Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe

Reply
Page 1 of 2 1 2
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 14-05-2006, 08:54 AM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
The above mentioned is a an error message whenever i login after the boot process It says windows was not able to find a particular file named ibm00001.exe as above the path is defined So thats my Question how do I resolve this issue its being long time
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 14-05-2006, 09:04 AM
jephree's Avatar
¨*·.¸ «.·°·..·°·.» ¸.·*¨
  
Join Date: Jun 2004
Posts: 25,326
jephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniture
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
As a first response you might want to post a HijackThis log for review by our Pros in that section:

Please follow the instructions HERE & then post your log in a new thread in the Spyware, Adware, Viruses and HijackThis Logs section.
(Not in this section please).

Please specify what issues you appear to be experiencing along with your log.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 22-05-2006, 10:39 AM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe

This is an error message that get when i login into winXp i have this problem for long time and when i click on the canceltab provided in window it goes off then i can work in windows normally.I need to know what exactly does the above mentioned file is used by windows and i have accidentally deleted it where can i find the file (ibm00001.exe)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 23-05-2006, 12:18 AM
jephree's Avatar
¨*·.¸ «.·°·..·°·.» ¸.·*¨
  
Join Date: Jun 2004
Posts: 25,326
jephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniturejephree is beginning to become part of the furniture
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
As a first response you might want to post a HijackThis log for review by our Pros in that section:

Please follow the instructions HERE & then post your log in a new thread in the Spyware, Adware, Viruses and HijackThis Logs section.
(Not in this section please).

Please specify what issues you appear to be experiencing along with your log.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 23-05-2006, 09:11 AM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
Exclamation Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
Logfile of HijackThis v1.99.1
Scan saved at 1:39:58 PM, on 5/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll (file missing)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dmkbb.exe] C:\WINDOWS\system32\dmkbb.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ww\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/229?3390120750c841c4b826a6141ace8fe4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/230?3390120750c841c4b826a6141ace8fe4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd...id/BoardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27403167-9358-4EBC-8971-2ABAC4736B1B}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ECE1A8C-5774-45E5-84F3-DD75619A6434}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FD3D40B-1E98-4B82-9C04-9EE12CCA3FC4}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1212C7D-C175-4D33-B9B0-F650F5793D32}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{A25ED52C-D0D3-46CA-A0E6-307AC6589ABE}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1CA96-3183-4759-9154-562C497E2BB4}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4C04BBE-FC20-47A4-82EA-A21EEB66F36F}: NameServer = 85.255.116.120,85.255.112.235
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe

This is an error message that get when i login into winXp i have this problem for long time and when i click on the canceltab provided in window it goes off then i can work in windows normally.I need to know what exactly does the above mentioned file is used by windows and i have accidentally deleted it where can i find the file (ibm00001.exe)
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 23-05-2006, 09:14 AM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe

This is an error message that get when i login into winXp i have this problem for long time and when i click on the canceltab provided in window it goes off then i can work in windows normally.I need to know what exactly does the above mentioned file is used by windows and i have accidentally deleted it where can i find the file (ibm00001.exe)


Logfile of HijackThis v1.99.1
Scan saved at 1:43:52 PM, on 5/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll (file missing)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: (no name) - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dmkbb.exe] C:\WINDOWS\system32\dmkbb.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ww\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/229?3390120750c841c4b826a6141ace8fe4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/230?3390120750c841c4b826a6141ace8fe4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd...id/BoardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27403167-9358-4EBC-8971-2ABAC4736B1B}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ECE1A8C-5774-45E5-84F3-DD75619A6434}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FD3D40B-1E98-4B82-9C04-9EE12CCA3FC4}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1212C7D-C175-4D33-B9B0-F650F5793D32}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{A25ED52C-D0D3-46CA-A0E6-307AC6589ABE}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1CA96-3183-4759-9154-562C497E2BB4}: NameServer = 85.255.116.120,85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4C04BBE-FC20-47A4-82EA-A21EEB66F36F}: NameServer = 85.255.116.120,85.255.112.235
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 24-05-2006, 04:13 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
Welcome to DAL,


You have some very serious infections, that ibm thing is a trojan that probably has stolen all personnel information about you. If you have done any online banking, credit card transactions etc., you need to contact those companies immediately and tell them you are very likely a victim of identity theft.



You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/file...Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.


Also do this:


Please download, install, and update the NEW free version of Ewido trojan scanner:
[*]When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
[*]When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
[*]From the main ewido screen, click on update in the left menu, then click the Start update button.
[*]After the update finishes (the status bar at the bottom will display "Update successful")
[*]Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
[*]If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
[*]When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.

