Just ran a scan...help with results? Please?

[Tzerreitug]

Hello,

I am a new user and hoping to find some help. Today, out of nowhere, I think I inherited some sort of malware/spyware/virus on my computer (which is odd, since I've been gone for most of the day with my dog at the vet [it hasn't been a good day] and nowhere near my computer. And super duper odd that in my years of owning a computer have NEVER gotten a virus).

Anyways, when I got home, I went to search something on google (I am currently using Firefox 5.0) and when I clicked on a result, it redirected me to a totally bizarre search site like Shopica, Ebay, Orbitz, etc. It takes me a few tries to eventually get to the page I want. And I didn't think anything of it until I got really annoyed and did some searching and realized from the pages and pages of tech forums that this is some sort of spywayre/malware virus. Again I have no idea how I absorbed this virus, but there it is.

Long story short, after a few failed scans from malware/spyware programs (they all detected NOTHING. I am also using AVG and it did not detect anything after today's scan), I finally downloaded and ran SuperAntiSpyware. I ran a scan and the results look like the problem (does that make sense?)- it detected 100 Adware Tracking Cookies to sites I've never visited before, and many look like the websites that I am being redirected to.

This is very frustrating as I am frightened to do anything- especially log into my email account, shopping sites, and online banking site.

I tried attaching the results form the Scan Log (it's a txt.) and it's not letting me do it, so if someone can help me out, maybe I could copy + paste the results???

I would appreciate any help that you can give me. Thank you!!!!

[siliconman01]

I tried attaching the results form the Scan Log (it's a txt.) and it's not letting me do it, so if someone can help me out, maybe I could copy + paste the results???

Yes, just copy/paste the scan log back here in your post.

Did you let SAS quarantine the detected items? You should also boot your computer into SAFE MODE (without networking) and run a Complete scan of your computer using SAS. Let it quarantine what it finds.

[Tzerreitug]

siliconman01,

First, here is the scan log:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 06/13/2009 at 09:53 PM

Application Version : 4.26.1004

Core Rules Database Version : 3938

Trace Rules Database Version: 1881

Scan type : Quick Scan

Total Scan Time : 00:17:10

Memory items scanned : 565

Memory threats detected : 0

Registry items scanned : 511

Registry threats detected : 0

File items scanned : 12940

File threats detected : 100

Adware.Tracking Cookie

C:\Documents and Settings\Tanya\Cookies\tanya@serving-sys[3].txt

C:\Documents and Settings\Tanya\Cookies\tanya@celebrateexpress.122.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@rm.yieldmanager[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@content.yieldmanager[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@hairfinder[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@advertising[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@insightexpressai[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adecn[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@chitika[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@at.atwola[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@kontera[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@overture[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@precisionclick[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@tradedoubler[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@doubleclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.pointroll[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adopt.euroclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adrevolver[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@sales.liveperson[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adserver.advertstream[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ad.yieldmanager[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ehg-foxsports.hitbox[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.addynamix[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@tacoda[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ehg-dig.hitbox[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@sales.liveperson[3].txt

C:\Documents and Settings\Tanya\Cookies\tanya@te.kontera[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@perf.overture[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@e-2dj6wal4ehcjaco.stats.esomniture[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@interclick[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@server.iad.liveperson[3].txt

C:\Documents and Settings\Tanya\Cookies\tanya@counter.hitslink[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@linksynergy[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@oasn04.247realmedia[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@media.adrevolver[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@bs.serving-sys[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@realmedia[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@msnportal.112.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@247realmedia[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adultedreg[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@reduxads.valuead[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@msnservices.112.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@warnerbros.112.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.bridgetrack[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adbrite[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@anad.tacoda[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adopt.specificclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@www.googleadservices[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@pro-market[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@freecodesource.advertserve[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@zedo[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@specificclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@media6degrees[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@questionmarket[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.realtechnetwork[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@statse.webtrendslive[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adserver.adtechus[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ehg-davidsbridal.hitbox[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@dc.tremormedia[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@mediaplex[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@counter.surfcounters[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@mediamall.wireless.att[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@bizrate[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.motogp[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@collective-media[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@trafficmp[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@tremor.adbureau[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@server.iad.liveperson[4].txt

C:\Documents and Settings\Tanya\Cookies\tanya@webreports.digitalinsight[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@web4.realtracker[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@sales.liveperson[5].txt

C:\Documents and Settings\Tanya\Cookies\tanya@hitbox[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@imrworldwide[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@tribalfusion[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@statcounter[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.lucidmedia[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@fastclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@atwola[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@atdmt[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ads.as4x.tmcs[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@server.iad.liveperson[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@borders.112.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@burstnet[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@adcentriconline[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@revsci[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@dynamic.media.adrevolver[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@data.coremetrics[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@iacas.adbureau[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@cdn4.specificclick[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@www.burstnet[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ehg-reddoorinteractive.hitbox[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@intermundomedia[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@www.hairfinder[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@ussearch.122.2o7[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@burstbeacon[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@specificmedia[2].txt

C:\Documents and Settings\Tanya\Cookies\tanya@www.findstuff[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@trvlnet.adbureau[1].txt

C:\Documents and Settings\Tanya\Cookies\tanya@www.burstbeacon[1].txt

Second, no, I haven't done a THING to SAS in case I do something "wrong", I haven't gone to the next step yet Third, no, I did not run it in Safe Mode (not a real technically savvy person when it comes to things like that). Thank you for your reply and for any help in advance (trying to solve this is really eating up my Saturday night!!)

[siliconman01]

The items that SAS is finding are Tracking Cookies. You should let SAS quarantine these. I doubt, however, that they are the source of your problem that you described.

Below is a website that describes how to reboot your computer into SAFE MODE. Please follow the instructions for your particular Windows operating system and boot into SAFE MODE. Then run a Complete Scan with SAS and let it quarantine anything it finds. Then reboot back into Normal Mode and post back here the SAS log for the latest scan.

http://www.pchell.com/support/safemode.shtml

[siliconman01]

In addition to my post above, please download and install Hijackthis from the link below.

http://www.bleepingcomputer.com/files/hijackthis.php

After you have scanned in SAFE MODE with SAS and have rebooted back into Normal Mode, run a Hijackthis scan and copy/paste its scan log back here too.

[Tzerreitug]

[siliconman01]

Your Hijackthis scan log is not showing any infections. Everything looks normal and acceptable.

I recommend that you submit a support request to the SAS gurus so that they can dig deeper on your system. The link below permits you to submit a support request. You may have a new variant of some strange infection that is just emerging on the Internet.

https://www.superantispyware.com/precreateticket.html