AVG Resident Shield keeps finding this problem
Results 1 to 14 of 14

Thread: AVG Resident Shield keeps finding this problem

  1. #1
    Join Date
    Aug 2009
    Posts
    7

    AVG Resident Shield keeps finding this problem

    AVG Resident Shield keeps popping up while surfing the net. Just about any link I click on causes this to happen. I can't believe every link is infected. Seems to be in my laptop. I have DSL wireless modem using WPA. I am in a rural location so nobody is near physically to hack me. AVG says I am virus free. Below is the text in the box from resident shield.

    "Found ";"C:\Users\John\AppData\Roaming\Microsoft\Windows\Cookies\Low\john@atdmt[2].txt";"Potentially dangerous object";"8/20/2009, 4:18:12 AM";"file";"C:\Program Files\Internet Explorer\iexplore.exe"

    Is this serious and how should I proceed?
    Thanks in advance
    John

  2. #2
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    20,926
    The first one.. the cookie is not dangerous and can be ignored or you can simply delete the cookie. It's definately nothing to worry about.

    As for the second alert, I'd submit it here..

    http://www.virustotal.com/

    To be scanned by other a/v utilities. If it turns out that it's not infected then it's a false positive but if other scanners see it as a trojan/virus/malware then we'll give you instructions to follow.

    Let us know what happens when you submit it.
    Don't believe everything you think.
    _____________________
    animal lovers click here
    and here

  3. #3
    Join Date
    Aug 2009
    Posts
    7
    fink,
    Thanks for the quick response.
    I'm kinda slow or I didn't communicate clearly. I think I have ONE problem. When I click on a link I get the message from AVG resident shield. I believe it is just a text message. (I could be wrong) I just copied and pasted that message in my post above. I went to the resident shield history to copy that information.
    Understanding that sshould I simply clear out all my cookies to solve? Or do I need to send that test file to virustotal.com?
    Thanks again,
    John

  4. #4
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    20,926
    If the only problem found is the cookie just delete it. Cookies are not a serious security problem.

    So, to be sure there's just the one alert, delete the cookie(s) and run the scan again to see what it finds.
    If the iexplore.exe file is still part of a separate alert then submit it to that site. Don't delete or quarantine it yet since it's your browser and without it you won't be able to use internet explorer.
    Don't believe everything you think.
    _____________________
    animal lovers click here
    and here

  5. #5
    Join Date
    Jun 2001
    Location
    Albuquerque, NM USA
    Posts
    14,482
    Bee_Man--john@atdmt[2].txt is a tracking cookie. Many consider tracking cookies harmless. They do record data about your surfing. But probably not a source of malware.
    It used to be possible to opt out of getting this cookie. http://www.atdmt.com/CookieUpdate.as...ieActions.aspx
    Another way, once you delete it, is to use IE Tools|Internet Options| Privacy tab|Advanced and Block "All third party cookies".
    Jim
    WIN7 Ultimate SP1 64bit, IE 11, NTFS,
    cable, MS Security Essentials, Windows 7 firewall

  6. #6
    Join Date
    Aug 2009
    Posts
    7
    fink,
    Interesting stuff going on. AVG Resident Shield is now declaring serious threat. I drilled down to the john@atdmt[2].txt file and tried to upload to virustotal.com. I got an error saying I didn't have permission to upload the file. Also earlier today I got an error saying there was no more room in the vault for more files. Since I was already committed to this trouble shooting process I have not followed WELSHJIM'S direction yet. next?

  7. #7
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    20,887
    This is known issue with AVG being oversensitive regarding atdmt cookie.
    No reason to upload it to virustotal. Cookie is just a text file - harmless.
    Empty AVG vault, and delete cookie.

  8. #8
    Join Date
    Aug 2009
    Posts
    7
    Well this is getting a little scary. I tried WelshJim's fix. It looked like I successfully opted out. IE was already configured for blocking all 3rd party cookies.
    I tried Broni's fix. That one looked promising. I emptied the vault , oops........... I drilled down and the atdmt[2].txt file was gone. I did not delete cookies. I rebooted and fired up IE. clicked on a link and got the same path except instead of atdmt[2] I got instead revsc[2].txt. FYI I have done a print screen and saved all three alerts as jpg in paint. If it's important or I'm not being clear I could upload the jpg links onto photobucket and post the links so you can see them. Anyway, I will start over and empty the virus vault empty the history and this time delete all cookies and test. I will report back results. I will not give up if you don't. Thanks again, John

  9. #9
    Join Date
    Aug 2009
    Posts
    7
    For what it's worth
    http://i20.photobucket.com/albums/b2.../Damaged-1.jpg
    http://i20.photobucket.com/albums/b2...ing/revsc2.jpg
    http://i20.photobucket.com/albums/b2...ng/Damaged.jpg
    http://i20.photobucket.com/albums/b2...ierprivacy.jpg
    http://i20.photobucket.com/albums/b2...iplethreat.jpg

    I emptied virus vault, deleted cookies, deleted history, I still have same symptom except now there are more filenames instead of the single original atdmt[2].txt.
    Also, all of a sudden I'm getting more warnings. Same path except the filename.txt is different like adbrite[1].txt or doubleclick.txt
    John
    Last edited by Bee_Man; August 21st, 2009 at 08:00 AM.

  10. #10
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    20,926
    Can't see a thing in your pics.. they're way too small.

    I'd like to see them to confirm but if all the warnings are about cookies I
    wouldn't be losing sleep over it. I would get AVG to stop the warnings
    though, if possible. Haven't used it in a long time but most a/v's have a way
    to not show meaningless/low priority alerts.
    Don't believe everything you think.
    _____________________
    animal lovers click here
    and here

  11. #11
    Join Date
    Aug 2009
    Posts
    7
    fink,
    if you give me a place to send the jpgs I will send them so you can look at them. Photobucket makes the pictures smaller and I haven't been able to leave the pictures full size. Is it ok to pist pictures directly to this forum?

  12. #12
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    20,926
    Is it ok to pist pictures directly to this forum?
    yes, as attachments. www.imageshack.us works well too... use hotlink for forums (1)
    Don't believe everything you think.
    _____________________
    animal lovers click here
    and here

  13. #13
    Join Date
    Aug 2009
    Posts
    7

  14. #14
    Join Date
    Jul 1998
    Location
    Toronto
    Posts
    20,926
    Looks to me that those are all cookies. As I've said cookies are most definately nothing to be concerned about. The most info that can be gleaned from a tracking cookie is what website you were sent from and which ads/items you looked at while at that site. All anonymously.. they have no idea who you are.. just some person who surfed in basically. They are mostly used for ads and compiling data about which pages/ads/items are being viewed.

    Perhaps someone who uses AVG can tell you how to stop those alerts.

    I would also install spywareblaster which will block most tracking cookies (and other very useful spyware/malware blockers as well) It's free..

    http://www.javacoolsoftware.com/spywareblaster.html
    Don't believe everything you think.
    _____________________
    animal lovers click here
    and here

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •