Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Same issue with iexplore.exe
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
Page 2 of 2 1 2
 
LinkBack Thread Tools
Old 11-28-2006, 07:54 PM   #21 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


I'm trying but it just stays where it says waiting for /wow... this takes a while Something like that. I left it there for about half an hour and then I just go tthe blue screen with the error. I think i don't have this spyware anymore beacause i havent seemed to see any problems when i go to firefox or iexplore. Just this bluescreen at random times.
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 11-28-2006, 08:10 PM   #22 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


posted agin sorry.
Last edited by glaz3; 11-28-2006 at 08:12 PM.
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 08:12 PM   #23 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


Anything els you think i can do?
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 08:23 PM   #24 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


Quote:
I'm trying but it just stays where it says waiting for /wow...
That's exactly what I needed to know.

You are still quite infected--it is essential that we run combofix via the run command.

Copy/paste this command--exactly as shown in the bold red text--into the Run box.

"%userprofile%\desktop\combofix.exe" /v jkhfd macoejhg lhnjsrk uhvjsul fusxnywh

When combofix hangs, open your Task Manager (On your keyboard, press Ctrl Alt Del)

Look for findstr.exe and click on it.
Click the End Process button.

Combofix should run for you now. Post that log here please.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 08:34 PM   #25 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


Administrator - 06-11-28 19:32:06.97 Service Pack 2
ComboFix 06.11.28W - Running from: "C:\Documents and Settings\Administrator\desktop"
Command switches used :: /v jkhfd macoejhg lhnjsrk uhvjsul fusxnywh

((((((((((((((((((((((((((((((( Files Created from 2006-10-28 to 2006-11-28 ))))))))))))))))))))))))))))))))))


2006-11-28 10:42 <DIR> d-------- C:\WINDOWS\erdnt
2006-11-27 21:27 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-27 20:21 <DIR> d-------- C:\Program Files\AOL
2006-11-27 20:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\AOL
2006-11-26 21:34 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2006-11-26 21:32 <DIR> d-------- C:\Program Files\Mozilla Firefox
2006-11-26 20:57 <DIR> d--hs---- C:\WINDOWS\CSC
2006-11-26 20:21 73,728 --a------ C:\WINDOWS\system32\pv_c3.exe
2006-11-26 20:21 119,056 --a------ C:\WINDOWS\system32\reg_c3.exe
2006-11-26 20:21 <DIR> d-------- C:\Program Files\CEVO
2006-11-21 12:55 <DIR> d-------- C:\Program Files\Security Task Manager
2006-11-21 12:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2006-11-14 21:03 <DIR> d-------- C:\Program Files\Maxtor
2006-11-11 00:44 <DIR> d-------- C:\Program Files\World of Warcraft
2006-11-03 15:42 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2006-10-30 06:37 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\dvdcss
2006-10-29 17:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2006-10-29 17:46 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2006-10-29 17:46 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2006-10-29 17:46 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2006-10-29 17:46 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2006-10-29 17:46 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2006-10-29 17:46 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2006-10-29 17:46 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2006-10-29 17:46 <DIR> d-------- C:\Program Files\Sygate
2006-10-29 15:59 118,804 --a------ C:\WINDOWS\system32\tgoysbcu.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-28 18:53 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Xfire
2006-11-28 13:41 -------- d-------- C:\Program Files\mIRC
2006-11-28 11:08 -------- d---s---- C:\Program Files\Xfire
2006-11-28 11:08 -------- d-------- C:\Program Files\WinZip
2006-11-28 11:08 -------- d-------- C:\Program Files\WinRAR
2006-11-28 11:03 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-11-28 11:03 -------- d-------- C:\Program Files\PowerISO
2006-11-28 11:02 -------- d-------- C:\Program Files\Internet Explorer
2006-11-28 11:02 -------- d-------- C:\Program Files\Common Files\System
2006-11-28 10:55 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Skype
2006-11-28 10:35 -------- d-------- C:\Program Files\XBC
2006-11-28 10:35 -------- d-------- C:\Program Files\Windows Media Player
2006-11-28 10:35 -------- d-------- C:\Program Files\Winamp
2006-11-28 10:35 -------- d-------- C:\Program Files\WarpSpeeder
2006-11-28 10:35 -------- d-------- C:\Program Files\Messenger
2006-11-28 09:11 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-11-28 09:11 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-11-28 08:53 -------- d-------- C:\Program Files\Common Files
2006-11-27 19:58 2560 --a------ C:\WINDOWS\system32\BitCometRes.dll
2006-11-27 18:04 -------- d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2006-11-27 17:01 -------- d-------- C:\Program Files\Steam
2006-11-26 21:20 -------- d-------- C:\Program Files\Movie Maker
2006-11-26 21:20 -------- d-------- C:\Program Files\DivX
2006-11-26 20:47 -------- d-------- C:\Program Files\Trillian
2006-11-14 21:03 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-11 00:44 -------- d-------- C:\Program Files\Common Files\Blizzard Entertainment
2006-11-08 19:56 -------- d-------- C:\Program Files\HLSW
2006-10-03 11:28 -------- d-------- C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2006-10-03 10:13 -------- dr-h----- C:\Documents and Settings\Administrator\Application Data\yahoo!
2006-09-28 14:49 -------- d-------- C:\Documents and Settings\Administrator\Application Data\LimeWire


