hijinx Posted April 18, 2010 how do i get rid of this **** ? it tricked me and said my flash needed update so i clicked on it, oopsy ! Share this post Link to post Share on other sites
Mark123 Posted April 18, 2010 how do i get rid of this **** ? it tricked me and said my flash needed update so i clicked on it, oopsy ! What did the flash update do?? Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 What did the flash update do?? Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 it installed digtal protection trojan on my comp Share this post Link to post Share on other sites
siliconman01 Posted April 18, 2010 Have you run a Complete scan with SAS? If so, please post the scan log. Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 ok when its over its been scanning for 4hours and 50 min, geez it takes for ever! Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 your in West Virginia i have family there in Morgan town Share this post Link to post Share on other sites
siliconman01 Posted April 18, 2010 Down by Charleston Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 04/18/2010 at 03:57 AM Application Version : 4.35.1002 Core Rules Database Version : 4818 Trace Rules Database Version: 2630 Scan type : Complete Scan Total Scan Time : 07:22:32 Memory items scanned : 494 Memory threats detected : 0 Registry items scanned : 5333 Registry threats detected : 0 File items scanned : 93391 File threats detected : 63 Rogue.DigitalProtection C:\Documents and Settings\one\Start Menu\Programs\Digital Protection C:\Documents and Settings\one\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital Protection.lnk Trojan.Agent/Gen-Krpytik C:\SYSTEM VOLUME INFORMATION\_RESTORE{7D779B46-C93C-4CDE-9A4D-F6DBB27FF73D}\RP170\A0043727.DLL Adware.Tracking Cookie D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@ad.yieldmanager[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@ads.pointroll[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@advertising[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@atdmt[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@collective-media[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@content.yieldmanager[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@content.yieldmanager[3].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@doubleclick[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@imrworldwide[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@insightexpressai[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@invitemedia[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@media6degrees[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@pointroll[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@richmedia.yahoo[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\devil22@tribalfusion[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@247realmedia[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@a1.interclick[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@ad.wsod[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@ad.yieldmanager[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@adbrite[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@adecn[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@adinterax[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@ads.bridgetrack[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@ads.pointroll[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@advertising[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@amazonmerchants.122.2o7[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@andomedia[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@apmebf[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@at.atwola[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@atdmt[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@bizrate[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@bs.serving-sys[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@casalemedia[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@cdn4.specificclick[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@collective-media[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@content.yieldmanager[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@content.yieldmanager[3].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@doubleclick[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@eas.apm.emediate[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@imrworldwide[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@insightexpressai[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@interclick[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@invitemedia[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@kanoodle[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@mediaplex[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@msnbc.112.2o7[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@msnportal.112.2o7[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@overture[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@pointroll[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@questionmarket[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@revsci[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@richmedia.yahoo[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@serving-sys[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@specificclick[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@specificmedia[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@stat.onestat[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@tacoda[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@trafficmp[1].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@webstats.aetna[2].txt D:\Users\devil22\AppData\Roaming\Microsoft\Windows\Cookies\Low\devil22@yieldmanager[1].txt Share this post Link to post Share on other sites
Seth Posted April 18, 2010 Hello. If SAS detects an infection, but can't remove it, then please submit a Customer Support Request: https://www.superantispyware.com/precreatediagnostic.html The SAS team will then analyze the potential infection and add new definition files as required. Share this post Link to post Share on other sites
siliconman01 Posted April 18, 2010 It doesn't look like you selected all of the items above and then let SAS quarantine them. I see no statement in the top section of the log that states that it quarantined the items. They are all items that should be quarantined. After the scan is completed, it shows you which items have been detected. Put a checkmark in each of the boxes and then select Quarantine. SAS will then put them in quarantine and they will no longer be active. After quarantining, SAS may request that the system be rebooted. Let it reboot. Also, I'm looking at a write-up concerning rogue-ware Digital Protection and it looks like SAS did not detect the malicious files and registry keys on this malicious crap. I agree with Seth: Submit a customer service request via the link he provided. Share this post Link to post Share on other sites
hijinx Posted April 18, 2010 it wasn't finished scanning yet so i 86 everything it picked up then did a system restore ,now im scanning again ,i think it worked i will let you know later today thanks for your help Share this post Link to post Share on other sites