PCWorld Forums

PCWorld Forums: Spyware Question - PCWorld Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Spyware Question

#1 User is offline   artman 

  • Advanced Member
  • PipPipPipPip
  • Group: Members
  • Posts: 184
  • Joined: 15-October 06
  • Location:Kansas City

Posted 17 July 2010 - 08:26 PM

I am running XP Pro SP3. Today I ran a scan for Spyware with Super Anti Spyware. After the scan it told me I had 67 threats - 64 were cookies and 3 were trojans. The threats were all quarantined and then removed from my machine with a restart.

My question - If I am running the Windows XP Pro Firewall my Netgear router has a built in hardware firewall how does Spyware enter my machine? Do I get it just by moving around the web with my FireFox 3.6.3 browser? Is there any way to prevent the Spyware from entering my machine?

There were 64 threats that were cookies. I thought that a cookie merely made it easier to navigate the web especially when returning to previous sites.

Any explanations would be great. Thanks!
0

#2 User is offline   Flashorn 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 4,709
  • Joined: 19-May 07
  • Location:Canada

Posted 18 July 2010 - 01:58 AM

View Postartman, on 17 July 2010 - 08:26 PM, said:

I am running XP Pro SP3. Today I ran a scan for Spyware with Super Anti Spyware. After the scan it told me I had 67 threats - 64 were cookies and 3 were trojans. The threats were all quarantined and then removed from my machine with a restart.

My question - If I am running the Windows XP Pro Firewall my Netgear router has a built in hardware firewall how does Spyware enter my machine? Do I get it just by moving around the web with my FireFox 3.6.3 browser? Is there any way to prevent the Spyware from entering my machine?

There were 64 threats that were cookies. I thought that a cookie merely made it easier to navigate the web especially when returning to previous sites.

Any explanations would be great. Thanks!



Hey Art !!

OK, first you Should have a third party firewall and Deactivate the one in XP. It doesn't do the job even though you have a Router firewall.
Second, do you have Any security in Real Time securing your PC!!!
Third, Firefox is up to version 3.6.6 so, you are not up to date.
Fourth, Cookies should Not stay on your PC. Some of those will track (tracking cookies) your every move on the Net. You should have Firefox
Delete ALL traces of your comings and goings on the Net after you close it.
As for the Trojans, you don't have to download anything to get infected. Just by visiting a site, you can, nowadays, get infected. This is where a
Good security setup is needed.

PLEASE run MalwareBytes' Anti-Malware and upload (copy & paste) the Log from that FULL scan in your next reply.
Download from here : Download@MajorGeeks . This link will re-direct you to MajorGeeks.com for your download which
will start automatically.


FLASHORN.
Posted Image Posted Image

Posted Image

Eurocom Scorpius: 3840QM-2.8 GHz-Ivy Bridge ; ATI 7970M Crossfire ; Intel SSD 520 series 480GB ; Seagate Momentus XT 750 GB,7200RPM ; 16 GB Corsair Vengeance 9 9 9 24 ; Sound Blaster X-Fi MB2 ; THX True Studio Pro.

Patience is Life.
0

#3 User is offline   AgentF 

  • Senior Member
  • PipPipPipPipPip
  • Group: Members
  • Posts: 856
  • Joined: 22-March 10
  • Location:localhost

Posted 18 July 2010 - 08:09 AM

You could separate cookies into two groups: personalization and advert. A personalization cookie is the one most people like. They save your login credentials and personal changes so the website works the way you like. It's more personal. The advert cookies are the "bad" ones. Marketers love to track where a user goes on the website, see what pages they visit and for how long, and then display adverts to get you to buy the product. SuperAntispyware picks up tracking cookies for disposal, but they aren't technically bad, unlike those trojans you also found. You haven't been "infected" with tracking cookies, so don't worry about them. They're easily disposed of.

Some people, myself included, set their web browsers to delete cookies upon close. In Firefox 3.6.6, go to Tools > Options > Privacy tab > checkbox: Clear history on close > Settings button > select what you want deleted (I select everything)
Would you be interested in contributing to the PCWorld Wiki?

Learn how to edit pages and even create new ones.
0

#4 User is offline   artman 

  • Advanced Member
  • PipPipPipPip
  • Group: Members
  • Posts: 184
  • Joined: 15-October 06
  • Location:Kansas City

Posted 18 July 2010 - 08:14 PM

Flashorn -

Thanks for your reply.