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"aol"="\"C:\\Program Files\\AOL\\Active Virus Shield\\avp.exe\""
@=""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,23,00,00,00,7c,00,00,00,72,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk]
"path"="C:\\Documents and Settings\\Administrator\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Gamma.lnkStartup"
"location"="Startup"
"command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
"item"="Adobe Gamma"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Fantastic Flame Agent.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\Fantastic Flame Agent.lnk"
"backup"="C:\\WINDOWS\\pss\\Fantastic Flame Agent.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\FANTAS~1\\FANTAS~2.EXE "
"item"="Fantastic Flame Agent"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WarpSpeeder Tray Icon.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\WarpSpeeder Tray Icon.lnk"
"backup"="C:\\WINDOWS\\pss\\WarpSpeeder Tray Icon.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\WARPSP~1\\BSTRAY~1.EXE "
"item"="WarpSpeeder Tray Icon"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\WinZip Quick Pick.lnk"
"backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE "
"item"="WinZip Quick Pick"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgcc"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VM305_STI"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="daemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpcmpmgr"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPWuSchd2"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpztsb10"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb10.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InCD"
"hkey"="HKLM"
"command"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCpl"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvMcTray"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="nwiz"
"hkey"="HKLM"
"command"="nwiz.exe /install"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PWRISOVM"
"hkey"="HKLM"
"command"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmcService]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="smc"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SOUNDMAN"
"hkey"="HKLM"
"command"="SOUNDMAN.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spam Blocker for Outlook Express]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SBInst"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\SPAMBL~1\\Bin\\480~1.0\\SBInst.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpamBlocker]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SbOEAddOn"
"hkey"="HKLM"
"command"="C:\\Program Files\\SpamBlockerUtility\\Bin\\4.8.0.0\\SbOEAddOn.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="spydoctor"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spyware Doctor\\spydoctor.exe\" /Q"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeUpdateManager"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdS7_0_7 -reboot 1"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -u"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -u"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherOnTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SbWeatherOnTray"
"hkey"="HKLM"
"command"="C:\\Program Files\\SpamBlockerUtility\\Bin\\4.8.0.0\\SbWeatherOnTray.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="C:\\Program Files\\Winamp\\winampa.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YahooMessenger"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

Completion time: 06-11-28 19:34:15.99
C:\ComboFix.txt ... 06-11-28 19:34
C:\ComboFix2.txt ... 06-11-28 16:47
C:\ComboFix3.txt ... 06-11-28 11:21
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 09:48 PM   #26 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


Hiya,

This is looking much better.

Upload this file C:\WINDOWS\system32\tgoysbcu.dll to http://virusscan.jotti.org and report back what it found.

At the top of the window you should see "File to Upload & scan" and a blank box. Copy and paste the red text from above into the box. Then click "submit".

When it is finished, please copy and paste the information listed under "Service" and "Scanner Results" here.

