Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wildt Angent


  • Please log in to reply
35 replies to this topic

#1 honu1

honu1

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 03 August 2008 - 10:11 AM

I just ran my weekly scan of Spybot S+D. WildT angent came up as a red entry(bad) for 2 entries.
The first one stated SBI $343BDC07 program directory C:\WINDOWS\wt
The second one stated SBI $E30EC8B1 program directory C:\WINDOWS\wt\updater

The usual tracking cookies also came up in my results, but they were green(unharmful) entries. I chose to "fix" the selected problem of the 2 WildT angent entries and then immunized.

I did a bit of research and can't figure out how this program showed up as I do not use AOL, nor am I a "gamer" on the web.

Earlier in the week, I did install Winows Live ID (aka-windows messenger), but have not used it, not am I signed on.

After Taking care of the WildT angent issue thru SpybotS+D, I saw that 2 different games had been pinned to my start up menu! I deleted these. I do believe they were possibly something that was pre-loaded with my system.

My system was running just fine, with good scan results from Spybot until today and I'm worried now.

My operating system is Windows XP Home-SP2.

I did look at my "add/remove programs" and could not find any entries specifically stating WildT angent. Is it buried somewhere else?

I appreciate your input.

honu1
Life isn't about how to survive the storm, but how to dance in the rain.

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:05:00 AM

Posted 05 August 2008 - 05:30 AM

WildTangent is classified foistware, it's in a grey area of programs, dell also installs it on new computers as do others, it's a revenue generating system of programs utilized by advertisers. Personally I consider any program like this bad as it creates
vulnerabilities that can be exploited by the bad guys. But then I have found Utube and Myspace just as dangerous.

I consider my computer a tool, not a toy.

rantoff

Why not run a scan with MBAM and post that log?

http://www.bleepingcomputer.com/forums/ind...st&p=876163

There are some elements of Microsoft that are not to be trusted, marketing is one

:thumbsup:

Edited by DaChew, 05 August 2008 - 05:35 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#3 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 05 August 2008 - 06:45 PM

Thanks,Chewy
I won't be able to do that scan 'til tomorrow evening tho. Sounds like this novice should be able to handle it(I hope).
Shall I post back with results here?
Thanks again
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:00 AM

Posted 05 August 2008 - 07:04 PM

Yes,post the results here...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 08 August 2008 - 02:09 PM

Seems a file is infected. Hope I can get the results to this post okay.
Malwarebytes' Anti-Malware 1.24
Database version: 1034
Windows 5.1.2600 Service Pack 2

2:03:04 PM 8/8/2008
mbam-log-8-8-2008 (14-03-04).txt

Scan type: Quick Scan
Objects scanned: 39397
Time elapsed: 6 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\pse_300_enu.exe (Trojan.Agent) -> Quarantined and deleted successfully.

What do I do now? I am concerned that I'm infected!!!!!
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:00 AM

Posted 08 August 2008 - 02:39 PM

Run it once more and see if we get all 0's.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 08 August 2008 - 03:02 PM

Will do so right away,thanks. But.....what's this about a Trojan???? Those are really bad,correct?
Life isn't about how to survive the storm, but how to dance in the rain.

#8 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 08 August 2008 - 03:14 PM

This scan went faster! Now I'm at all zeros. I'm still confused as to why 1 file was found infected the first time+a trojan at that!
How often should I run this MBAM program? Weekly after running Spybot each time?
Thanks
honu1
Malwarebytes' Anti-Malware 1.24
Database version: 1034
Windows 5.1.2600 Service Pack 2

3:09:41 PM 8/8/2008
mbam-log-8-8-2008 (15-09-41).txt

Scan type: Quick Scan
Objects scanned: 39322
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Life isn't about how to survive the storm, but how to dance in the rain.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:00 AM

Posted 08 August 2008 - 03:37 PM

I would run it often. Always check for an update,depending on how you surf the net. More surfing = more scanning is my motto.

