View Full Version : Project 1 Infection Please Hurry
Nanakib
04-08-2006, 08:15 AM
Logfile of HijackThis v1.99.1
Scan saved at 10:11:10 AM, on 4/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Andy\Desktop\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.penny-arcade.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WUSB54GS] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137358466109
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WUSB54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GS.exe (file missing)
My parents got a project 1 infection yesterday. Except instead of a bunch of pop-ups it creates little gray windows that fill the screen saying crash crash crash crash (and opens a process called crash.exe a gillion times). Please hurry I have to head back to college tomorrow (if anybody read my post on if reformating will fix a project 1 infection. I got my parents to agree to buy all materials for my projects for the rest of the semester if I can fix their computer). I've d/led CW Shredder, Ad-Aware, Spybot and have them installed. Just tell me what needs to be deleted. Thanks a million.
nightowl
04-08-2006, 07:59 PM
Reboot to Safe Mode and remove these entries
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.penny-arcade.com/
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
Still In Safe Mode Delete all Temporary Internet Files, Cookies, Run CW Shredder, AdAware and Spybot, Delete what they find , Empty Recycle Bin.
Plug the internet back in and Reboot to normal mode
Download and Run Ewido Security suite
http://download.ewido.net/ewido-setup.exe
Run Ewido:
Click on scanner
Click on Complete System Scan and the scan will begin.
NOTE: During some scans with ewido it is finding cases of false positives.
You will need to step through the process of cleaning files one-by-one.
If ewido detects a file you KNOW to be legitimate, select none as the action.
DO NOT select "Perform action on all infections"
If you are unsure of any entry found select none for now.
When the scan is finished, click the Save report button at the bottom of the screen.
Save the report to your desktop
Close Ewido
Post a new HijackThis log along with the Ewido log you saved.........Jim
Nanakib
04-08-2006, 09:16 PM
When you say remove these you mean with hijackthis right? Yeah n00b question, but I am one at this stuff.
nightowl
04-09-2006, 12:26 AM
Yes use HiJackThis........jim
Nanakib
04-09-2006, 10:59 AM
Alright ran hijackthis and fixed those files, ad-aware found 108 things & fixed, spybot found 2 (the disabled windows notifications from McAfee), Ewido found 234. It's too long to post in one post so I am splitting it up.
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 12:48:23 PM, 4/9/2006
+ Report-Checksum: C886B8C8
+ Scan result:
:mozilla.6:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.7:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.8:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.9:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.10:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.11:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.12:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.13:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.14:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.15:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.16:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.17:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.18:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.19:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.247realmedia : Ignored
:mozilla.20:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.247realmedia : Ignored
:mozilla.23:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.29:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.30:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.31:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.32:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.33:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.34:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.58:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.59:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.61:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.72:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.73:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored
:mozilla.74:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Centrport : Ignored
:mozilla.77:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.78:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.93:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored
:mozilla.94:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored
:mozilla.126:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.157:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Pro-market : Ignored
:mozilla.159:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored
:mozilla.160:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored
:mozilla.161:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.184:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.185:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.186:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.187:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.189:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored
:mozilla.193:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored
:mozilla.194:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored
:mozilla.198:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Tradedoubler : Ignored
:mozilla.199:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Trafficmp : Ignored
:mozilla.200:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Tribalfusion : Ignored
:mozilla.204:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Valueclick : Ignored
:mozilla.226:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.227:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.228:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.229:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.230:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.231:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.233:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.234:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.235:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.236:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.279:C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\gtes690r.default\coo kies.txt -> TrackingCookie.Burstbeacon : Ignored
C:\Documents and Settings\Andy\Cookies\andy@2o7[2].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Andy\Cookies\andy@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignored
:mozilla.12:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Doubleclick : Ignored
:mozilla.13:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.14:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.15:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.16:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.17:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.18:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.19:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.20:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.21:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.22:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.23:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.24:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.25:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.26:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.27:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.28:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.29:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.30:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.31:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.32:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.33:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.34:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.47:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Bfast : Ignored
