Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes won't resolve my virus problem completely


  • Please log in to reply
7 replies to this topic

#1 Decker

Decker

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 10 January 2009 - 07:43 PM

Hello, I posted about my problem in another thread and I'm being ignored. My other thread started out as help for my brother's virus issues... so I"m assuming that this is the reason for my being ignored in the other thread. So theres no confusion, I'm starting a new thread for MY issues and will leave the other thread for my brother's issues.

That being said, heres the problem. I was recently infected. So I downloaded and used Malwarebyte's Anti-Malware. It detected and temporarily got rid of the viruses. However, they came back a couple of days later. I read in another thread that a lot of times, you'll leave behind some hidden pieces of the viruses that will re-install them later. Apparently, this is whats happening here.

This is what I've done so far. First of all, I have Avast Anti-Virus.. and did what it suggested (which was to move to chest). I did that. Then I did a quick scan with MBAM and removed the objects found (the log from that scan will be posted later in this post). Then I waited a couple of days to see if it had completely resolved the problem. The Trojans returned as I suspected they would. I once again moved to chest with Avast, did a FULL scan with MBAM and removed the objects found (the log will be posted later in this post).

Now I'd like to know what else I need to do in order to completely get rid of these bleeping things (reformatting is not something I want to do because I can't afford a WindowsXP CD). I'm hoping that this can be taken care of with Virus/spyware/adware or Malware removal softwares. I just need some guidance.

So here are the logs...

********This is the log from the first MBAM scan I did (quick scan)*********

Malwarebytes' Anti-Malware 1.32
Database version: 1632
Windows 5.1.2600 Service Pack 3

1/8/2009 7:02:30 PM
mbam-log-2009-01-08 (19-02-30).txt

Scan type: Quick Scan
Objects scanned: 71192
Time elapsed: 19 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 19
Registry Values Infected: 4
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 16

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\rqRhIBtT.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\sinujo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\awtrQKbB.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d16355f-bc0b-45a9-a416-824ec71debc3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d16355f-bc0b-45a9-a416-824ec71debc3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59459260-2eac-45a5-87e6-821d4ab617f6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{59459260-2eac-45a5-87e6-821d4ab617f6} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d16355f-bc0b-45a9-a416-824ec71debc3} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtrqkbb (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{59459260-2eac-45a5-87e6-821d4ab617f6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\rqrhibtt -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\rqrhibtt -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\sinujo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\rqRhIBtT.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\TtBIhRqr.ini (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\TtBIhRqr.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtrQKbB.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opnMCrsT.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ebdyysib.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ffsgekep.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqoNeEX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\senekaee02.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\cosemxawnr.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\oxmcanrwes.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\8QWEKMB1\index[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\Q0I3QG5E\kbc41256[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtUNExXR.dll (Trojan.vundo) -> Quarantined and deleted successfully.


------------------------------------------------------------------------------------------------------------------------------------------------


***********This is the log from the second MBAM scan I did (full scan)***********

Malwarebytes' Anti-Malware 1.32
Database version: 1632
Windows 5.1.2600 Service Pack 3

1/10/2009 5:28:05 PM
mbam-log-2009-01-10 (17-28-05).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 781977
Time elapsed: 15 hour(s), 0 minute(s), 13 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\ssqQjIYQ.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqqjiyq (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\prunnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQjIYQ.dll (Trojan.Vundo) -> Delete on reboot.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\nearwxsocm.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\HP Games\Birdies\Birdies.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\HP Games\Ranch Rush\ijl15.dll (Trojan.Agent) -> Quarantined and deleted successfully.

Edited by Decker, 10 January 2009 - 09:00 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:23 AM

Posted 11 January 2009 - 09:30 AM

You need to update MBAM before scanning. Vundo is constantly changing to hide from security programs and are always playing catchup.

It is also a good idea to use more than one program to find and remove all of the malware. Super Antispyware has had success in removing Vundo and its associated malware. Use the instructions for SAS in the link below.
Be sure to UPDATE SAS in regular mode before booting into safe mode to run the scan.
http://www.bleepingcomputer.com/forums/ind...t&p=1040160

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 Decker

Decker
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 12 January 2009 - 05:06 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/12/2009 at 03:18 PM

Application Version : 4.24.1004

Core Rules Database Version : 3705
Trace Rules Database Version: 1680

Scan type : Complete Scan
Total Scan Time : 17:22:12

Memory items scanned : 169
Memory threats detected : 0
Registry items scanned : 10332
Registry threats detected : 9
File items scanned : 722430
File threats detected : 340

