Jump to content

nalthren

Members
  • Content Count

    42
  • Joined

  • Last visited

Everything posted by nalthren

  1. *Sometimes* upon restart (mainly when computer has crashed from power outtages). SAS will sometimes launch with Scheduled updates and Scanning reset forcing me to reset them. What could be causing this
  2. So I just noticed today that SAS requires the browser to be closed before 'removing' cookies atleast on manual scan, it seems to no when on automatic and even then cookies no longer show up under quarantine like they have been until yesterday. Is this intended now?
  3. Glad to be of help. Looking forward to the update.
  4. Will try and remember, the screen is just the final window showing what was quarantined/removed waiting for me to hit finish (again simple extra click but gets annoying that I have to remember to go back and hit it when before it would auto do it itself)
  5. Yea its a scheduled scan, and I did check the option, and it still requires a prompt from me to finish.
  6. When ever I scanned before, SAS would automatically hits 'finish' once a scan is over and closes the window, however for the past few days it hangs on the 'items detected' window until I manually hit finish meaning I would have to remember to check for the scan to be done rather then let the program 'clean up after itself' and close.. Very small issue but sorta annoying.. anyone else getting this or know how to fix?
  7. Just wondering if this is 'normal' my SAS Premium just finished a scheduled scan and not 30 minutes later, starts one up again on its own. Is this normal or am I missing something here?
  8. I believe it updated last night, so everything detected was a FP? Including the 3 that were auto deleted?
  9. No problem. we've all been at that stage before. Now heres hoping for official response of some sort by morning.
  10. Well as I said, I am waiting on official support on the 3 I mentioned at the bottom at my report that the scanner auto deleted before I can send a report on anything. So I have quarantine intact so I can restore the 3 and the other 40 something 'trojans'.
  11. Yea in these cases dont auto delete it if you can help it.. Deleted Steam the first time and lost alot of DLC from one of my games I was unable to recover, from that point on I made it a point to check here every time a 'trojan' hits. So far everything was a false positive.
  12. Probably but did you have 3 files removed as well?
  13. It looks identical to mine.. given it a further chance its a FP.
  14. Looks like we are in the same boat and it IS a FP. I am just waiting on official confirmation since the Report Button failed to show up on this. (Probably since it auto removed the mentioned 3 and didnt give me a chance to stop it)
  15. Alright what about the 3 files I mentioned at the bottom?
  16. Yea this one made me do a doubletake, currently 48 items all in my APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62 and 29.0.1547.66 locales folders. Will post more when scan completes. EDIT: These are Google Chromes: "Version Build" folders. Now I am pretty sure this is again a FP. EDIT: Gave me one of those 'Has real time detected' windows pop ups. Never noticed that one before.... (A hour and 30 into the scan no less) EDIT: Log Generated 09/19/2013 at 11:33 PM Application Version : 5.6.1032 Core Rules Database Version : 10778 Trace Rules Database Version: 8590 Scan type : Complete Scan Total Scan Time : 02:33:09 Operating System Information Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002) UAC On - Limited User (Administrator User) Memory items scanned : 645 Memory threats detected : 0 Registry items scanned : 39304 Registry threats detected : 0 File items scanned : 51898 File threats detected : 63 Adware.Tracking Cookie C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\82SLT5E1.txt [ /lucidmedia.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\53ZFMPQC.txt [ /burstnet.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\2M40YUYQ.txt [ /casalemedia.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\MMFG7DGR.txt [ /ru4.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\SDBO580M.txt [ /media6degrees.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\AR7V4N8F.txt [ /ads.pubmatic.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\5T6CU0I1.txt [ /invitemedia.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\OTXLBO72.txt [ /www.burstnet.com ] C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Cookies\SN6MPVZB.txt [ /atdmt.com ] C:\USERS\RICHARD\Cookies\82SLT5E1.txt [ Cookie:richard@lucidmedia.com/ ] C:\USERS\RICHARD\Cookies\53ZFMPQC.txt [ Cookie:richard@burstnet.com/ ] C:\USERS\RICHARD\Cookies\2M40YUYQ.txt [ Cookie:richard@casalemedia.com/ ] C:\USERS\RICHARD\Cookies\MMFG7DGR.txt [ Cookie:richard@ru4.com/ ] C:\USERS\RICHARD\Cookies\OTXLBO72.txt [ Cookie:richard@www.burstnet.com/ ] C:\USERS\RICHARD\Cookies\SN6MPVZB.txt [ Cookie:richard@atdmt.com/ ] Trojan.Agent/Gen-Stranfom C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\AM.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\AR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\BN.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\EN-GB.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\EN-US.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\ET.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\FA.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\FI.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\GU.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\HE.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\MS.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\JA.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\KO.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\LV.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\MR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\NB.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\RU.