Post the log Ewido makes back here please and a new hijackthis log. Thanks.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Last edited by Neal; 24-05-2006 at 07:19 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 25-05-2006, 02:03 PM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
Exclamation Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
These are all the reports that you have asked me
One more Question how do u know that the ibm thing is surely a trojan
I need to know waht exactly the fixwareout application did to my system


Fixwareout ver 1.003
Last edited 04/26/2006
Post this report in the forums please

Reg Entries that were deleted
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ruins\bbkmd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\xedocne
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\gib_ogol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\repiwoh
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\llun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\23plhps
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\mgcppp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\tesvaf
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Urls\32refaselif
...

Microsoft (R) Windows Script Host Version 5.6
Random Runs removed from HKLM
...

PLEASE NOTE, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Example ipsec6.exe is lagitamate

»»»»» Search by size and names...
C:\WINDOWS\SYSTEM32\IPSEC6.EXE
* csr.exe C:\WINDOWS\System32\CSHJL.EXE

»»»»» Misc files
* thequicklink C:\WINDOWS\System32\SCJIA.DLL

»»»»» Checking for older varients covered by the Rem3 tool

»»»»»
Search five digit cs, dm and jb files
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSHJL.EXE 51,221 2006-04-25
C:\WINDOWS\SYSTEM32\DMIJM.EXE 44,092 2004-08-04

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 6:25:47 PM, 5/25/2006
+ Report-Checksum: CD9CB21A

