the addresses of the stores/EBay, whose search engine were you using?
Google or Yahoo's or? Is you ISP contractually connected to Yahoo?
(mine: Rogers cable is particularly for mail). I expect Yahoo is tracking your inquiries and passing on the info or their suggested similar findings to your search and one of the recipients paying for that info is sending this basic trojan at you via/thru a hole in Messenger. This agent is like a doorman standing at you backdoor.There is also a back door messenger route hiding in Outlook Express (if you have such on board). Assuming Win XP SP2 or better...(you don't say)
"Windows NT, 2000, and XP hide an hidden Internet server that is running by default. It receives and accepts, among other things, unsolicited network messages that cause pop-up dialog boxes to appear on the desktop. Internet Spammers have discovered this and are spraying pop-up Spam across the Internet." GRC.com
If you don't really NEED Messenger, there is a free program called "Shoot the Messenger" to block this path from GRC about 1/3 way down:
I would also NOT put it passed some shopping stores/sites to be including it thru cookies your allowing them to place on your machine.
Many TOOLBARS also may be allowing entrance to your machine. I refuse to allow any toolbars, period.
Using a Free Mozilla browser (requires Java)(even better w/ Free NoScript add-on) would allow you to limit those cookies to session only (deleted from temp after leaving net)or deny totally. No Script will show a list of the scripts/cookies attempting to download at each site and offer above limits to each individually. (One may consider this a toolbar, I just consider it a tool).
NoScript for FF:
Free CCleaner (Slim version bottom of page) will clean out those cookies at each running after leaving the net as well:
Hope this helps.
Greetings. I am using SuperAntispyware Professional for security. For the last few days, they have detected something and recommended an immediate system scan, which I have done.
Each day, they have removed and quarantined "TROJAN.AGENT/GEN.PROCESS". I am also getting more tracking cookies than usual. Plus, we have seen some odd pop ups in from Macy's department store site.
My system has slowed a bit and even temporarily frozen up a few times since the first detection. Nothing major so far, though.
We have been doing alot of department store shopping and eBay shopping. I also got a notification that my firewall partially blocked something from Yahoo Messenger.
SuperAntiSpyware lists it as a 5 on a scale of 1-10 threats.
1. Why does this Trojan keep coming back every day?
2. Isn't my secruity system supposed to be able to block it from
3. Any specific details about this Trojan and what or where it is
4. What can I do to get rid of this or block it out once and for all?
Thanks for all your help on this!