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\SR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\SV.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\TH.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\UK.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\VI.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\ZH-CN.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.62\LOCALES\ZH-TW.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\AM.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\AR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\BN.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\EN-GB.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\EN-US.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\ET.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\FA.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\FI.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\GU.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\HE.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\MS.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\JA.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\KO.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\LV.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\MR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\NB.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\RU.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\SR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\SV.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\TH.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\UK.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\VI.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\ZH-CN.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\29.0.1547.66\LOCALES\ZH-TW.DLL Scanner didnt give me a chance to remove or report as a FP. Auto deleted: Trojan.Agent/Gen-Stranfom.Process: C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\TEMP\SOURCE9956_16552\CHROME-BIN\29.0.1547.76\LOCALES\AM.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\TEMP\SOURCE9956_16552\CHROME-BIN\29.0.1547.76\LOCALES\AR.DLL C:\USERS\RICHARD\APPDATA\LOCAL\GOOGLE\CHROME\TEMP\SOURCE9956_16552\CHROME-BIN\29.0.1547.76\LOCALES\BN.DLL So since I cant send in a report, can I get some help here?
  17. I just been noticing this, its set to go off at 9pm, but I woke up early to find the scanner running again, having started at around 7am... Is this intended or is it picking something up and trying to find it..?
  18. Thanks for the response. Glad to hear it
  19. Given how the last 3 incidents of 'trojans' being found on my machine, they were all FP's.. and given the names and locations of the files, I am betting these are too. @ Macho
  20. Macho stop advertising Norton products, never using it.
  21. Trojan.Agent/Gen-Blackhole G:\TEAMSPEAK\CREATEFILEASSOC.EXE C:\PROGRAM FILES\SPEEDFAN\UNINSTALL.EXE C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SPEEDFAN\UNINSTALL SPEEDFAN.LNK Pretty sure these are FP's... flagging as false positive until otherwise
  22. Would using system restore fix the deleted items?
  23. The scanner auto removed them before I could hit cancel sadly.
  24. I got hit with 22 Trojans all under C\Programs Nivida/updatus with a few tell with a few game.exe's popped in there I know are related to the Nividia Geforce experience... Given how I checked my Nvidia Geforce after the 'removal' it is back to default settings, I think this was a false positive, which I was unable to flag as a false positive. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 07/23/2013 at 11:06 PM Application Version : 5.6.1020 Core Rules Database Version : 10631 Trace Rules Database Version: 8443 Scan type : Complete Scan Total Scan Time : 02:06:38 Operating System Information Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002) UAC On - Limited User (Administrator User) Memory items scanned : 689 Memory threats detected : 0 Registry items scanned : 39296 Registry threats detected : 0 File items scanned : 60054 File threats detected : 26 Trojan.Agent/Gen-Strictor C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00002E5A\VOPS-DOTA_2.15152356.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003E50\DAO.16281631.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003A73\DAO.15915059.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003A78\VOPS-LEFT_4_DEAD_2.15916653.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003B33\DAO.16044919.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003B51\DAO.16081870.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003BE2\DAO.16137597.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003BF1\DAO.16173164.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003BF6\DAO.16199147.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003D2D\DAO.16249320.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003E66\DAO.16303927.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003E7B\DAO.16329232.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003E82\DAO.16337275.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00003E93\DAO.16368481.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\0000400C\VOPS-DOTA_2.16397623.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\0000401E\VOPS-LEFT_4_DEAD_2.16397623.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00004049\DAO.16397623.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00004134\DAO.16430842.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00004139\DAO.16438418.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\000041D0\DAO.16449855.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\000041DA\DAO.16473425.EXE C:\PROGRAMDATA\NVIDIA\UPDATUS\PACKAGES\00004318\DAO.16512755.EXE C:\Windows\Prefetch\DAO.16368481.EXE-EF98E677.pf C:\Windows\Prefetch\VOPS-DOTA_2.15152356.EXE-A11C5441.pf C:\Windows\Prefetch\VOPS-DOTA_2.16397623.EXE-02C31428.pf C:\Windows\Prefetch\VOPS-LEFT_4_DEAD_2.16397623.E-0145CD96.pf
×
×
  • Create New...