1)
Can you recommend a good third party firewall so I can turn off the XP Pro firewall? I have 3 machines networked through the router. If I install a 3rd party firewall on each machine will I have network problems?

2)
The only real time security I have running is ESET NOD32 Anti-Virus version 4. Each Sunday I manually run a scan with Super Anti Spyware and MalwareBytes' Anti-Malware. Several Anti-Virus companies have told me that if I have spyware and malware software running in real time they will conflict with the Anti-Virus software which is also running in real time.

3)
I have not updated Firefox to 3.6.6. I was under the impression that when there was a new version of Firefox that the browser would notify me.

4)
If I have Firefox delete all Cookies when I exit FireFox will I have to re-type information when I re-visit frequent websites?

5)
You mention a good Security setup. If I use ESET Anti-Virus and have a good 3rd party Firewall and manually run Super Anti Spyware and MalwareBytes' Anti-Malware is this good enough. If not, can you please suggest a solution?

6)
I ran MalwareBytes' Anti-Malware Full Scan yesterday and there were no threats. In fact each time I run it with a Full Scan there are never any threats.


Flashorn, I REALLY appreciate you taking the time to help me. Have a great week!


?
0

#5 User is offline   AgentF 

  • Senior Member
  • PipPipPipPipPip
  • Group: Members
  • Posts: 856
  • Joined: 22-March 10
  • Location:localhost

Posted 18 July 2010 - 09:29 PM

Hey Bill! A list man. Good, because I love lists.

1.) I find Comodo Firewall to be very effective. It takes a bit to train and understand what you prefer to block and allow, but I'm very happy with the security it adds to my setup. During the installation process, it will ask whether you want to install the anti-virus part too, but I just use the firewall.

You can setup the firewall to allow connections across your network. So long as you set it up properly, it won't cause problems.

After you've installed a new firewall, it is best to disable the one built into Windows XP to avoid conflicts. Open up the Services window (Start > Run > type: <i>services.msc</i>), find and open Windows Firewall/ICS, stop the service and set it to disabled. The Windows Security Center should now acknowledge the installation of your 3rd-party client instead of the Windows firewall.

2.) It is smart to only allow one real-time anti-virus/anti-spyware scanner run at a time. Failure to do so will negatively affect system performance, negatively affect program performance, and even cause some data corruption.

3.) Firefox will inform you of an update if you allow it to. It does by default. Go to Tools > Options > Advanced tab > Update tab > Automatically check updates for Firefox. You can also check for updates manually by selecting that option in the Help menu.

4.) Yes, because those personalization cookies get deleted too.

5.) I'd say that's sufficient and it closely reflects my setup - 1 real-time anti-virus/anti-spyware program, 2 on-demand anti-malware programs, 1 3rd-party firewall.

6.) Excellent! Malwarebytes won't find tracking cookies like SuperAntispyware does because it's not intended too.

Edit: If Comodo isn't to your liking, you may want to give Zone Alarm a try. I haven't used it personally but have heard good reviews.

This post has been edited by AgentF: 18 July 2010 - 09:47 PM

Would you be interested in contributing to the PCWorld Wiki?

Learn how to edit pages and even create new ones.
0

#6 User is offline   Flashorn 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 4,709
  • Joined: 19-May 07
  • Location:Canada

Posted 18 July 2010 - 11:13 PM

View Postartman, on 18 July 2010 - 08:14 PM, said:

Flashorn -

Thanks for your reply.

1)
Can you recommend a good third party firewall so I can turn off the XP Pro firewall? I have 3 machines networked through the router. If I install a 3rd party firewall on each machine will I have network problems?

2)
The only real time security I have running is ESET NOD32 Anti-Virus version 4. Each Sunday I manually run a scan with Super Anti Spyware and MalwareBytes' Anti-Malware. Several Anti-Virus companies have told me that if I have spyware and malware software running in real time they will conflict with the Anti-Virus software which is also running in real time.

3)
I have not updated Firefox to 3.6.6. I was under the impression that when there was a new version of Firefox that the browser would notify me.

4)
If I have Firefox delete all Cookies when I exit FireFox will I have to re-type information when I re-visit frequent websites?

5)
You mention a good Security setup. If I use ESET Anti-Virus and have a good 3rd party Firewall and manually run Super Anti Spyware and MalwareBytes' Anti-Malware is this good enough. If not, can you please suggest a solution?