:mozilla.49:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Atdmt : Ignored
:mozilla.52:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Coremetrics : Ignored
:mozilla.62:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.63:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.64:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.70:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.71:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.72:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.73:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.74:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.75:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.76:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.115:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Mediaplex : Ignored
:mozilla.116:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Tribalfusion : Ignored
:mozilla.123:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored
:mozilla.136:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.143:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.146:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.171:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Ru4 : Ignored
:mozilla.172:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.173:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Centrport : Ignored
:mozilla.174:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Centrport : Ignored
:mozilla.177:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.178:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.179:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.180:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.184:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.205:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Yadro : Ignored
:mozilla.213:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Web-stat : Ignored
:mozilla.214:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Web-stat : Ignored
:mozilla.230:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Trafficmp : Ignored
:mozilla.231:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Valueclick : Ignored
:mozilla.234:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored
:mozilla.295:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored
:mozilla.308:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Linksynergy : Ignored
:mozilla.309:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Linksynergy : Ignored
:mozilla.316:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt
Nanakib
04-09-2006, 11:01 AM
Secondhalf of report
-> TrackingCookie.Qksrv : Ignored
:mozilla.317:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored
:mozilla.319:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.320:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.348:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored
:mozilla.349:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored
:mozilla.350:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.351:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.354:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.355:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.363:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.364:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.365:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.366:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.368:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.369:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.371:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Overture : Ignored
:mozilla.372:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Overture : Ignored
:mozilla.378:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adjuggler : Ignored
:mozilla.382:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.387:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.395:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Web-stat : Ignored
:mozilla.396:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Web-stat : Ignored
:mozilla.397:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Overture : Ignored
:mozilla.412:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adviva : Ignored
:mozilla.416:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Bluestreak : Ignored
:mozilla.417:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.418:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.419:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.420:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.430:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Adviva : Ignored
:mozilla.448:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.457:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Matchcraft : Ignored
:mozilla.465:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.470:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.471:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.472:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.474:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.475:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.476:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
:mozilla.477:C:\Documents and Settings\Mom\Application Data\Mozilla\Firefox\Profiles\2r7ojyuo.default\coo kies.txt -> TrackingCookie.Liveperson : Ignored
C:\Documents and Settings\Mom\Cookies\mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Ignored
C:\Documents and Settings\Mom\Cookies\mom@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Mom\Cookies\mom@tacoda[1].txt -> TrackingCookie.Tacoda : Ignored
:mozilla.11:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Weborama : Ignored
:mozilla.13:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.21:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.22:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.23:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.24:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.35:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Trafficmp : Ignored
:mozilla.36:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Tribalfusion : Ignored
:mozilla.55:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Statcounter : Ignored
:mozilla.56:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.60:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.63:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Valueclick : Ignored
:mozilla.64:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.66:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Valueclick : Ignored
:mozilla.79:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.90:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.91:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.92:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.93:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.95:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.96:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.103:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Bfast : Ignored
