Jump to content

Trojan Vundo, BHO, and Agent


giant

Recommended Posts

I got these because of a major lapse of intelligence on my part, and I opened an infected e-mail. The trojans are slowing down my computer by an insane amount. I'll continue adding logs as scans are completed. Any help will be most appreciated. :angry:

Malwarebytes' Anti-Malware 1.30

Database version: 1421

Windows 5.1.2600 Service Pack 3

12/8/2008 7:09:16 PM

mbam-log-2008-12-08 (19-09-16).txt

Scan type: Quick Scan

Objects scanned: 62876

Time elapsed: 2 hour(s), 19 minute(s), 0 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 2

Registry Keys Infected: 3

Registry Values Infected: 5

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 12

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\WINDOWS\system32\hehavuva.dll (Trojan.Vundo.H) -> Delete on reboot.

c:\WINDOWS\system32\gehudehe.dll (Trojan.BHO) -> Delete on reboot.

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f01f431a (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.BHO) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpmf32c7086 (Trojan.Agent) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ligetanuye (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: c:\windows\system32\gehudehe.dll -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.BHO) -> Data: system32\gehudehe.dll -> Delete on reboot.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\funeroga.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\agorenuf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hehavuva.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\avuvaheh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jowosepe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\epesowoj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\viwamofe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\efomawiv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\gehudehe.dll (Trojan.BHO) -> Delete on reboot.

C:\WINDOWS\system32\drivers\drshi.sys (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\yeyivufu.dll (Trojan.Agent) -> Delete on reboot.

C:\WINDOWS\system32\rumepopo.dll (Trojan.Agent) -> Delete on reboot.

Link to post
Share on other sites

I just realized I forgot to update, so I started over. Here are all three logs...

Malwarebytes' Anti-Malware 1.31

Database version: 1475

Windows 5.1.2600 Service Pack 3

12/8/2008 8:48:08 PM

mbam-log-2008-12-08 (20-48-08).txt

Scan type: Quick Scan

Objects scanned: 62881

Time elapsed: 13 minute(s), 25 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 3

Registry Values Infected: 1

Registry Data Items Infected: 3

Folders Infected: 0

Files Infected: 24

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\WINDOWS\system32\wopoliro.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e88768a9-7e8d-4365-98bd-663b1f3efd5e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e88768a9-7e8d-4365-98bd-663b1f3efd5e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e88768a9-7e8d-4365-98bd-663b1f3efd5e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ligetanuye (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\wopoliro.dll -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\wopoliro.dll -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\wopoliro.dll -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\dusayamo.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\wopoliro.dll (Trojan.Vundo.H) -> Delete on reboot.

C:\WINDOWS\system32\libibehe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jizusubi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\viyijiyu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\wevagofo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\timovose.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\dutakuja.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kivigoru.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\kopujura.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\subapade.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\hofomoto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jahanane.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jebadunu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\jehiyevi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\lozugava.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\luwakefi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vedihome.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\vedilune.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\yeweyefa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\zowokepi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\bahokogi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\balinoto.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\bapozoni.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Panda Scan

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-08 22:44:12

PROTECTIONS: 1

MALWARE: 64

SUSPECTS: 4

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

AVG 7.5.516 7.5.516 No No

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.trafficmp.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.casalemedia.com/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.doubleclick.net/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.doubleclick.net/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Jake\Application Data\SecondLife\browser_profile\cookies.txt[.atdmt.com/]

00145392 Cookie/Internetfuel TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.internetfuel.com/]

00145392 Cookie/Internetfuel TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.internetfuel.com/]

00145392 Cookie/Internetfuel TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.internetfuel.com/]

00145392 Cookie/Internetfuel TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.internetfuel.com/]

00145392 Cookie/Internetfuel TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.internetfuel.com/]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.tradedoubler.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.247realmedia.com/]

00145433 Cookie/Mammamediasolutions TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.targetnet.com/]

00145433 Cookie/Mammamediasolutions TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.targetnet.com/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.fastclick.net/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.servedby.advertising.com/]

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.tribalfusion.com/]

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.tribalfusion.com/]

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.tribalfusion.com/]

00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-eu.falkag.net/]

00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-eu.falkag.net/]

00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-eu.falkag.net/]

00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-eu.falkag.net/]

00145732 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-eu.falkag.net/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.mediaplex.com/]

00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.centrport.net/]

00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.linksynergy.com/]

00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.linksynergy.com/]

00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.anm.co.uk/]

00146967 Cookie/PayCounter TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.paycounter.com/]

00149064 Cookie/Maxserving TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.maxserving.com/]

00149064 Cookie/Maxserving TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.maxserving.com/]

00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.belnk.com/]

00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.belnk.com/]

00152401 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.belnk.com/]

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.revenue.net/]

00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.findwhat.com/]

00162730 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.dist.belnk.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.com.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.com.com/]

00167726 Cookie/Tickle TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.tickle.com/]

00167726 Cookie/Tickle TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.tickle.com/]

00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.z1.adserver.com/]