Actually I would also keep this on hand . Run a scan with it next. It is better from safe mode as Mbam is better from normal.


Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 08 August 2008 - 05:31 PM

Okay then, I'll try another one. How do I know which scans to run in normal mode versus safe mode? I still don't understand the concept of safe mode,sorry.

I'm not sure what programs I need to use on a regular basis. I don't understand the concept of virus vs. spyware. I know many good programs are recommended at BC, but I don't want to "overkill".

Also, am I supposed to disable my firewall(Windows Defender), + AVG Free when I run a scan? I was under the impression that running scans while the above referenced programs are live all the time can cause conflict?

I am pretty much confused about all this as you can see. Your patience+suggestions is very much appreciated. Thank you! :thumbsup:
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

#11 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:05:00 AM

Posted 08 August 2008 - 06:04 PM

that trojan agent was embedded in a web page, I found one on my computer in my firefox cache(temporary files), that does not mean that you are infected, safeguards can stop such files from executing, but it does mean we went to the wrong web page
Chewy

No. Try not. Do... or do not. There is no try.

#12 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 08 August 2008 - 07:47 PM

Hi again,
The scan took a bit of time,but better safe than sorry. Appears the results show all tracking cookies, but I will copy+paste them here. I was under the impression that cookies are like fingerprints, and thus they make my system more vulnerable?

What's the next step?
Thanks so much for all the help.BC is the greatest! :thumbsup:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/08/2008 at 07:13 PM

Application Version : 4.15.1000

Core Rules Database Version : 3530
Trace Rules Database Version: 1520

Scan type : Complete Scan
Total Scan Time : 01:02:41

Memory items scanned : 164
Memory threats detected : 0
Registry items scanned : 4785
Registry threats detected : 0
File items scanned : 18190
File threats detected : 11

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt
C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt
C:\Documents and Settings\Owner\Cookies\owner@adlegend[1].txt
C:\Documents and Settings\Owner\Cookies\owner@atdmt[1].txt
C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt
C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[1].txt
C:\Documents and Settings\Owner\Cookies\owner@ad.us-ec.adtechus[1].txt
C:\Documents and Settings\Owner\Cookies\owner@glb.adtechus[1].txt
C:\Documents and Settings\Owner\Cookies\owner@atwola[1].txt
C:\Documents and Settings\Owner\Cookies\owner@partner2profit[1].txt
C:\Documents and Settings\Owner\Cookies\owner@1067766890[1].txt
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.bookspan.122.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.bizrate.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.clickomania.ch [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.clickomania.ch [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.eb.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.eb.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.eb.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.eb.adbureau.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.ge.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.indexstats.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.media.zoominfo.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.media.zoominfo.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.paypal.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.perf.overture.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.potpourrigroup.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.roiservice.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.shawnewspapers.112.2o7.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.www.paypal-media.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
.www.paypal-media.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
sales.liveperson.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
server.iad.liveperson.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
sitestat.mayoclinic.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
www.hrsaccount.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
www.hrsaccount.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
www2.addfreestats.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yi14tr9c.default\cookies.txt ]
Life isn't about how to survive the storm, but how to dance in the rain.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:00 AM

Posted 08 August 2008 - 08:05 PM

How do I know which scans to run in normal mode versus safe mode?


My rule of thumb is If I know I am infected I always use safe mode. With the one exception of the MalwareBytes tool ,which is more effective in normal mode. Otherwise for maintenance (weekly scans ) I run from normal.

I still don't understand the concept of safe mode

from Bleeping Computer Tutorials.. http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
Windows Safe Mode is a way of booting up your Windows operating system in order to run administrative and diagnostic tasks on your installation. When you boot into Safe Mode the operating system only loads the bare minimum of software that is required for the operating system to work. This mode of operating is designed to let you troubleshoot and run diagnostics on your computer. Windows Safe Mode loads a basic video drivers so your programs may look different than normal.

what programs I need to use on a regular basis

You need an Antivirus,a firewall and a couple antispywares.. List for us what you have.

from http://webopedia.com/

VIRUS =
A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves.
SPYWARE =
Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes.
Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today.