:mozilla.105:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.107:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Burstnet : Ignored
:mozilla.111:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Atdmt : Ignored
:mozilla.112:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.114:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Mediaplex : Ignored
:mozilla.118:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Sitestat : Ignored
:mozilla.128:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.129:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.130:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Comclick : Ignored
:mozilla.138:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.148:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Doubleclick : Ignored
:mozilla.149:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Bluestreak : Ignored
:mozilla.150:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.151:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.153:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.155:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.156:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.157:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.158:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.159:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.162:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.163:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.165:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adorigin : Ignored
:mozilla.166:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adorigin : Ignored
:mozilla.167:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adorigin : Ignored
:mozilla.168:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adorigin : Ignored
:mozilla.169:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Adorigin : Ignored
:mozilla.171:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.172:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.173:C:\Documents and Settings\Stephen\Application Data\Mozilla\Firefox\Profiles\bm15zwv8.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@ad.adocean[2].txt -> TrackingCookie.Adocean : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@adopt.specificcli ck[2].txt -> TrackingCookie.Specificclick : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@adorigin[1].txt -> TrackingCookie.Adorigin : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@burstnet[1].txt -> TrackingCookie.Burstnet : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@com[2].txt -> TrackingCookie.Com : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@data2.perf.overtu re[1].txt -> TrackingCookie.Overture : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@entrepreneur.122. 2o7[1].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@ivwbox[2].txt -> TrackingCookie.Ivwbox : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@starware[2].txt -> TrackingCookie.Starware : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@tacoda[1].txt -> TrackingCookie.Tacoda : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@www.myaffiliatepr ogram[1].txt -> TrackingCookie.Myaffiliateprogram : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@www.web-stat[1].txt -> TrackingCookie.Web-stat : Ignored
C:\Documents and Settings\Stephen\Cookies\stephen@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignored
::Report End
Ewido crashed on me the first time I ran it when I was trying to go through and look at each file individually. So I selected none and do this for all and then the scan completed. Took over a half hour to scan though. I'll post my hijackthis log now. Thank you so much for all the time you put into this. oh and if designtechnica accepts donations or something my mom wants to donate.
Nanakib
04-09-2006, 11:02 AM
And last, but not least. My hijackthis log.
Thanks again.
Logfile of HijackThis v1.99.1
Scan saved at 12:52:53 PM, on 4/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Andy\Desktop\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.penny-arcade.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WUSB54GS] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,9/McUpdatePortal.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137358466109
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WUSB54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GS.exe (file missing)
nightowl
04-09-2006, 08:28 PM
Looks like everything on the EWido log is tracking cookies, Run Ewido again and have it all removed.
Your log looks better , How is it running.. It should run better after Ewido is run again
Post a new Hijackthis Log after you run Ewido again........Jim
Nanakib
04-10-2006, 04:39 PM
Hi. Nanakib is off at college and had me run EWido and then post this file.
Logfile of HijackThis v1.99.1
Scan saved at 6:31:27 PM, on 4/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
C:\Documents and Settings\Andy\Desktop\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.penny-arcade.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WUSB54GS] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,9/McUpdatePortal.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137358466109
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WUSB54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GS.exe (file missing)
nightowl
04-10-2006, 05:39 PM
The log looks good. Does it seem to be running any better?.........Jim
nanakibdad
04-10-2006, 06:13 PM
It still crashed on the second opening of Mozilla Firefox, so I removed that program. Here is a new Hijack file:
Logfile of HijackThis v1.99.1
Scan saved at 7:59:39 PM, on 4/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54GS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Andy\Desktop\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.penny-arcade.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WUSB54GS] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1,0,0,9/McUpdatePortal.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137358466109
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - http://us-download.mcafee.com/products/protected/mvt/mvt.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WUSB54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54GS.exe (file missing)
I'll repost if we have further problems.
Thanks!!!
nightowl
04-10-2006, 09:33 PM
Run Ewido Security Suite again, It gives you a log, Post the Ewido log here. Thanks........Jim :vivi
nanakibdad
04-11-2006, 07:54 PM
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 9:51:16 PM, 4/11/2006
+ Report-Checksum: 9DACBCBC
+ Scan result:
C:\Documents and Settings\Mom\Cookies\mom@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Mom\Cookies\mom@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Mom\Cookies\mom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Mom\Cookies\mom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Mom\Cookies\mom@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup
::Report End
nightowl
04-11-2006, 09:13 PM
Log looks much better than the last one. Is the computer still crashing?
I see MacAfee on here. Is that your antivirus program. It probably wouldnt hurt to run it also..........Jim
vBulletin® v3.7.0, Copyright ©2000-2009, Jelsoft Enterprises Ltd.