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Ignored
HKLM\SOFTWARE\Classes\CLSID\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Ignored
HKU\S-1-5-21-1078081533-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Ignored
HKU\S-1-5-21-1078081533-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Ignored
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HM0OU8X0\nb6u[1].exe -> Proxy.Delf.al : Ignored
C:\WINDOWS\system32\dmijm.exe -> Trojan.Pakes : Ignored
C:\WINDOWS\system32\scjia.dll -> Adware.SBSoft : Ignored
C:\WINDOWS\system32\dvkvvfzs.okg -> Hijacker.Small.js : Ignored
C:\WINDOWS\Temp\$_2341233.EXE -> Dropper.Agent.aan : Ignored
C:\WINDOWS\kl.exe -> Logger.Agent.jl : Ignored
C:\Documents and Settings\Supervisor\Local Settings\Temp\ASearchAssist.dll -> Adware.Agent : Ignored
C:\Documents and Settings\Supervisor\Local Settings\Temporary Internet Files\Content.IE5\KF732WP9\count[1].htm -> Downloader.Inor.a : Ignored
C:\Documents and Settings\Supervisor\Local Settings\Temporary Internet Files\Content.IE5\S16FODEJ\count[1].htm -> Downloader.Inor.a : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@2o7[1].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@www.myaffil iateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter.hit slink[2].txt -> TrackingCookie.Hitslink : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@c2.zedo[2].txt -> TrackingCookie.Zedo : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@cs.sexcount er[2].txt -> TrackingCookie.Sexcounter : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@hitbox[1].txt -> TrackingCookie.Hitbox : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@server.iad. liveperson[2].txt -> TrackingCookie.Liveperson : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@image.maste rstats[1].txt -> TrackingCookie.Masterstats : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter8.se xtracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@revenue[2].txt -> TrackingCookie.Revenue : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter5.se xtracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@programs.we gcash[2].txt -> TrackingCookie.Wegcash : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter15.s extracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter13.s extracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter10.s extracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@zedo[2].txt -> TrackingCookie.Zedo : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@questionmar ket[1].txt -> TrackingCookie.Questionmarket : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@vip2.clickz s[2].txt -> TrackingCookie.Clickzs : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter6.se xtracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter16.s extracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@epilot[2].txt -> TrackingCookie.Epilot : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter11.s extracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@c.enhance[1].txt -> TrackingCookie.Enhance : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter12.s extracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@ad.yieldman ager[1].txt -> TrackingCookie.Yieldmanager : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@fastclick[2].txt -> TrackingCookie.Fastclick : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@citi.bridge track[1].txt -> TrackingCookie.Bridgetrack : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@paycounter[2].txt -> TrackingCookie.Paycounter : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@c.goclick[2].txt -> TrackingCookie.Goclick : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter14.s extracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter3.se xtracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@sextracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@stat.onesta t[2].txt -> TrackingCookie.Onestat : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter7.se xtracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter1.se xtracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter4.se xtracker[1].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter9.se xtracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter2.se xtracker[2].txt -> TrackingCookie.Sextracker : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@sexlist[1].txt -> TrackingCookie.Sexlist : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Ignored
:mozilla.18:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.19:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.20:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.21:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.22:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.23:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.24:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.25:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Atdmt : Ignored
:mozilla.35:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.36:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.37:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.38:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.39:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Doubleclick : Ignored
:mozilla.86:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Sexlist : Ignored
:mozilla.91:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.92:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.96:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored
:mozilla.97:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Qksrv : Ignored
:mozilla.100:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.101:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.102:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.103:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.104:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.105:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.113:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored
:mozilla.114:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.115:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Adserver : Ignored
:mozilla.116:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.118:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Mediaplex : Ignored
:mozilla.119:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.120:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Zedo : Ignored
:mozilla.138:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Webtrendslive : Ignored
:mozilla.139:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.140:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.147:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Hotlog : Ignored
:mozilla.148:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Spylog : Ignored
:mozilla.149:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yadro : Ignored
:mozilla.150:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
:mozilla.151:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
:mozilla.152:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
:mozilla.153:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
:mozilla.154:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
:mozilla.155:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Ignored
C:\Documents and Settings\Family\Cookies\family@2o7[1].txt -> TrackingCookie.2o7 : Ignored
:mozilla.36:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Doubleclick : Ignored
:mozilla.37:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.38:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.39:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.40:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.41:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.42:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.43:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Ignored
:mozilla.46:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Targetnet : Ignored
:mozilla.52:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.53:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.54:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.55:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Ignored
:mozilla.57:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.58:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.59:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Questionmarket : Ignored
:mozilla.63:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Atdmt : Ignored
:mozilla.64:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.247realmedia : Ignored
:mozilla.82:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Onestat : Ignored
:mozilla.83:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Onestat : Ignored
:mozilla.91:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tribalfusion : Ignored
:mozilla.93:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.94:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
:mozilla.112:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.121:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.122:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.128:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored
:mozilla.129:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tacoda : Ignored
:mozilla.131:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.132:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Adtech : Ignored
:mozilla.137:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.138:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.139:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Ignored
:mozilla.140:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.141:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.142:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.143:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Ignored
:mozilla.162:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Mediaplex : Ignored
C:\Documents and Settings\Administrator\Cookies\administrator@msnpo rtal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Ignored
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Ignored
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Onestat : Ignored
:mozilla.22:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Onestat : Ignored
:mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.43:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.44:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Yieldmanager : Ignored
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Revenue : Ignored
:mozilla.53:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.54:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.55:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.57:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.58:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Ignored
:mozilla.59:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.61:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Hitbox : Ignored
:mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored
:mozilla.67:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Adbrite : Ignored
:mozilla.78:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.79:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.80:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.81:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.82:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.83:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.84:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Ignored
:mozilla.97:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Com : Ignored
:mozilla.104:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Googleadservices : Ignored
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.2o7 : Ignored
C:\c.vbs -> Downloader.Small.f : Ignored
C:\Recycled\Dc7.exe -> Hijacker.Small.kg : Ignored
C:\Recycled\Dc8.exe -> Hijacker.Small : Ignored
C:\Recycled\Dc9.exe -> Trojan.Small.gq : Ignored
C:\Recycled\Dc10.exe -> Adware.Msnagent : Ignored
C:\Recycled\Dc11.exe -> Adware.FindSpy : Ignored
:mozilla.19:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.20:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.21:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.22:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.23:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.24:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.25:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Ignored
:mozilla.26:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Valueclick : Ignored
:mozilla.27:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Casalemedia : Ignored
:mozilla.28:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Casalemedia : Ignored
:mozilla.30:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Burstnet : Ignored
:mozilla.31:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Burstnet : Ignored
:mozilla.33:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Com : Ignored
:mozilla.34:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Com : Ignored
:mozilla.38:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Mediaplex : Ignored
:mozilla.48:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Atdmt : Ignored
:mozilla.49:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Questionmarket : Ignored
:mozilla.50:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Questionmarket : Ignored
:mozilla.51:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Doubleclick : Ignored
:mozilla.53:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Adtech : Ignored
:mozilla.54:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Adtech : Ignored
:mozilla.59:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Ignored
:mozilla.61:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Ignored
:mozilla.62:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Ignored
:mozilla.74:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Googleadservices : Ignored
:mozilla.75:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Overture : Ignored
:mozilla.80:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Onestat : Ignored
:mozilla.81:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Onestat : Ignored
:mozilla.86:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.2o7 : Ignored
:mozilla.87:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.2o7 : Ignored
:mozilla.101:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Statcounter : Ignored
:mozilla.102:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Spylog : Ignored
D:\kSirvNa38a.zip/DAP.exe -> Adware.Dap : Ignored
D:\Download\Software Downloads\d-6f6su1.exe/run.exe -> Downloader.PassAlert.i : Ignored
D:\Download\Software Downloads\d-6f3th2.exe/run.exe -> Downloader.PassAlert.i : Ignored
D:\Download\Software Downloads\package_MARKETING27.exe -> Adware.BargainBuddy : Ignored
D:\Download\New Folder\run.exe -> Downloader.PassAlert.e : Ignored
D:\Download\Ancient_TripeaksSetup-dm.exe -> Adware.Trymedia : Ignored
C:\Documents and Settings\Supervisor\Cookies\supervisor@tribalfusio n[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@metacafe.12 2.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@free.wegcas h[2].txt -> TrackingCookie.Wegcash : Cleaned with backup


