possible malware here?

[Guest]

[mr fett]

Thanks- I appreciate you looking at it. What about that A2 log? Is that the normal appearance? I ask because this all prompted me to do a multi-scan of my desktop computer, and while Malwarebutes and SuperantiSpyware only found cookies, A2 is finding more cookies and some medium risk registry stuff that looks alarming along with some high risk stuff. I wanted to post the A2 log when it finishes to get your opinion, but I want to make sure I post a correct log file that can be read and makes sense. Is it standard protocol to just convert the db3 file to txt after it is saved, or should I be saving it as something different? I'm wondering if the trojan I had a few weeks ago that I thought I removed is still there.

[eXPerience]

Thanks- I appreciate you looking at it. What about that A2 log? Is that the normal appearance? I ask because this all prompted me to do a multi-scan of my desktop computer, and while Malwarebutes and SuperantiSpyware only found cookies, A2 is finding more cookies and some medium risk registry stuff that looks alarming along with some high risk stuff. I wanted to post the A2 log when it finishes to get your opinion, but I want to make sure I post a correct log file that can be read and makes sense. Is it standard protocol to just convert the db3 file to txt after it is saved, or should I be saving it as something different? I'm wondering if the trojan I had a few weeks ago that I thought I removed is still there.

Hi,

well no, that's not really common to change it. But that allows me to take a look at it.

***looking at it***
***finds a corrupted file***

well, can't use it, sorry.

Could you do a scan and take a screenshot of the results (remember to expand all tabs so I can see where the files are !) ? (How to take screenshots)

eXPerience

[mr fett]

I think a part of my issue is in the fact that before closing down A2, I tried quarantining the 4 found objects. I wasn't allowed to, so I didn't get a typical list of threats like I've seen in Adaware, etc- which I assume is the log file you're after? The log file created by A2 that I found looks like it's just the actions it carried out, not the files I saw it find (if this makes any sense), sort of what a Search and Destroy logfile looks like to me. I've never used the program before, so I don't know how it works. If I posted the correct file, how do people upload it so that it can be read if it's saved as a db3 file by the program? i can't find any options on controlling the log file saves. Sorry, but this program seems to be more confusing than what it seems it should be. Maybe you and I are are talking about 2 different things, and I can't explain myself well enough?  Sorry to be a PITA....

My desktop A2 scan is still running so when it's done I'll do a screenshot. Are you wanting a screenshot of the A2 scan interface where it lists the objects? If so, the full list all won't fit onto one screen shot, and the names of some are so long they need to be scrolled to see them entirely. Would I take a shot, then scroll then take another shot?

Hi,

well no, that's not really common to change it. But that allows me to take a look at it.

***looking at it***
***finds a corrupted file***

well, can't use it, sorry.

Could you do a scan and take a screenshot of the results (remember to expand all tabs so I can see where the files are !) ? (How to take screenshots)

eXPerience

[mr fett]

I don't know how I messed up with the logfile/report from my laptop, but here's the report and screenshots for my desktop A2 scan. The last 2 on drive H are safe. It's the other ones I don't know about. The Ultra VNC is a program a buddy put on my computer who is much more savvy than I, so I assume they're ok too.

 i happened to find a db3 file for this one too- looks like I mistook it before dor a log report that I never actually saved   I have no idea now why it looks so messed up....

Here also is the Hijack This log

[eXPerience]

Hi,

I sujest you quarentine :

- spywarebot
- the IE plugin
- HTML.infected
- Trojan.generic!IK

best regards,
eXPerience

[mr fett]

Thanks.

The program cannot quarantine the spywarebot (2 traces). I get an error message for them, saying they cannot be deleted, and to consult the experts at the A2 forum. This is the same message I got when I tried quarantining the 4 objects on my laptop. What do you suggest now?

This may sound like a dumb question, but why am I only quarantining these objects, and not deleting them? What do I do with them now that they are quarantined? Once I delete eventually them do I do a system clean on that drive, delete all restore points and re-scan?

Should I be deleting all the other things (tracking cookies, etc) so they don't sit there and pop up again on future scans? Is there a way in A2 to ignore the files I know are false positives so they don't pop up again? I can't seem to find an ignore option.

[eXPerience]

Should I be deleting all the other things (tracking cookies, etc) so they don't sit there and pop up again on future scans? Is there a way in A2 to ignore the files I know are false positives so they don't pop up again? I can't seem to find an ignore option.

I think rightclicking and adding to the whitelist should do if I remember right?

The program cannot quarantine the spywarebot (2 traces). I get an error message for them, saying they cannot be deleted, and to consult the experts at the A2 forum. This is the same message I got when I tried quarantining the 4 objects on my laptop. What do you suggest now?

I'm a bit puzzled, because I don't know if it's actually cleaned now or not....... Hijackthis looks clean....
Well, if you really feel you need to I sujest you scan with Superantispyware. if that doesn't help, you will need to look for more expert cleaning : Comodo LivePcSupport

This may sound like a dumb question, but why am I only quarantining these objects, and not deleting them? What do I do with them now that they are quarantined? Once I delete eventually them do I do a system clean on that drive, delete all restore points and re-scan?

It's safer, imagine that you actually need those files for an application or so, well, you can still repair it then. If you delete it, it's lost forever.

eXPerience

[Kyle]

  Can a Mod please correct the spelling of the topic? I know I'm being fussy.. It just tickles me every time I see it.. lol

[eXPerience]

Can a Mod please correct the spelling of the topic? I know I'm being fussy.. It just tickles me every time I see it.. lol

I find it funny, that's why I kept it there in the first place 

ok, I only changed the OP

eXPerience

[mr fett]

Can a Mod please correct the spelling of the topic? I know I'm being fussy.. It just tickles me every time I see it.. lol

 

yeah, I noticed that a while ago, but didn't know how to fix it. At least I could find my post easily  oops

[mr fett]

I think rightclicking and adding to the whitelist should do if I remember right?
I'm a bit puzzled, because I don't know if it's actually cleaned now or not....... Hijackthis looks clean....
Well, if you really feel you need to I sujest you scan with Superantispyware. if that doesn't help, you will need to look for more expert cleaning : Comodo LivePcSupport
It's safer, imagine that you actually need those files for an application or so, well, you can still repair it then. If you delete it, it's lost forever.

eXPerience

OK- I'll try this when I get home from work tonight. From what I remember thoguh, Superantispyware didn't find those objects in the first place....

I'll re-run everything and see what I find.
Thanks.

[mr fett]

A2 and Hijack This logs from follow up scan. The "undeletable" files didn't show up for some reason but the 2 other objects did. Spybot, Malwarebytes, SuperAntispaware, and Adaware all missed them. So I cleaned all drives and deleted restore points, restarted and scanned again with A2- nothing found. I'll have to see if they pop up again in a couple days....

[Tags:]