-----------------------------------

These next tools will give your system a real nice cleaning as well as remove any other remnants that may be lying around.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

******************************************************

Download AVG Anti Spyware

Use the link at the bottom of the page under "AVG Anti-Spyware Free for Windows"

  • Install AVG Anti Spyware
  • Double-click the icon on Desktop to launch AVG
  • On the top of the main screen click Shield
  • Click the word active to change it to inactive
  • On the top of the main screen click Update.
  • Then click on Start Update. The update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the " Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
When you have finished updating, EXIT AVG Anti Spyware. Do Not run a scan just yet, we will shortly.


---------------------------

Download and install CleanUp! but do not run it yet. (Not Recommended for XP64).

------------------------------------------------

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.
5) Login with your usual account. Make sure to close any open browsers.

------------------------------------------------

*WARNING* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! or move them to a permanent location.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
  • Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it's checked.
Click OK
Press the CleanUp! button to start the program. Do NOT reboot/logoff when prompted.

------------------------------------------------

IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, **Please ensure it is set to Quarantine then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware.
**AVG Anti-Spyware is compatible with most AV and anti-spyware products, and the free version will continue to be useful as a second anti-malware scanner.

-----------------------------------

Reboot into Normal Mode.

-----------------------------------

Run another online scan at Panda and save the results. That report should look a lot better now.

Please include the following in your next reply:

jotti results
AVG A-S results
Panda results
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 10:33 PM   #27 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


AntiVir
Found Trojan/Winfixer
ArcaVir
Found nothing
Avast
Found Win32:Trojano-1165
AVG Antivirus
Found nothing
BitDefender
Found Trojan.Winfixer.AH
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

AntiVir SecurityPrivacyRisk/Ardamax.K.Gen riskware
ArcaVir Trojan.Spy.Ardamax.B
Avast Win32:Ardamax-gen
AVG Antivirus Ardamax.A
BitDefender Generic.Ardamax.5A6CA3D9
ClamAV X
Dr.Web Program.Ardamax
F-Prot Antivirus W32/Ardamax.D
F-Secure Anti-Virus not-a-virus:Monitor.Win32.Ardamax.k (6, 2, 604)
Fortinet W32/Ardamax.B!tr.spy
Kaspersky Anti-Virus not-a-virus:Monitor.Win32.Ardamax.k
NOD32 X
Norman Virus Control X
VirusBuster X
VBA32 Trojan-Dropper.VB.21
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-28-2006, 10:45 PM   #28 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


Using 'My Computer', navigate to and delete that file:

C:\WINDOWS\system32\ tgoysbcu.dll

Post the AVG A-S and Panda results as soon as you get them.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 08:57 PM   #29 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:53:24 PM 11/29/2006

+ Scan result:



C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0093983.exe -> Adware.HotBar : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0094030.exe -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Contact.Contacts -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Contact.Contacts.1 -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Contact.Contacts\CLSID -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Contact.Contacts\CurVer -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0093982.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0094029.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0094318.exe -> Adware.Searchcolor : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0094319.exe -> Adware.Searchcolor : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0099625.dll -> Adware.Winfixer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP158\A0093298.dll -> Adware.Zango : Cleaned with backup (quarantined).
:mozilla.411:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.412:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.422:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.399:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.400:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.431:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.543:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.318:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.319:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.320:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.321:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.322:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.323:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.324:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.537:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.538:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.28:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.29:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.174:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.423:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.403:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.404:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.405:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.406:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.10:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.11:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.12:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.25:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.26:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.39:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.6:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.7:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.8:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.9:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.375:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.376:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.377:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.402:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.158:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.299:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.300:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.303:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.304:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.545:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.546:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.547:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.208:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.209:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.210:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.211:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.212:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.213:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.214:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.433:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.427:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.428:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.429:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.385:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.325:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.326:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.180:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.181:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.592:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.363:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.364:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.365:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.366:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.499:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.501:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.204:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.205:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.544:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.351:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.352:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.353:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.354:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.355:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.100:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.101:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.102:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.103:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.104:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.105:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.106:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.107:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.108:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.109:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.110:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.111:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.112:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.113:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.64:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.65:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.66:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.67:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.68:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.69:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.70:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.71:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.72:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.73:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.74:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.75:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.76:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.77:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.78:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.79:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.80:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.81:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.82:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.83:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.84:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.85:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.86:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.87:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.88:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.89:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.90:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.91:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.92:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.93:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.94:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.95:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.96:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.97:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.98:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.99:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.372:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.373:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.374:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.117:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.118:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.119:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.122:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.54:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.55:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.56:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.57:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.58:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.59:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.539:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.540:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.541:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.542:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.244:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.245:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.246:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.247:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.248:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.249:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.250:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.251:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.252:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.253:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.509:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.510:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.511:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.512:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.517:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.443:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.13:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.215:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.216:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.217:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.218:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.219:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.220:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.221:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.222:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.190:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.191:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.192:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.194:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.196:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.197:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.198:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.199:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.200:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.202:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.203:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.414:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.415:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.416:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.418:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.419:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.420:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.421:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.159:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.160:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.161:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.162:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.163:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.164:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.165:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.306:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.307:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.308:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.309:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.310:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\1ikgh680.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{15D18F20-CB26-437A-8A57-D704E01A891B}\RP160\A0094239.dll -> Trojan.BHO.g : Cleaned with backup (quarantined).


