Can't Get these tricky pop-ups

:mozilla.26:C:\Documents and Settings\Me\Application Data\Mozilla\Users50\default\fr7vup9s.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.26:F:\Documents and Settings\Me\Application Data\Mozilla\Users50\default\fr7vup9s.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.36:C:\Documents and Settings\Me\Application Data\Mozilla\Users50\default\fr7vup9s.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.36:F:\Documents and Settings\Me\Application Data\Mozilla\Users50\default\fr7vup9s.slt\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.755:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.765:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.766:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.767:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.768:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.769:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.759:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.760:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.761:C:\Documents and Settings\Jeff B\Application Data\Mozilla\Firefox\Profiles\3iargw48.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).


::Report end
 
Wow thats a big log. It seems to be cleared but I will keep a close eye on it and will avoid entering personal information into the browers for a few weeks until I know its clear. I already had 1 credit card number stolen and i think it might be because of this...
 
OK Jeff, the HJT log is clean, did you ever get around to telling me how this computer got this infected? One of the worse I have seen in a while.

There is no good reason to store all of those cookies. You need a few for passwords and sites that require them, but use this information to control them in Internet Explorer:
http://www.mvps.org/winhelp2002/cookies.htm
http://www.microsoft.com/windows/ie/using/howto/privacy/config.mspx

Firefox:
http://privacy.getnetwise.org/browsing/tools/firefox1/ffdisablecookies
http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html

You also quarantined that junk in ewido, open the folder highlited in red and then the quarantine folder and delete all of that junk:
C:\Program Files\ewido anti-spyware 4.0\ <<< in there should be the quarantine folder.

I did not see any System Restore stuff, hope you do not have it turned off? A bad restore point is better that none. This information will get you clean files:
System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam

ewido is a great program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

Safe surfing...tashi:) will close the topic in a few day.

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
 
As the problem appears to be resolved this topic has been archived.

If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread; this applies only to the original topic starter.

Glad we could help.
 
You must log in or register to reply here.
Back
Top