Jump to content


Photo
- - - - -

Able to see traces but not threats?

traces threats trojan view

  • Please log in to reply
1 reply to this topic

#1 T.J.

T.J.

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 22 November 2012 - 02:23 AM

Hi,

I posted here, since I think it the most proper place, and am sorry if it was the wrong place.

I just finished scanning my system and got the result that I have two threats and 13 traces on it. When I continue on to checking the infected files, of which one is a cookie and twelve traces of Hotspotshield.
Shouldn't the threats be listed under the infected files as well? Or are they listed somewhere else? i have recently updated to Adaware Free Antivirus +.

With the version before this one, I detected a trojan the Win32.Backdoor Trojan Poison (I think I got the name right, that it was Win32.Poison I am sure of), and only adaware and Mbam was able to detect it. Now, it being a trojan I decided to check it a bit closer, and discovered that this one is said to be a particular nasty one, and have therefore worked hard to really make my system clean again, not wanting to leave it anywhere and letting it continue running on my computer. Anyway, I did a scan with mbam and it showed nothing, so Adaware being the other scanner to recognize it, was next in line in order to check and make sure.

This is also why I really would like to know what kind of threats the scan result is showing. I'm also surprised that these don't show up under infected files. As it doesn't, where can I view these threats?

Another question, the above mentioned trojan, can I really trust that Adaware managed to get rid of it? Just asking this, since it's said to be a particularly nasty infection that will reinstall itself when rebooting the system, and I also read on another site that it will try to remove a specific file, and make a similar copy in order to shut down Windows file check system, in order to install some other things. However, as both the scanners I used doesn't seem to show this after removing it the first time, it seems to me like I managed to remove it before any of these things happened. Given it's stated characteristics, this got me wondering. This, since I haven't noticed any of the stated tell-tale signs that it's at work. Still, I pose the question since I want to be sure, as its goal is to steal passwords, and especially creditcard info etc. I don't have such info on my computer, but sometimes buy things online, and thus must state my card number at such times. So far I have used another computer temporarily for such things as switching passwords on a couple of important sites, just in case. Still wondering though, as I don't see it in the infected files in Adaware, can I be sure it's been taken care of?

Oh, in case it matters, I'm running Win XP, sp3.

Hoping for a quick reply.

Thanks in advance!

/T.J.

#2 CeciliaB

CeciliaB

    Volunteer

  • Moderator
  • 7526 posts

Posted 22 November 2012 - 12:43 PM

Hi T.J.,

I'm not sure how to explain it, please tell me if you don't understand.

The first threat is Hotspotshield. Hotspotshield made 12 changes in your system, that is new files and new/changed entries in the Windows' registry. These changes are called traces. The twelve Hotspotshield traces together make up the first threat. The second threat has only one trace and that is the cookie.

Regarding Win32.Poison, it depends on which file(s) that were infected by it and which variant of Win32.Poison. Maybe it only was a downloaded file, that was detected, and it had never been run in the computer (hasn't changed anything else in the computer). In this case it is only to remove the downloaded file and everything continues to be fine with the computer.

If the computer was infected with the variant of Win32.Poison, that is described on http://www.microsoft...me=Win32/Poison it is rather easy to get rid of it. Remove the registry entry and the file, and the infection is gone.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users