also @ TechSpot: Updated Microsoft EULA prohibits class action lawsuits

TechSpot

[Solved] XP Antivirus 2012 supposedly fixed, but now ping.exe and browser redirect issues

Discussion in 'Virus and Malware Removal' started by TisTheSeason, Dec 14, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2

  1. TisTheSeason Newcomer, in training

    SUPERAntiSpyware Log, cont.
    .a1.interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    gs.serving-sys.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    www.gotrackthis.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    www.gotrackthis.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    www.burstnet.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .statcounter.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    pfa.rotator.hadj7.adjuggler.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    pfa.rotator.hadj7.adjuggler.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    pfa.rotator.hadj7.adjuggler.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .weborama.fr [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .weborama.fr [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .aimfar.solution.weborama.fr [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .aimfar.solution.weborama.fr [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    quizilla.teennick.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adinterax.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .overture.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adtech.de [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .yieldmanager.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    track.prd1.netshelter.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tacoda.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .richmedia.yahoo.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    dc.tremormedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .googleads.g.doubleclick.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .adinterax.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    www.burstnet.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ E:\DOCUMENTS AND SETTINGS\BAMBI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\YDAG994W.DEFAULT\COOKIES.SQLITE ]
    .bravenet.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .statcounter.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\4PDJDGU9.DEFAULT\COOKIES.SQLITE ]
    ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\MARK\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\83R2C5WS ]
    ad.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    art.aim4media.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    cdn.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    content.yieldmanager.edgesuite.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    convoad.technoratimedia.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    crackle.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    imagec15.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    media.mtvnservices.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    media.scanscout.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    media1.break.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    secure-uk.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    tag.2bluemedia.hiro.tv [ C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3GMJVQVZ ]
    .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    segment-pixel.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    www.technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    www.technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]
    .technologyquestions.com [ C:\DOCUMENTS AND SETTINGS\ROSE ANNE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\M6V9VSUX.DEFAULT\COOKIES.SQLITE ]

    Trojan.Agent/Gen-Autorun[Swisyn]
    D:\PROGRAM FILES\NUSPHERE\PHPED\DBEXPPGE.DLL

    Trojan.Agent/Gen-Falpdb
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{A08754AD-13CB-4BAD-9B5A-8A30DC0D1D73}\RP1627\A0192719.SYS
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{A08754AD-13CB-4BAD-9B5A-8A30DC0D1D73}\RP1627\A0193719.SYS
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{A08754AD-13CB-4BAD-9B5A-8A30DC0D1D73}\RP1627\A0193754.SYS
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{A08754AD-13CB-4BAD-9B5A-8A30DC0D1D73}\RP1628\A0194754.SYS
    TisTheSeason, Dec 19, 2011
    #21

  2. Bobbye Helper on the Fringe

    FYI:
    This is not new malware. Unfortunately, AV programs don't check for the location of an entry. In this case, System Volume is where the restore points are kept. This malware is not active in the system. When the cleaning has been completed, I will have you drop the old restore points and set new clean on.

    The only way this could affect the system is if you did a System Restore and happened to pick this one point. Since you are told not to run System Restore during cleaning, this should not be an issue.
    ========================================
    Are you noticing the 404 on any site(s) in particular? This is not normally caused by malware. Malware usually either prevents you from accessing the internet at all or it redirects the searches.
    ======================================
    Problem: HTTP 404 - File not found
    Internet Information Services
    Causes:
    • The requested file has been renamed.
    • The requested file has been moved to another location and/or deleted.
    • The requested file is temporarily unavailable due to maintenance, upgrades, or other unknown causes.
    • The requested file does not exist.
    • IIS 6.0: The appropriate Web service extension or MIME type is not enabled.
    • A virtual directory is mapped to the root of a drive on another server.
    -------
    Less common causes:
    247714 (http://support.microsoft.com/kb/247714/ ) Using PUT command for a long file name causes "HTTP 404 - File not found" error
    221553 (http://support.microsoft.com/kb/221553/ ) Setting file attributes on Web content causes 404 - File not found error
    216803 (http://support.microsoft.com/kb/216803/ ) IIS hidden static files return HTTP 404 or access denied errors
    288123 (http://support.microsoft.com/kb/288123/ ) HTTP Error 404 "Page cannot be displayed" when you attempt to connect to the OWA server after you upgrade from Exchange Server 5.5 to Exchange 2000 Server
    ---------
    Resolution and additional information HERE.
    All links courtesy Microsoft.
    ======================================
    Accounts for each of the following user names should reset Cookies as follows:
    Mark, Bambi, Administrator
    The 'Bambi account may not be active now- but there were numerous Tracking Cookies. Remove the current ones, be sure Cookies get reset. If this account is not being use, suggest you remove the account from the system.

