SAS fails to remove threats from my computer

[CanadianDJ]

Every time I scan my computer the same 14 threats are detected. SAS removes them, and then reboots the computer but when I scan again they are still detected. These same 14 threats have been on my system for over a month. Could it be possible that my system has been hacked? Should I remove and reinstall SAS and run again. I run updates regularly

Thank you

[siliconman01]

Please post back here a SAS scan log that shows the infected files.

Also ensure that you are running SAS V4.49.1000 which is the latest version.

Then boot into SAFE MODE and run complete scan with SAS. Let it quarantine what it finds.

What Windows operating system are you running (with Service Pack number) and is it 32-bit or is it 64-bit?

[CanadianDJ]

My Operating System is Microsoft Windows XP Version 5.1 Service Pack 3

I have run scans in safe mode but when I do I have to sign in under my SUPPORT sign on ,not my regular sign on. When I try to go into safe mode under my regular sign on it says my password is incorrect (both have admin privileges).

Whenever I run a scan with my Support sign on it usually comes up clean, the latest one had a TrojanAgent/Gen-B anload which was quarantined and when I ran a scan again it was clear.

Below is a copy of my scan report which the results keep repeating every time I run a scan. My computer has slowed down a bit and my Internet explorer 8 is virtually unusable.

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 11/24/2010 at 02:04 PM

Application Version : 4.46.1000

Core Rules Database Version : 5913

Trace Rules Database Version: 3725

Scan type : Quick Scan

Total Scan Time : 00:10:58

Memory items scanned : 700

Memory threats detected : 0

Registry items scanned : 2109

Registry threats detected : 0

File items scanned : 7069

File threats detected : 12

Adware.Tracking Cookie

C:\Documents and Settings\udginter\Cookies\udginter@fastclick[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@tacoda[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@www.sexxxtape[2].txt

C:\Documents and Settings\udginter\Cookies\udginter@www.realhomesex[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@tacoda[2].txt

C:\Documents and Settings\udginter\Cookies\udginter@advertising[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@realgfporn[2].txt

C:\Documents and Settings\udginter\Cookies\udginter@specificclick[2].txt

C:\Documents and Settings\udginter\Cookies\udginter@porn-extreme[2].txt

C:\Documents and Settings\udginter\Cookies\udginter@content.yieldmanager[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@ero-advertising[1].txt

C:\Documents and Settings\udginter\Cookies\udginter@pornhub[2].txt

Thank you for any assistance you can offer

[siliconman01]

First, your SAS version is an old version. You need to update it to the latest version. Please do this:

1. Sign on your computer under a user account that has full administrative privileges. This is probably your SUPPORT sign in account.

2. Go to the link below and download the SAS Uninstaller Assistant. Save it on your desktop. Do not run it just yet.

https://forums.superantispyware.com/index.php?/topic/1344-superantispyware-uninstallation-assistant/

3. Close down SAS completely by right clicking on the SAS icon in the Notification Tray and selecting Exit.

4. Go to the link below and download the latest version of SAS (free or Pro) and save it on your desktop. The latest version is V4.49.1000

https://www.superantispyware.com

5. Now run the SAS Uninstaller Assistant which will remove your old version of SAS and reboot your computer.

6. Install the latest version of SAS.

- Input your license number during the installation wizard if you have a license.

- Run the Update to download the latest definitions.

- Set up your preferences in SAS

7. After you get the new version of SAS installed and running, you can remove the SAS Uninstaller Assistant and the downloaded setup file of the new version of SAS from your desktop (or save them somewhere other than your desktop if you want).

Now, I suspect that your computer contains a large number of junk/temporary unneeded files that are slowing down IE8 and your computer in general. Please do the following.

1. Go to the link below and download/install freebie program CCleaner. Download the SLIM version which is at the bottom of the web page below.

http://www.piriform.com/ccleaner/builds

2. Once you get CCleaner installed, open CCleaner.

3. On the left side of the CCleaner window, click on the icon that says "Cleaner".

4. Click on the tab that says "Windows"

5. Check mark everything under "Internet Explorer", "Windows Explorer" and "System".

6. Under "Advanced", check mark "Old Prefetch data", "User Assist History", and "IIS Log Files". Leave the other items under Advanced unchecked.

7. Now click on the "Applications" tab.

8. On the "Applications" tab, check mark everything under all of the subcategories.

7. Now that you have everything set up in CCleaner, click on "Run Cleaner" at the lower right of the CCleaner window. CCleaner will clean out all the unneeded/unwanted junk files from your computer.

8. Close CCleaner when it is done cleaning.

NOTE: You can run CCleaner any time that you want to clean out all these junk files from your computer. It is a good idea to run it once a day.

Now let's try to make IE8 usable. Please do the following.

1. Go to Control Panel and select "Internet Options"

2. When the Internet Options/Properties window opens, click on the "Advanced" tab.

3. On the Advanced tab, under "Reset Internet Explorer Settings", click on the "Reset" hot button. Confirm that you want to reset Internet Explorer and let it reset it.

4. Click on "Apply"

5. Now click on the "Privacy" tab.

6. On the "Privacy" tab, under Settings click on the "Advanced" hot button.

7. Once the Advanced window opens, under "Cookies", do the following:

- Check mark "Override automatic cookie handling"

- Under First Party cookies, select "Accept"

- Under Third Party cookies, select "Block"

- Leave "Always allow session cookies" unchecked

8. Click on OK to close the Advanced Privacy Settings window.

9. Click on "Apply" and then "OK" to close the Internet Options window.

NOW, run a Complete Scan with your new version of SAS and let it remove/quarantine what it finds. Based on your log file that you post above, SAS found only tracking cookies. Keep in mind that cookies will keep coming back when your browse various websites.

- When you made the above changes in Internet Options, third party cookies have now been blocked. That will stop a lot of cookies from getting on your computer...which is good.

- When you run CCleaner, it will delete cookies from your computer...which is good. It is a good practice to run CCleaner just before you run an SAS scan. This will remove all the cookies and SAS will find no cookies to remove...which is good.

IS IE8 now useable?

I have run scans in safe mode but when I do I have to sign in under my SUPPORT sign on ,not my regular sign on. When I try to go into safe mode under my regular sign on it says my password is incorrect (both have admin privileges).

SAFE MODE requires a user account that has full administrative privileges which is SUPPORT sign on account.

Whenever I run a scan with my Support sign on it usually comes up clean, the latest one had a TrojanAgent/Gen-B anload which was quarantined and when I ran a scan again it was clear.

Unfortunately when you perform an SAS scan, it scans based on the account that you are signed on under. So if you are signed on under the SUPPORT account, SAS will not find the cookies that are stored under your other accounts. I "think" this is being changed in the upcoming new version 5 of SAS.