I was under the impression that running scans while the above referenced programs are live all the time can cause conflict?

This one is difficult to answer as it is a Sometime basis. Some tools do not play nice with others. Example MaCaffe tends t be a problem with other tools and the Teatimer function of SpyBot sometimes causes problems. Running 2 A/V or firewalls at the same time will cause problems. I'm trying to keep it simple here.
Antivirus and Antispyware Software: What's The Difference?

Please give us a list of what Antivirus ,spyware and firewall you have installed. If unsure what it is just list it,thanks.

EDIT>> You look clean now. You should also upgrade to sevice pack 3 as it contains more security updates for the Windows system.

Edited by boopme, 08 August 2008 - 08:15 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 honu1

honu1
  • Topic Starter

  • Members
  • 477 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:USA
  • Local time:03:00 AM

Posted 09 August 2008 - 06:44 PM

Thanks, boopme for all the information in your last post. I have a lot of reading to do.
Back to your first answer tho. You said you run a scan in safe mode if you know you are infected. That's a problem for me as my system doesn't seem to be acting strange at all in my eyes. Did you mean to say that if I run one scan and it comes back positive for threats, I should run a different scan in safe mode? I need to be clear on this.

As for the list of programs you asked for:
AVG Free 8.0.138
Windows Defender 1.41.172.0
Spybot Search+Destroy 1.5.2
I have been using these for o long time now. Just recently,per assistance here at BC I added:
Malwarebytes Anti-Malware 1.24
Super Anti Spyware 4.15.1000

Even tho I listed 90 tracking cookies with the last scan I did, you say I'm clean now? How do you know that?

You suggested I update to service pack 3. Are you referring to a Windows update? My system was designed to update automatically. Where do I go to find out which version of Windows I'm really running anyway? Then, I need to find out how to get the latest update too.

Thanks for all the time you're giving this. I'm starting to feel a bit easier about using my system.
honu1
Life isn't about how to survive the storm, but how to dance in the rain.

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:00 AM

Posted 09 August 2008 - 11:11 PM

You have good tools there now, keep them. Remember to update them weekly and before a scan.
Yes I meant if one of your tools pops up with an infection notice then I always scan from safe mode (exception is Mbam).
In general, a tracking cookie is not dangerous. They may potentially infringe upon your privacy and may be removed. A tracking cookie cannot cause any system instability. But I remove them when I scan.

Your clean as your tools and these are now not showing anything.

Service pack 3
You can use Windows Update or the Microsoft Download Center to obtain Windows XP Service Pack 3 (SP3).
Check for updates on Windows Update
Go to Start> All Programs> Then select Windows or Microsoft Update from the top left of the Pop up window.. OR

1. Visit the following Microsoft Web site:
http://windowsupdate.microsoft.com
2. Click Express Install (Recommended).
3. If your computer qualifies, Windows XP SP3 will be one of the updates that are automatically selected. Click Install.
4. Review and accept the End User License Agreement (EULA).
Windows XP SP3 will be downloaded to your computer, and the Windows XP Service Pack 3 Setup Wizard will help you install it.
Obtain the latest Windows XP service pack from the Microsoft Download Center
If you have trouble obtaining the service pack from Windows Update, you can obtain the standalone update package from the Download Center.
The following file is available for download from the Microsoft Download Center:

Download the Windows XP Service Pack 3 here.
http://www.microsoft.com/downloads/details...08-1E1555D4F3D4

How to determine the version of Windows XP that you are running
1. Click Start, and then click Run.
2. In the Open box, type winver.exe, and then click OK. The version number is displayed in the About Windows box.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users