6)
I ran MalwareBytes' Anti-Malware Full Scan yesterday and there were no threats. In fact each time I run it with a Full Scan there are never any threats.


Flashorn, I REALLY appreciate you taking the time to help me. Have a great week!


?




Hey Art !!


Nice to hear from you again.

I would recommend PC Tools Firewall Plus. It is a learning Firewall and will be asking permission for the first few weeks
until it has all of your programs in it's Data Base. You can also Allow programs easier than with other Firewalls. It's
probably the easiest of most of the Free firewalls to configure. I have it installed on three of my machines except,
this new one, Windows 7 64bit. It has a good two way Firewall and no other is needed. Am also behind a Router
Firewall. No conflict with either of the firewalls or the Router firewall. On the Main interface, you will notice the
"Smart Update" in the upper right corner. This is to update the definitions of the Firewall. I usually do it Once a week.

Posted Image

You can download from PC Tools and read about it. One word of interest, IF your XP is of the 64bit format then, this
one will not do. It does support all other OS and formats : http://www.pctools.com/firewall/.

Eset Nod32 is one of the best out there so, stick with it. You won't need any other in Real Time. To compliment, you have
MBAM & SAS which are the best in there class at the moment so, keep them updated and at hand.

Firefox is or should, by default, warn you of any updates. Verify by going to > Help > Check for Updates.

Posted Image

To have Firefox do this Automatically, go to > Tools > Options. When the screen appears, Click on the "Advanced" tab.
Next, click on the "Update" tab. Make sure that your configuration is the same as in the screen shot :

Posted Image

As for the cookies, you can have Firefox Ask you which ones to delete OR you can do as in this screen shot and Save
the ones you want. You can also configure Firefox to delete what you don't want to keep.
First, the cookies. Go to > Tools > Options. Click on the "Privacy" tab. You can choose what you want to retain or delete
with these check marks and drop down menus. Just look at the Cookies section of this screen shot and check mark as
the screen shot. Then, click on the "Exception" button and a pop-up will appear where you can stipulate which site's
cookies Not to delete. Simply add the URL of your favorites sites and click on the "Allow" button. These cookies will
Not be deleted. Click on the "OK" button to confirm and Save.

Posted Image

Now, click on the "Settings" button under Exceptions button and a new pop-up will appear. This is the "Settings" for cleaning
out Firefox after every session. Check Mark what You want to retain or delete. Click on the "OK" button to confirm and Save.

Posted Image


Quote

If I am running the Windows XP Pro Firewall my Netgear router has a built in hardware firewall how does Spyware enter my machine?


Actually, Nod32 Should have stopped this from happening. I will ask again, can you upload the Log file from that scan in your next reply
please. In SAS, go to (click) on "Preference". A new screen will appear. Go to the LOGS tab and double click on the appropriate Log Date.
It will open in Notepad. Copy & paste in your next reply.

As for your security setup, this is what Nod32 says on their web site :
  • Keeps you safe from viruses, spyware, trojans, password stealers and other malware threats.
Well, it failed unless the Trojans that SAS caught were False Positives. This is why I need to look at those logs. Eset is recognized as one of the best.

Keep Eset Nod32 in Real Time and make sure it Updates at Least every day, keep MBAM & SAS updated and run MBAM once every two days (Quick Scan)
Clean out the Junk files with CCleaner, once a week : Download from Piriform.com

I would also recommend you install these Add-ons to Firefox :

AdBlockPlus : https://addons.mozil...fox/addon/1865/ . Click on the ABP Stop Sign on the Upper right corner of Firefox and Subscribe to the
recommended Filter when you first install the Add-On. (It might ask automatically when installed).

KeyScrambler from QFX : https://addons.mozil...&lup=&advanced=

I would also recommend you go to their site and install the KeyScrambler software. It will protect Internet Explorer as well, in case you need to use IE.
Use the FREE version : http://www.qfxsoftwa...om/download.htm
http://www.qfxsoftwa...rsonal_logo.png

And lastly, I would also recommend, if you don't already have it. that you click on my Signature and inform yourself
about W.o.T.

IF you ave any other questions or concerns, don't hesitate to ask.


FLASHORN.

