Jump to content

pagesbow

Members
  • Content Count

    1
  • Joined

  • Last visited

About pagesbow

  • Rank
    Newbie
  1. Hi all, This is the first time I've posted here so I'm sure I'm breaking many forum guidlines or not providing enough info etc. But here goes... About four days ago I ran superantispyware and found a trojan by the name of Trojan.Agent / Gen-Autorunner I deleted it ran superantispyware again and that appeared to have removed it as it wasn't picked up in the second scan. Two days later, I went to turn off my PC and at first I thought I had made a mistake as it restarted. Turns out it wasn't - and it would also restart if I used the power off button on my machine. Since about Friday I have been trying to get rid of this trojan manually to no avail. This is the log of a scan: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/05/2013 at 11:40 AM Application Version : 5.6.1014 Core Rules Database Version : 10356 Trace Rules Database Version: 8168 Scan type : Complete Scan Total Scan Time : 00:38:01 Operating System Information Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600) Administrator Memory items scanned : 390 Memory threats detected : 0 Registry items scanned : 37208 Registry threats detected : 0 File items scanned : 39639 File threats detected : 30 Adware.Tracking Cookie C:\Documents and Settings\Cookies\X3CCMDFE.txt [ /atdmt.combing.com ] .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .liveperson.net [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .liveperson.net [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .histats.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .estat.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] stat.onestat.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] stat.onestat.com [ C:\DOCUMENTS AND SETTINGS\PPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] stat.onestat.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .xiti.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .c1.atdmt.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] www.qsstats.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] www.qsstats.com [ C:\DOCUMENTS AND SETTINGS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\0IRJVAG2.DEFAULT\COOKIES.SQLITE ] Trojan.Agent/Gen-Autorunner C:\SWSETUP\SP34267\BIN\UPDATPNP.EXE I went into C:\SWSETUP\SP34267\BIN\UPDATPNP.EXE and the file looked like this: Now I know it was created in May 2006 which would suggest is not a trojan? however, everytime superantospyware "removed" it it came back so I shredded the file with AVG shredder and since then it has not returned and I have been able to turn off my PC normally. So, I'm not sure what I'm asking here as I'm just a noob when it comes to this stuff....but does anyone have any thoughts on what this was/is? and is it fixed? AVG also picked up: But is was removed and hasn't come back. Thanks in advance.
×
×
  • Create New...