View Full Version : [SmitFraud] Back with a vengeance
Last Wednesday I got a pretty nasty malware infection. Some kind of combo package that brought a good 15 different strains. After some research, and help from SmitFraudFix, it seemed that I had gotten rid of it all: SpyBot, Ad-Aware and Ewido reported nothing.
When I came back from worked, I was surprised by a resurgence of SmitFraud, plus a bunch of popup ads. This seemed to be a different version of SmitFraud: it's peddling SpyFalcon this time, and it seems to load itself up even in safe mode. I've gone through the stiky post's rain dance, but SmitFraud still remains. SmitFraudFix claims it cleaned it all, but the icon pops right back.
I suspect that all of this malware that just reinstalls itself is being started by some parent process that I've not been able to detect.
Anyway, this are my logs:
Rapport:
SmitFraudFix v2.39
Scan done at 20:45:25.70, Fri 05/05/2006
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Hibikir\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Hibikir\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{35a88e51-b53d-43e9-b8a7-75d4c31b4676}"="Register LogWare"
[HKEY_CLASSES_ROOT\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}\InProcServer32]
@="C:\WINDOWS\system32\reglogs.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}\InProcServer32]
@="C:\WINDOWS\system32\reglogs.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
hijackthis.log
Logfile of HijackThis v1.99.1
Scan saved at 8:55:48 PM, on 5/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Cisco Systems\Knights VPN Client\cvpnd.exe
C:\Program Files\CVSNT\cvslock.exe
C:\Program Files\CVSNT\cvsservice.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\CURITY~1\wucrtupd.exe
C:\Documents and Settings\Hibikir\Application Data\F?nts\w?nword.exe
C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Hibikir\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://slashdot.org/
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MBM 5] "C:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Lhoe] "C:\WINDOWS\system32\CURITY~1\wucrtupd.exe" -vt mt
O4 - HKCU\..\Run: [Jrmcdksz] C:\Documents and Settings\Hibikir\Application Data\F?nts\w?nword.exe
O4 - Startup: Notmad Manager.lnk = C:\Program Files\Red Chair Software\Notmad Explorer\notmgr.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Knights Direct VPN Knights Direct Client.lnk = C:\Program Files\Cisco Systems\Knights VPN Client\vpngui.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: winhpd32 - C:\WINDOWS\SYSTEM32\winhpd32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\Knights VPN Client\cvpnd.exe
O23 - Service: CVSNT Locking Service 2.5.01.1976 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe
O23 - Service: CVSNT Dispatch service 2.5.01.1976 (cvsnt) - March-Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
I misplaced the ewido log, so I'm running ewido again. I'll post the log shortly.
Thanks in advance for any help you can provide.
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 9:51:25 PM, 5/5/2006
+ Report-Checksum: 5D4E102C
+ Scan result:
HKLM\SOFTWARE\ClickSpring -> Adware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaTickets -> Adware.PurityScan : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.182:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.374:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.433:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.434:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.519:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.521:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.525:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.526:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.527:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.528:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.530:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.532:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.533:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.537:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.539:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.541:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.542:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.544:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.545:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.547:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.548:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.549:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.550:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.551:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.552:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.554:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.555:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.556:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.557:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.558:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.559:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.560:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.561:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.568:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.571:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.591:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.592:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.593:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.594:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.595:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.596:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.597:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.598:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.648:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.654:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.655:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.656:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.668:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.669:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.670:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.671:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.677:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.678:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.690:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.695:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.697:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.698:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.699:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.706:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.740:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.741:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.742:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.743:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.760:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.761:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.824:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.825:C:\Documents and Settings\Hibikir\Application Data\Mozilla\Firefox\Profiles\default.rb1\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Hibikir\Local Settings\Temporary Internet Files\Content.IE5\0PC5QROP\srvlbin5[1].exe -> Trojan.Dialer.oy : Cleaned with backup
C:\Documents and Settings\Hibikir\Local Settings\Temporary Internet Files\Content.IE5\BAKFJHGD\rdgUS2404[1].exe -> Downloader.Small.ayl : Cleaned with backup
C:\Documents and Settings\Hibikir\Local Settings\Temporary Internet Files\Content.IE5\HSWVXLS5\wizp32[1].exe -> Downloader.IstBar.eq : Cleaned with backup
C:\Documents and Settings\Hibikir\Local Settings\Temporary Internet Files\Content.IE5\WLE74H2F\mulbin1[1].exe -> Trojan.Dialer.oy : Cleaned with backup
C:\WINDOWS\mtuninst.exe -> Adware.MediaTickets : Cleaned with backup
C:\WINDOWS\temp\eaeeblmd.exe -> Trojan.Dialer.ay : Cleaned with backup
C:\WINDOWS\temp\win2F.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
C:\WINDOWS\temp\win35.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
C:\WINDOWS\temp\win3B.tmp.exe -> Downloader.IstBar.eq : Cleaned with backup
::Report End
After all of this, the stupid icon is there in the system tray, still taunting me.
Any help would be appreciated
LonnyRJones
2006-05-06, 06:39
Welcome
Start Hijackthis and place a check next to these items If there.
R3 - Default URLSearchHook is missing
O4 - HKCU\..\Run: [Lhoe] "C:\WINDOWS\system32\CURITY~1\wucrtupd.exe" -vt mt
O4 - HKCU\..\Run: [Jrmcdksz] C:\Documents and Settings\Hibikir\Application Data\F?nts\w?nword.exe
====================================
Hit fix checked and close Hijackthis.
Download Pocket Killbox to the desktop (version 2.0.0.648)
http://www.downloads.subratam.org/KillBox.exe
If you already have killbox ensure it is the latest version.
Start Killbox place a tick next to [x]Delete on reboot Press the ALL Files button
Copy this whole list into the windows clipboard, all the Bolded below.
C:\WINDOWS\SYSTEM32\winhpd32.dll
C:\WINDOWS\system32\reglogs.dll
Back in Killbox go > file > paste from clipboard,
Click the red highlighted X button and say yes to the prompt to restart the pc.
This topic is closed due to lack of a response to helper.
If you need it re-opened please send me a pm and provide a link to the thread.
Applies only to the original topic starter.