::Report End

Logfile of HijackThis v1.99.1
Scan saved at 6:04:57 PM, on 5/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll (file missing)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dmkbb.exe] C:\WINDOWS\system32\dmkbb.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ww\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll/search.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/229?3390120750c841c4b826a6141ace8fe4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/230?3390120750c841c4b826a6141ace8fe4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd...id/BoardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27403167-9358-4EBC-8971-2ABAC4736B1B}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ECE1A8C-5774-45E5-84F3-DD75619A6434}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FD3D40B-1E98-4B82-9C04-9EE12CCA3FC4}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1212C7D-C175-4D33-B9B0-F650F5793D32}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{A25ED52C-D0D3-46CA-A0E6-307AC6589ABE}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1CA96-3183-4759-9154-562C497E2BB4}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4C04BBE-FC20-47A4-82EA-A21EEB66F36F}: NameServer = 85.255.115.58,85.255.112.116
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 25-05-2006, 09:13 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
OK first things first you need to re-scan with Ewido and stay with it and let it remove all in finds. Post the log after that.



ibm0000.exe(=digit)

http://www.sophos.com/virusinfo/anal...ojtorpigc.html


Quote:
The Trojan attempts to steal passwords, as well as logging keypresses and open window titles to text files and periodically sends the collected information to a remote user via HTTP.

The Trojan downloads and executes additional files from a remote site. Configuration files may also be downloaded which define further behaviors. Troj/Torpig-C automatically closes security warning messages displayed by common anti-virus and security related applications.



Wareout:
http://research.sunbelt-software.co...&search=wareout

Often found with rogue NameServer = 85.255.x.x entries

Wareoutfix will remove wareout infection. Have you run it?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 26-05-2006, 08:19 AM
Newbie
D-A-L Newbie
  
Join Date: May 2006
Posts: 14
shyamchari Is a beginner here at D-A-L
Exclamation Re: C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
this are the logs u asked but even after doing all taht scan i still get that message that i used to get when i logon into windows

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:44:38 PM, 5/26/2006
+ Report-Checksum: 15AC7159

