Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I might be infected


  • Please log in to reply
6 replies to this topic

#1 jjinx

jjinx

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 05 February 2010 - 11:02 AM

All my scans (avg and malwarbytes) come up clean and everything seems fine but 3 times now in a matter of a week I have gotten a "threat detected" while looking at friends pics on Myspace and now it happened on Facebook while looking at someones pics. The first time I think it was just the avg threat detected pop up, the 2nd time I got the avg threat detected pop up and my address bar turned red. This time my page jumped to superantispyware. I closed it before the page loaded but again got the avg threat detected. Ran scans again and they are all clean but I'm worried that something is lurking. What should I do?

BC AdBot (Login to Remove)

 


#2 cod head

cod head

  • Members
  • 162 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 05 February 2010 - 11:32 AM

Sounds a bit like a Browser exploit because I cannot see AVG redirecting you to Superantispyware if indeed it was Superantispywares site.I have had no dealings with AVG but still don't think they would redirect you.Try A Squared.It is a large download about 60mb.Download the free version which I will link to.Its a good on demand scanner that can scan pretty deep with its Icarus Engine.Once downloaded check for updates then run a Smart Scan.Takes longer than the quick one but scans more.Takes about 1.5.hrs on my machine.A quick scan only takes minutes but does not go deep enough.If it finds anything Quarantine it in case its a false positive then post back what it has or has not found.Download A Squared Free Here.

http://www.emsisoft.com/en/software/free

#3 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:09:31 AM

Posted 05 February 2010 - 12:23 PM

Before going through the remove and install procedure try a couple of online virus scanners


Be advised that some of these scanners will pickup things in "quarantine" from other anti-virus programs - so review the results carefully

http://www.superantispyware.com/onlinescan.html&rid=3324

http://housecall.trendmicro.com

http://www.pandasecurity.com/homeusers/solutions/activescan/

http://www.kaspersky.com/virusscanner Scan Only - no removal

http://www.bitdefender.com/scan8/ie.html

http://support.f-secure.com/enu/home/ols.shtml

http://us.mcafee.com/root/mfs/default.asp

http://onlinescan.avast.com/


http://ca.com/us/securityadvisor/virusinfo/scan.aspx

http://www.eset.com/onlinescan/

<links compiled on 02/14/2008>
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#4 cod head

cod head

  • Members
  • 162 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 05 February 2010 - 12:41 PM

A Squared free is a on demand scanner,it does no live protection so the OP should not have to uninstall his AVG.I use it as a on demand scanner and have Avast 5 with no problems.A Squared plus does real time scanning.But I agree that the on line scans are a good option.Just a bit confused about installing and uninstalling.

#5 jjinx

jjinx
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 05 February 2010 - 03:18 PM

Thank you! Here is the a square report...

a-squared Free - Version 4.5
Last update: 2/5/2010 11:53:31 AM

Scan settings:

Scan type: Smart Scan
Objects: Memory, Traces, Cookies, C:\Windows\, C:\Program Files
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 2/5/2010 12:21:28 PM

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> Changed detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F9718C7-3DBD-4ef2-BBC1-E4F91F38E51A} --> SlowInfoCache detected: Trace.Registry.Smart Keystoke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> LogService detected: Trace.Registry.Smart Keystroke Recorder!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run --> sma detected: Trace.Registry.Smart Keystroke Recorder!A2
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt detected: Trace.TrackingCookie.advertising!A2
C:\Windows\System32\msnuncer-.dll detected: Virus.Win32.KeyLogger.NT!IK

Scanned

Files: 195855
Traces: 569857
Cookies: 138
Processes: 65

Found

Files: 1
Traces: 4
Cookies: 1
Processes: 0
Registry keys: 0

Scan end: 2/5/2010 3:15:23 PM
Scan time: 2:53:55

C:\Windows\System32\msnuncer-.dll Quarantined Virus.Win32.KeyLogger.NT!IK
C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Cookies\jennifer@advertising[2].txt Quarantined Trace.TrackingCookie.advertising!A2

Quarantined

Files: 1
Traces: 4
Cookies: 1

#6 cod head

cod head

  • Members
  • 162 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:31 PM

Posted 05 February 2010 - 03:31 PM

Leave everything in Quarantine for now.It cannot do no harm there.Win32.Keylogger sounds a bit naughty.If no problems delete them all in a week or so.Keep A Squared,its free and often finds things others don't.If you want a second opinion you could go for a online scan as Garmanna suggested.

#7 jjinx

jjinx
  • Topic Starter

  • Members
  • 112 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 05 February 2010 - 03:36 PM

Ok. Thank you :huh:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users