This post has been edited by Flashorn: 18 July 2010 - 11:17 PM

Posted Image Posted Image

Posted Image

Eurocom Scorpius: 3840QM-2.8 GHz-Ivy Bridge ; ATI 7970M Crossfire ; Intel SSD 520 series 480GB ; Seagate Momentus XT 750 GB,7200RPM ; 16 GB Corsair Vengeance 9 9 9 24 ; Sound Blaster X-Fi MB2 ; THX True Studio Pro.

Patience is Life.
0

#7 User is offline   artman 

  • Advanced Member
  • PipPipPipPip
  • Group: Members
  • Posts: 184
  • Joined: 15-October 06
  • Location:Kansas City

Posted 19 July 2010 - 08:09 PM

Flashorn and AgentF thanks again for all the time you have taken to give me excellent information.

Before I continue - My forum profile is set to send me an email when there is activity on this thread but I am not getting the email notifications. I have my email bill@artmanphoto.com entered into my profile. Do you have any ideas why this isn't working? I am getting email notifications from the other forums I participate in.

I did a Google search on 3rd Party Firewall reviews and out of ten firewalls the Comodo was listed as number one and PC Tools Firewall Plus was not among the 10 that were reviewed.

Flashorn - per your request I pasted below the SAS scan from yesterday (7-18) on one of my machines. There were 159 file threats detected. The day before (7-17) there were 170 file threats detected.

I will set Firefox delete all cookies when existing and I will purchase either the Comodo or PC Tools Plus.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/18/2010 at 09:33 PM

Application Version : 4.40.1002

Core Rules Database Version : 5226
Trace Rules Database Version: 3038

Scan type : Complete Scan
Total Scan Time : 00:27:47

Memory items scanned : 540
Memory threats detected : 0
Registry items scanned : 6336
Registry threats detected : 0
File items scanned : 25682
File threats detected : 159

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\bill@doubleclick[2].txt
.doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.usatoday1.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.lockedonmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.yellowpages.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.oasn04.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn1.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
cdn1.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.walmart.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
accountmanager.att.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.network.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.target.db.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.bassproshops.122.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.stats.paypal.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\4g14yu62.default\cookies.sqlite ]

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{29EE967F-06AF-49EE-ADDB-A2D0CFAE1F89}\RP380\A0041882.EXE
0

#8 User is offline   Flashorn 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 4,709
  • Joined: 19-May 07
  • Location:Canada

Posted 20 July 2010 - 01:42 AM

Hey Art !!

Thanks for the log. The Trojan it keeps coming up with , is Stuck in one of your Restore Points. I would run a Disk Cleanup and Delete All restore points. If you don't know how to do that , you can follow
the Tutorial (with screen shots) from this site : http://bertk.mvps.or.../diskclean.html
BUT, before you clean out the Old Restore Points, Create a new one so that, it will be the Last one which will be kept. It should be a Clean one by the looks of your Log File.
Here , you will find How to create a Restore Point (with screen shots) : http://bertk.mvps.or...l/createrp.html
Those cookies can Really add up fast and take allot of space on your HDD. Having Firefox delete the ones that are Not necessary is one way to keep your PC safer. Cleaning with CCleaner once a week
is another good way to keep the Junk off your PC.

If you have any doubts about PC Tools Firewall Plus, please read this review which will also review CoMoDo. I chose this one over CoMoDo for it's ease of use and being far more user friendly than many others.
When on the site, please read the Comments section below the reviews. They will have insights that are worth reading.
BTW, you don't Have to purchase anything. Both are FREE :

http://www.techsuppo...ee-firewall.htm

Keep this site bookmarked. It has Allot of Free software and All are reviewed and tested before comments are made.

As for the Forum's profile , you should contact one of the Moderators. They might be able to help your situation. I don't
have the authority to investigate further.
You can send a Private message to either :

coastie65
OR
rgreen4


FLASHORN.

This post has been edited by Flashorn: 20 July 2010 - 01:59 AM

Posted Image Posted Image

Posted Image

Eurocom Scorpius: 3840QM-2.8 GHz-Ivy Bridge ; ATI 7970M Crossfire ; Intel SSD 520 series 480GB ; Seagate Momentus XT 750 GB,7200RPM ; 16 GB Corsair Vengeance 9 9 9 24 ; Sound Blaster X-Fi MB2 ; THX True Studio Pro.