::Report end
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 09:08 PM   #30 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


Nice work glaz3.

How is your system behaving now? If there aren't any more problems, please continue with these final instructions and helpful links.


Reset hidden/system files and folders
Windows XP
===============
Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Deselect the Show hidden files and folders option.
* Select the Hide file extensions for known types option.
* Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.

Enable Windows Auto Update
*Go to Start>Run - type wuaucpl.cpl
*Tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify".
Click on "OK".

Create a new System Restore point
Click Start >> Run - type SYSDM.CPL & press Enter
* Select the System Restore Tab
* Tick on the checkbox - "Turn off System Restore on all drives"
Click Apply
* Then untick the same checkbox & click OK
This will prevent any reinfection from previous restore points.


To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

Download SpywareBlaster 3.5.1 to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items .

Download Spyware Guard to catch and block spyware before it can execute.

Download IE-SPYAD.EXE to block access to malicious websites so you cannot be redirected to them from an infected site or email. IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impairs attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. This is a self-extracting .ZIP file, and save it to your desktop. Once downloaded, double-click on it to extract the files inside (default dir is C:\IE-SPYAD)
Now navigate to C:\ie-spyad. Double click to open it.
From within the folder, double-click install.bat
Select Option #2 - Install the new IE-SPYAD list, by typing 2
Then return to the main menu.
Select option #4 - Add the old porn sites domain, by typing 4

Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released.

In light of your recent issue, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles:

PC Safety and Security--What Do I Need?

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER
Understanding and Using Firewalls

**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Follow this list and your potential for being infected again will reduce dramatically.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 09:29 PM   #31 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


Thank you so much. I really appreciate all the hard work you put into fixing my problem. I'm most grateful for it. I'll try to send a donation to the forum as soon as I can. Also, Do I need to keep all these files and softwares I got for this procedure.
Last edited by glaz3; 11-29-2006 at 09:39 PM.
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 09:37 PM   #32 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


You're welcome.

You may delete the combofix.exe tool, but keep the rest of the downloads as they will go a long way in helping to keep your system clean.

Make sure to update the data base of AVG Anti Spyware and your Anti Virus program at least once a week and scan with them at regular intervals. Depending on how much time you spend online, I would suggest scanning with these programs a minimum of once a week.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 09:46 PM   #33 (permalink)
Registered User
 
Join Date: Apr 2006
Posts: 43
OS: Vista Home


I was wondering if spydoctor search and destroy, adware se personal, and spydoctor for spyware are any good because those are the ones that I used before.
glaz3 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 11-29-2006, 09:55 PM   #34 (permalink)
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
 
Ried's Avatar
 
Join Date: Jan 2005
Location: Ohio
Posts: 26,859
OS: WinXP and Vista


Yes, those are all very good programs as long as you keep the definition data base updated and scan with them regularly. Let them remove whatever they find.
__________________

Member of ASAP since 2005
Member of UNITE since 2006

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."
Ried is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 
Page 2 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 11:56 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85