paraleegirl Posted July 3, 2009 Please review my SAS log for me. I have researched this forum AND I think there are several f/p's, but I need to be sure. I ran SAS last night in Safe Mode to make sure I had a clean system again. *Whimper* Please help! Thank you! The SAS log: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 07/02/2009 at 10:02 PM Application Version : 4.26.1006 Core Rules Database Version : 3968 Trace Rules Database Version: 1908 Scan type : Complete Scan Total Scan Time : 03:03:23 Memory items scanned : 212 Memory threats detected : 0 Registry items scanned : 6482 Registry threats detected : 14 File items scanned : 105183 File threats detected : 85 Trojan.NewDotNet HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} Adware.IWinGames HKU\S-1-5-21-3924064129-2942328611-1021817841-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990} Adware.Tracking Cookie C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@serving-sys[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@cdn4.specificclick[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@apmebf[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@cbs.112.2o7[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@sales.liveperson[3].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@tribalfusion[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@kontera[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@collective-media[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@adlegend[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@zedo[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@affiliate.kitaramedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@247realmedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@media6degrees[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@atwola[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@tacoda[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@burstnet[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@imrworldwide[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@trafficmp[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@at.atwola[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@a1.interclick[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@bet.burstnet[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@advertising.youdagames[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@roiservice[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@ads.pointroll[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@specificmedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@webads.hookedmediagroup[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@ads.lucidmedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@c7.zedo[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@sales.liveperson[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@yadro[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@realmedia[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@ads.lucidmedia[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@ads.financialcontent[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@insightexpressai[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@questionmarket[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[7].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[8].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@ad.yieldmanager[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@sec1.liveperson[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@casalemedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@pluckit.demandmedia[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@oasn04.247realmedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@fastclick[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@nextag[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[4].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@sec1.liveperson[3].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@msnportal.112.2o7[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@bs.serving-sys[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@media.adrevolver[3].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[3].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@bluestreak[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@invitemedia[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[6].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[5].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.burstnet[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@media.adrevolver[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@msnbc.112.2o7[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@viacom.adbureau[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@statcounter[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@dmtracker[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@specificclick[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@adbrite[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@revsci[1].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@eas.apm.emediate[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.clickmanage[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@www.googleadservices[9].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@adrevolver[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@interclick[2].txt C:\Documents and Settings\Virginia Ashby\Cookies\virginia_ashby@overture[1].txt .atwola.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .bizrate.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .bizrate.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .blockbuster.112.2o7.net [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .cnn.122.2o7.net [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .e-2dj6wjnyuidpmao.stats.esomniture.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .fisherinvestments.112.2o7.net [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .ford.112.2o7.net [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .geosign.112.2o7.net [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .imrworldwide.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .imrworldwide.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Virginia Ashby\Application Data\Mozilla\Profiles\vashby\exolfn7o.slt\cookies.txt ] Registry Cleaner Trial HKCR\Install.Install HKCR\Install.Install\CLSID HKCR\Install.Install\CurVer HKCR\Install.Install.1 HKCR\Install.Install.1\CLSID Adware.MyWebSearch/FunWebProducts HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32 HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32 Trojan.Agent/Gen-Dropper[Temp] C:\WINDOWS\TWAIN_32\HPQGNDS2.TMP Share this post Link to post Share on other sites
paraleegirl Posted July 3, 2009 Thank you for responding so quickly! Would you please evaluate the log and tell me if any entries - particularly those identified as Trojans - are false positives? If they are, do I simply ignore them & delete them safely? Malwarebytes & AVG are no longer reporting any malware/viruses/trojans. I was surprised to see that SAS found so much and I need to know that my system is clean. What should I do from here? Many thanks! Share this post Link to post Share on other sites
Security Jurgen Posted September 13, 2009 That's a lot of viruses. Good thing you got rid of all of those threats, did you? Share this post Link to post Share on other sites