Patience is Life.
1

#9 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 20 July 2010 - 04:46 AM

Hey Bill, As Flash has said, Just delete the restore files to get rid of that. As to the other instances listed, it is most likely Adware ( Run www.malwarebytes.org ( the FREE version ). As to the the notification thing, I'm not sure as I have been watching severa threads and it shows that I am not watching anything. Guess it is a hiccup in the forum software. Will report it and see what shakes out.
Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#10 User is offline   artman 

  • Advanced Member
  • PipPipPipPip
  • Group: Members
  • Posts: 184
  • Joined: 15-October 06
  • Location:Kansas City

Posted 21 July 2010 - 08:04 PM

Coastie65 and Flashorn - Thanks very much for your help. I will try everything you suggest. Have a super week!
0

#11 User is offline   CrashnBurn 

  • Newbie
  • Pip
  • Group: Members
  • Posts: 1
  • Joined: 18-August 10

Posted 18 August 2010 - 07:58 AM

View Postartman, on 21 July 2010 - 08:04 PM, said:

Coastie65 and Flashorn - Thanks very much for your help. I will try everything you suggest. Have a super week!

It wasn’t until I got a killer infection that crippled one of my systems that I finally got to talk to someone who really understood these things. One of the major vulnerabilities with most systems is that people set their systems up so that they use the default account to do their day-to-day business. In Windows this is the system administrator’s account and the only account that can install SW (there are a few applications that can do software updates from “unprivileged user accounts”)

I have set up my system with multiple user accounts with varying degrees of privileges and locked down the sysadmin account, which I use to go only trusted websites for software updates—nothing else (always look at the URL at the top of the browser—I have been pointed to sites posing as something they’re not). This can be a pain sometimes because you will have to log on to the sysadmin account to do all installations, including for most software updates. As a “unprivileged user” you will not only get the irritating message when you attempt to update iTunes, your security SW, etc. saying that you don’t administrative privileges to install the SW, but that will also happen when something executing using your account tries to install itself without your knowledge.

Since any account can download stuff, Windows will by default save it into that account’s download folder. To make things easy you might want to set up a common download folder; though some applications don’t allow you to chose where to save the download.

I found this out when I spent a couple hours talking to the vendor of my virus protection software. The problem is that if you receive an unrecognized threat, or one that cannot be detected until after it places itself on your system, none of the packages that I researched today will prevent the sysadmin from installing the virus software.

I currently use PC Tools for my security and have found that it is very reliable though it does make too big a deal about most cookies. But it’s better to be safe than sorry. Also since some of the malware these days is aware of antivirus software I’ve been told you should run one of those free software packages from the net (e.g. AVS) to verify that you haven’t been infected something that has subverted your existing antivirus software.
0

#12 User is offline   ZeroTiger 

  • Member
  • PipPip
  • Group: Members
  • Posts: 32
  • Joined: 13-August 10

Posted 26 August 2010 - 10:52 AM

View Postartman, on 17 July 2010 - 08:26 PM, said:

I am running XP Pro SP3. Today I ran a scan for Spyware with Super Anti Spyware. After the scan it told me I had 67 threats - 64 were cookies and 3 were trojans. The threats were all quarantined and then removed from my machine with a restart.

My question - If I am running the Windows XP Pro Firewall my Netgear router has a built in hardware firewall how does Spyware enter my machine? Do I get it just by moving around the web with my FireFox 3.6.3 browser? Is there any way to prevent the Spyware from entering my machine?

There were 64 threats that were cookies. I thought that a cookie merely made it easier to navigate the web especially when returning to previous sites.

Any explanations would be great. Thanks!


remember, trojans are called that for a reason. the best firewall in the world is not going to protect you if you willfully download and install it.
0

#13 User is offline   gagajiejie 

  • Newbie
  • Pip
  • Group: Members
  • Posts: 2
  • Joined: 17-January 11

Posted 17 January 2011 - 01:28 AM

I would suggest you run AVG.
Keep it running and scan your computer. That free and easy to use.
Of course, safe mode is more friendly to you.
Also I would recomend you ( Run www.malwarebytes.org ( the FREE version) and Free system optimize tool-WinMate use it and optimize Windows setting.
-1

#14 User is offline   nicholasarmwood 

  • Member
  • PipPip
  • Group: Members
  • Posts: 28
  • Joined: 28-December 10

Posted 17 January 2011 - 03:32 AM

According to me it is not the issue that which browser you are using and what is the status of your firewall. It is depend on your anti-virus software.
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users