    Reset Cookies
    For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

    For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List

    For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    (First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)

    If you did not set SAS to remove the entries found, run it again and do so. The Cookies on the accounts are the most commons 3rd Party Tracking Cookies. By resetting the Cookies for each account, these will no longer be accepted by the system.
    ===================================
    Let's make sure this is handled:
    Reset your browser proxies
    • For Firefox:
      o Open Firefox, click on "Tools" then "Options" and then on "Advanced".
      o Click on the "Network" tab, and then on the "Settings" button.
      o Please make sure that the "No Proxy" option is selected.
    • For Internet Explorer:
      o Open Internet Explorer.
      o Click on "Tools" and then select "Internet Options".
      o Click on the "Connections" tab and click the "Lan Settings" button at the bottom.
      o Uncheck "Use a Proxy server for your LAN".
      o Click Ok to close the Local Area Network (LAN) Settings window.
      o Click Ok to close the Internet Options window.
    ==================================
    Please tell me about the 3 drives: C is probably the Local Drive. But D and E both had infected files. Is D or E- or both- a flash drive or other movable drive? If so, they will need to be disinfected: You may have a flash drive infection. These worms travel through your portable drives. If they have been connected to other machines, they may now be infected.
    You may have a flash drive infection. These worms travel through your portable drives. If they have been connected to other machines, they may now be infected.

    Please disinfect all movable drives
    1. Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
    2. Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
      Note: Some security programs will flag Flash_Disinfector as being some sort of malware, you can safely ignore these warnings
    3. The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone. Please do so and allow the utility to clean up those drives as well.
    4. Wait until it has finished scanning and then exit the program.
    5. Reboot your computer when done.

    Note: Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.
    =================
    I need to set up script to run through Combofix- I'd like to check the host files because of the open ports, so please run HijackThis:
    First, set up a Directory for HijackThis as follows:
    Right click Taskbar> Explore> My Computer> Local Drive (C)> File> New> Folder> Name folder HijackThis
    Exit Explorer
    You now have a folder C:\HijackThis
    -----------------------------------------
    Download HijackThis and save to your desktop.
    • Click on the HJT icon> 'Extract all files'> Extraction Wizard> Click on Browse to right of dialogue box that says 'Select a folder'
    • Extract it to the directory on your hard drive you created C:\HijackThis.
    • Then navigate to that directory and double-click on the hijackthis.exe file.
    • When started click on the Scan button and then the Save Log button to create a log of your information.
    • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and paste (Ctrl+V) the log in your next reply.

    NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
    Bobbye, Dec 19, 2011
    #22

  3. TisTheSeason Newcomer, in training

    Within the last day or two, I've noticed that I have some Windows Automatic Updates to install. I haven't seen any of these for a while, so I'm presuming that the malware was blocking them (they are all security updates). I haven't installed any of them (there are a total of 15), pending your approval to proceed.

    This is my wife's account, and it is currently active.

    C, D, and E are local drives (actually, D and E are logical partitions). I do have a thumb drive, however, which I have cleaned using Flash_Disinfector.

    HijackThis Log
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:52:10 PM, on 12/19/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17103)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\AstSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
    D:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    D:\Program Files\Nero\Nero8\InCD\NBHGui.exe
    D:\Program Files\Nero\Nero8\InCD\InCD.exe
    D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
    C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
    C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Creative\Mixer\CTSVolFE.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\NETGEAR GA311 Adapter\GA311.exe
    D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    D:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://launcher.thesimsmedieval.com/launcher/patches/1856847366
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: NuSphere ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - D:\Program Files\nusphere\phped\NuSphereIEBar.dll
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero\Nero8\InCD\NBHGui.exe
    O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero8\InCD\InCD.exe
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
    O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:eek:n /alerts:eek:n /systrayIcon:eek:n
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
    O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: GA311 Smart Wizard Utility.lnk = D:\Program Files\NETGEAR GA311 Adapter\GA311.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/ocx/15034/CTPID.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
    O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg.dll
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\AstSrv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 12873 bytes
    TisTheSeason, Dec 19, 2011
    #23

