCookie.advertising!A2
C:\Windows\System32\msnuncer-.dll detected: Virus.Win32.KeyLogger.NT!IK
Scanned
Files: 195855
Traces: 569857
Cookies: 138
Processes: 65
Found
Files: 1
Traces: 4
Cookies: 1
Processes: 0
Registry keys: 0
Scan end: 2/5/2010 3:15:23 PM
Scan time: 2:53:55
C:\Windows\System32\msnuncer-.dll Quarantined Virus.Win32.KeyLogger.NT!IK
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt Quarantined Trace.TrackingCookie.advertising!A2
Quarantined
Files: 1
Traces: 4
Cookies: 1
#6
- Forum Regular
-
- Group: Members
- Posts: 159
- Joined: 19-December 08
- Gender:Male
Posted 05 February 2010 - 03:31 PM
Leave everything in Quarantine for now.It cannot do no harm there.Win32.Keylogger sounds a bit naughty.If no problems delete them all in a week or so.Keep A Squared,its free and often finds things others don't.If you want a second opinion you could go for a online scan as Garmanna suggested.
#7
- Member
-
- Group: Members
- Posts: 97
- Joined: 03-October 08
Posted 05 February 2010 - 03:36 PM
Ok. Thank you 
Share this topic:
Page 1 of 1