Adware.Tracking Cookie
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@realmedia[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@interclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adecn[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@media6degrees[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ads.pointroll[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@clicks.emarketmakers[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@indigio.122.2o7[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@pro-market[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adopt.euroclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@insightexpressai[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@stat.youku[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@fastclick[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@yadro[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@bs.serving-sys[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@questionmarket[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.googleadservices[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@bluestreak[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@gomyhit[3].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@nextag[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@sales.liveperson[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@atdmt[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@richmedia.yahoo[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@iacas.adbureau[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@revsci[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@clickandpledge[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@statse.webtrendslive[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@shopica[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@trafficmp[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@specificclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adrevolver[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.clickandpledge[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@tacoda[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.webcamsexpimp[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ehg-verizon.hitbox[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@imrworldwide[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@sales.liveperson[4].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@edge.ru4[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adopt.specificclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@serving-sys[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@link.mercent[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@mediaplex[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@feed.validclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@sales.liveperson[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@media.adrevolver[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@tribalfusion[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@wmvmedialease[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ads.adbrite[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@hitbox[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@account.alltel[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@cdn.at.atwola[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@gomyhit[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adinterax[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@revenue[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@zedo[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@anat.tacoda[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@clickbank[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@atwola[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.googleadservices[3].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@burstnet[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@2o7[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@advertising[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@data.coremetrics[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.shopica[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@at.atwola[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@media.adrevolver[3].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@doubleclick[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ar.atwola[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@msnportal.112.2o7[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adbrite[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.googleadservices[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@specificmedia[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adlegend[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@lstat.youku[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@adtrafficstats[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@finditquick[1].txt
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.content.yieldmanager.edgesuite.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ad.doubleclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.content.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.content.yieldmanager.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serw.clicksor.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adultfriendfinder.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.affiliates.commissionaccount.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.chitika.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.mediaconverter.org [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.mediaconverter.org [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.at.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.at.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ar.atwola.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.warnerbros.112.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.videoegg.adbureau.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.zedo.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.specificmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.e-2dj6wjkyajdzsap.stats.esomniture.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ehg-verizon.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ehg-verizon.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ehg-verizon.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ehg-verizon.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
statse.webtrendslive.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.revenue.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.divx.112.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bleepyou.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bleepyou.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bleepyou.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bleepyou.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.burstnet.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.electronicarts.112.2o7.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.ehg-foxsports.hitbox.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.mediageneral.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.yadro.ru [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.bravenet.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adserver.easyad.info [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adecn.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.warez-bb.org [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.warez-bb.org [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.warez-bb.org [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
imagevenue.advertserve.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
imagevenue.advertserve.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adlegend.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adlegend.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.accountonline.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.accountonline.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
sales.liveperson.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
sales.liveperson.net [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.myroitracking.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.7oxic-media.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.7oxic-media.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.a.websponsors.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
www.burstbeacon.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ads.lucidmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
ads.lucidmedia.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.adserver.adtechus.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]
.interclick.com [ C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\44tbnidf.default\cookies.txt ]

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID

Rogue.Component/Trace
HKLM\Software\Microsoft\C83FD956
HKLM\Software\Microsoft\C83FD956#c83fd956
HKLM\Software\Microsoft\C83FD956#Version
HKU\S-1-5-21-271071447-2191559297-2353757296-1008\Software\Microsoft\CS41275

Adware.Casino Games (Golden Palace Casino)
C:\CASINO\VEGAS21CLUB.NET CASINO\CASINO.EXE
C:\POKER\TITAN POKER\CASINO.EXE

Adware.Vundo Variant/Rel
C:\WINDOWS\SYSTEM32\XBEEG.BAK1
C:\WINDOWS\SYSTEM32\XBEEG.INI

#4 buddy215

buddy215

  • BC Advisor
  • 12,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:23 AM

Posted 12 January 2009 - 05:50 PM

You can block the ad/tracking cookies that Super Antispyware removed from ever installing on your computer.

In Firefox, Tools, Options, privacy tab, uncheck "accept third party cookies".

You can block the Ad/ tracking cookies from ever installing on your computer by following the steps below.
This applies to Internet explorer browsers.
Click on tools
click on internet options
click on privacy tab
click on advanced button
put a check in the box next to override automatic cookie handling
put a check in the box next to first party accept
put a check in the box next to block third party cookies (those are the ad/ tracking cookies that AVG deletes)
Click OK to exit
Then just run another quick scan with SAS to remove the third party cookies that were installed before changing the settings.

Click start, All programs, Accessories, System tools, Disk Cleanup, Put a check next to all items except "compress old files".
Click on the more options tab, click on the "cleanup" button next to "system restore" (this will remove all of the restore points but the last one as many are infected) click OK and allow cleanup to run.

Use Secunia online scanner to check for missing security updates. http://secunia.com/vulnerability_scanning/online/
After updating Java (if you haven't done so already) go to Add/ Remove and remove ALL old Java programs.
IE browser, Adobe Reader, Adobel Flash and Java have all been exploited recently. Important to get the latest updates to avoid malware exploiting those programs.
Vundo is known to exploit old Java programs.

Update MBAM and run a quick scan with it. Post the log back here if it finds anything. The other scans you ran with MBAM were missing many updates.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 Decker

Decker
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 13 January 2009 - 02:30 AM

I've completed all of that and the MBAM scan found nothing.

#6 buddy215

buddy215

  • BC Advisor
  • 12,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:23 AM

Posted 13 January 2009 - 06:53 AM

That is good to hear.
It would be a good idea for the next few days to run a scan with SAS after updating.

Read post #4 and #6 in the links below to learn how to avoid the malware in the future.
http://www.bleepingcomputer.com/forums/ind...t&p=1087873
http://www.bleepingcomputer.com/forums/ind...t&p=1087945

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 Decker

Decker
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:23 AM

Posted 13 January 2009 - 12:06 PM

Thank you.

#8 buddy215

buddy215

  • BC Advisor
  • 12,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:23 AM

Posted 13 January 2009 - 03:33 PM

Glad to of helped you. Surf Safe.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users