  4. Bobbye Helper on the Fringe

    Didn't mean to leave anyone out! I only mentioned the Bambi account because of the OTM result:
    User: Bambi
    ->Java cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
    I try to let people know if I see something they might not be aware of>> thinking this could possibly be an account that was no longer being used. I helped on a thread last year that showed 6 accounts> when I mentioned them, I was told that only 2 of the users were current and the others had been removed and no longer used the system> but I was seeing the accounts still set up.
    ====================================
    About the 3 drives: just be aware that all 3 had infected files.
    ===================================
    Okay, HijackThis looks good. No malware. You might check this> there are 2 entries:
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    ===================================
    Please update the Adobe Reader. Current version is v10.xx. Visit this Adobe Reader site . Uninstall any earlier updates as they are vulnerabilities.(v8)
    ===================================
    Are you okay on the '404' message? I don't see any indication that it is related to malware.
    ==================================
    Okay to go ahead with the Windows Updates>> but before you do, go ahead and remove the cleaning tools:
    Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      [IMG]
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
    -----
    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
    ------------------------------------------
    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    • Go to Start > All Programs > Accessories > System Tools
    • Click "System Restore".
    • Choose "Create a Restore Point" on the first screen then click "Next".
    • Give the Restore Point a name> click "Create".
    • Go back and follow the path to > System Tools.
      [*]Choose Disc Cleanup
      [*]Click "OK" to select the partition or drive you want.
      [*]Click the "More Options" Tab.
      [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


    Empty the Recycle Bin

    Let me know if you have any questions.
    Bobbye, Dec 20, 2011
    #24

  5. TisTheSeason Newcomer, in training

    Those two caches were empty because I asked my wife to try to stay off of the computer until it got cleaned.

    I uninstalled then reinstalled Messenger, just to be safe.

    Actually, I haven't experienced any random redirects, "Server Not Found" messages, or 404s in a couple of days.

    I've followed the remainder of your instructions and installed the Windows security updates that I was missing.
    TisTheSeason, Dec 20, 2011
    #25

  6. Bobbye Helper on the Fringe

    Holiday Notice! I will not be working on the threads Sat. Dec. 24 or Sunday Dec. 25. I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.
    -----------------------------------------------
    Here are some tips or added security:
    Tips for added security and safer browsing: (Links are in Bold Blue)
    1. Browser Security
      [o] Safe Settings (Please ignore the suggestion to use the Registry Editor in this section "Creating a Custom Security Zone")
      [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
      [o] Replace the Host Files
      [o] Google Toolbar Pop Up Blocker
      [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
    2. Have layered Security:
      [o]Antivirus :(only one):Both of the following programs are free and known to be good:
      [o]Avira-AntiVir-Personal-Free-Antivirus
      [o]Avast-Free Antivirus
      [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
      [o]Comodo
      [o]Zone Alarm
    3. Antimalware: I recommend all of the following:
      [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
      [o]Spybot Search & Destroy
    4. Updates: Stay current:
      [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
      [o]Adobe Reader Install current, uninstall old.
      [o]Java Updates Install current, uninstall old.
    5. Tracking Cookies
      Reset Cookie:
      [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
      [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
      I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
      AdBlock Plus
      Easy List
      [o]For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    6. Do regular Maintenance
      Clean the temporary internet files often:
      [o] Temporary File Cleaner]
      or
      [o] ATF Cleaner by Atribune
    7. Restore Points:
      [o]See System Restore Guide
    8. Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
    Please let me know if you find any bad link.

    Have a Happy and Peaceful Holiday![IMG]
    Bobbye, Dec 22, 2011
    #26

  7. TisTheSeason Newcomer, in training

    soooooooo...is it clean? I mean, are we finished? Do I need to do anything else?
    TisTheSeason, Dec 28, 2011
    #27

  8. Bobbye Helper on the Fringe

    Yes, you are clean and I have left instructions to remove the tools we used. I'm sorry you didn't understand that.
    Bobbye, Dec 28, 2011
    #28
Page 2 of 2
Thread Status:
Not open for further replies.