00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.z1.adserver.com/]

00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.z1.adserver.com/]

00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.z1.adserver.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.statcounter.com/]

00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.perf.overture.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[ad.yieldmanager.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.burstnet.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.burstnet.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.burstnet.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.burstnet.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.serving-sys.com/]

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.bs.serving-sys.com/]

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[bs.serving-sys.com/]

00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[www.burstbeacon.com/]

00168101 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-us.falkag.net/]

00168101 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-us.falkag.net/]

00168101 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-us.falkag.net/]

00168101 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-us.falkag.net/]

00168101 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.as-us.falkag.net/]

00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[stat.onestat.com/]

00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[stat.onestat.com/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[fl01.ct2.comclick.com/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[fl01.ct2.comclick.com/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[fl01.ct2.comclick.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.advertising.com/]

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[statse.webtrendslive.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ads.pointroll.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.overture.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.overture.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.overture.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.realmedia.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.questionmarket.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.zedo.com/]

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.bluestreak.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.adrevolver.com/]

00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ath.belnk.com/]

00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ath.belnk.com/]

00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ath.belnk.com/]

00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ath.belnk.com/]

00196960 Cookie/Belnk TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.ath.belnk.com/]

00199983 Cookie/Valueclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.valueclick.com/]

00199983 Cookie/Valueclick TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.valueclick.com/]

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[.atwola.com/]

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[.atwola.com/]

00262492 Adware/CommAd Adware No 0 Yes No C:\WINDOWS\SmFrZQ\mAIOtk.vbs

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[citi.bridgetrack.com/]

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[citi.bridgetrack.com/]

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[citi.bridgetrack.com/]

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\zik13pjb.default\cookies-1.txt[citi.bridgetrack.com/]

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[citi.bridgetrack.com/]

00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Ryan\My Documents\firefox\cookies.txt[citi.bridgetrack.com/]

00330508 Trj/Goldun.MM Virus/Trojan No 0 Yes No C:\WINDOWS\system32\msnxcli.dll

00337614 Adware/Brands Adware No 0 Yes No C:\WINDOWS\system32\msnxplpi3.dll

00433772 Trj/Keylogger.EI Virus/Trojan No 1 Yes No C:\Program Files\Malwarebytes' Anti-Malware\mbam-dor.exe

00504745 Adware/PurityScan Adware No 0 Yes No C:\WINDOWS\Mіcrosoft\sеrvices.exe

00533567 Adware/Brands Adware No 0 Yes No C:\WINDOWS\system32\msnxpcl5.dll

02882721 Trj/Agent.HGP Virus/Trojan No 1 Yes No C:\WINDOWS\system32\skp.exe

02888262 Exploit/Gimsh.B HackTools No 0 Yes No C:\Documents and Settings\Jake\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-5efd1945-2eace4c5.zip[vmain.class]

03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\eajxsj.exe

03651863 Adware/Xpantivirus2008 Adware No 0 Yes No C:\Documents and Settings\Jake\Local Settings\Temporary Internet Files\Content.IE5\839O7EBE\._file[1].exe

03839836 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\Jake\Local Settings\Temp\qpglgnat.exe

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{0A62A536-BD5E-4D5E-A6CA-55C1C326843D}\RP43\A0022829.sys

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{0A62A536-BD5E-4D5E-A6CA-55C1C326843D}\RP27\A0019450.sys

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{0A62A536-BD5E-4D5E-A6CA-55C1C326843D}\RP60\A0032419.sys

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{0A62A536-BD5E-4D5E-A6CA-55C1C326843D}\RP61\A0032521.sys

03848465 Adware/Lop Adware No 0 Yes No C:\Documents and Settings\All Users\Application Data\nobyngly\jwvcrgnw.exe

03902085 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\WeatherStudio Desktop\WeatherStudio Desktop.exe

04154925 Trj/Downloader.MDW Virus/Trojan No 0 Yes No C:\wvja.exe

04186339 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\pdmicxcs.exe

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location u

;===============================================================================

================================================================================

=

===================

No C:\Documents and Settings\Jake\Local Settings\Temp\wJQs.exe u

No C:\Documents and Settings\Jake\My Documents\My Received Files\New Folder.zip[New Folder/CORE-TuneUp.2008.v7.0.rar][TuneUp.Utilities.2008.v7.0.8007.Keymaker.Only-CORE\keygen.exe]

No C:\Program Files\GoldWave\GoldWave.exe u

No C:\Program Files\mIRC\mirc.exe u

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description u

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:45:08 PM, on 12/8/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Zune\ZuneLauncher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZuneBusEnum.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)

R3 - URLSearchHook: (no name) - {1667F640-3A81-437E-F1DE-1043B611F2C7} - (no file)

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [ligetanuye] Rundll32.exe "C:\WINDOWS\system32\rumepopo.dll",s (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab

O20 - AppInit_DLLs: c:\windows\system32\yeyivufu.dll c:\windows\

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 6458 bytes

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.