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
HKU\S-1-5-21-1078081533-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{364B6276-C6C1-40B6-A6D7-6C48871FD707} -> Adware.Accoona : Cleaned with backup
HKU\S-1-5-21-1078081533-117609710-682003330-500\Software\Microsoft\Windows\CurrentVersion\Ext\ Stats\{944864A5-3916-46E2-96A9-A2E84F3F1208} -> Adware.Accoona : Cleaned with backup
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\HM0OU8X0\nb6u[1].exe -> Proxy.Delf.al : Cleaned with backup
C:\WINDOWS\system32\dmijm.exe -> Trojan.Pakes : Cleaned with backup
C:\WINDOWS\system32\scjia.dll -> Adware.SBSoft : Cleaned with backup
C:\WINDOWS\system32\bowefarb.trz -> Trojan.Agent.qe : Cleaned with backup
C:\WINDOWS\system32\dvkvvfzs.okg -> Hijacker.Small.js : Cleaned with backup
C:\WINDOWS\Temp\$_2341233.EXE -> Dropper.Agent.aan : Cleaned with backup
C:\WINDOWS\kl.exe -> Logger.Agent.jl : Cleaned with backup
C:\Documents and Settings\Supervisor\Local Settings\Temp\GLB19B.tmp/empty_00000001 -> Adware.Ucmore : Cleaned with backup
C:\Documents and Settings\Supervisor\Local Settings\Temp\ASearchAssist.dll -> Adware.Agent : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@www.myaffil iateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter.hit slink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@c2.zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@cs.sexcount er[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@server.iad. liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@image.maste rstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter8.se xtracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter5.se xtracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@programs.we gcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter15.s extracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter13.s extracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter10.s extracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@questionmar ket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@vip2.clickz s[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter6.se xtracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter16.s extracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@epilot[2].txt -> TrackingCookie.Epilot : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter11.s extracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter12.s extracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@ad.yieldman ager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@citi.bridge track[1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter14.s extracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter3.se xtracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@stat.onesta t[2].txt -> TrackingCookie.Onestat : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@ehg-nokiafin.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter7.se xtracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter1.se xtracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter4.se xtracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter9.se xtracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@counter2.se xtracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz9.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Supervisor\Cookies\supervisor@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Supervisor\Application Data\Mozilla\Firefox\Profiles\yr9ixebm.default\coo kies.txt -> TrackingCookie.Vegasred : Cleaned with backup
C:\Documents and Settings\Family\Cookies\family@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
-> : Error during cleaning
:mozilla.42:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
-> : Error during cleaning
:mozilla.62:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.138:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.161:C:\Documents and Settings\Family\Application Data\Mozilla\Firefox\Profiles\1u1191qn.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@msnpo rtal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Hitbox : Cleaned with backup
-> : Error during cleaning
:mozilla.46:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\uob8ua1w.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
C:\c.vbs -> Downloader.Small.f : Cleaned with backup
C:\Recycled\Dc7.exe -> Hijacker.Small.kg : Cleaned with backup
C:\Recycled\Dc8.exe -> Hijacker.Small : Cleaned with backup
C:\Recycled\Dc9.exe -> Trojan.Small.gq : Cleaned with backup
C:\Recycled\Dc10.exe -> Adware.Msnagent : Cleaned with backup
C:\Recycled\Dc11.exe -> Adware.FindSpy : Cleaned with backup
:mozilla.19:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.20:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.21:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.22:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.23:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.24:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.25:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.26:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.27:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.28:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.30:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.31:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.33:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Com : Cleaned with backup
:mozilla.34:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Com : Cleaned with backup
:mozilla.38:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.48:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.49:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.50:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.51:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.53:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.54:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.59:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.61:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.62:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.74:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.75:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Overture : Cleaned with backup
:mozilla.80:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.81:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.86:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.87:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.102:C:\FOUND.023\FILE0003.CHK -> TrackingCookie.Spylog : Cleaned with backup
D:\kSirvNa38a.zip/DAP.exe -> Adware.Dap : Cleaned with backup
D:\Download\Software Downloads\d-6f6su1.exe/run.exe -> Downloader.PassAlert.i : Cleaned with backup
D:\Download\Software Downloads\d-6f3th2.exe/run.exe -> Downloader.PassAlert.i : Cleaned with backup
D:\Download\Software Downloads\package_MARKETING27.exe -> Adware.BargainBuddy : Cleaned with backup
D:\Download\New Folder\run.exe -> Downloader.PassAlert.e : Cleaned with backup
D:\Download\Ancient_TripeaksSetup-dm.exe -> Adware.Trymedia : Cleaned with backup

::Report End


Logfile of HijackThis v1.99.1
Scan saved at 12:49:02 PM, on 5/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\ewido anti-malware\SecuritySuite.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.1.1/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = :
F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [dmkbb.exe] C:\WINDOWS\system32\dmkbb.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\1.0.384.22153\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-ww\bin\WindowsSearch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\en-ww\msntb.dll/search.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/229?3390120750c841c4b826a6141ace8fe4
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\en-ww\msntabres.dll/230?3390120750c841c4b826a6141ace8fe4
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} (BoardCtl Class) - http://www.intel.com/design/motherbd...id/BoardID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27403167-9358-4EBC-8971-2ABAC4736B1B}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ECE1A8C-5774-45E5-84F3-DD75619A6434}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FD3D40B-1E98-4B82-9C04-9EE12CCA3FC4}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1212C7D-C175-4D33-B9B0-F650F5793D32}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{A25ED52C-D0D3-46CA-A0E6-307AC6589ABE}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{CED1CA96-3183-4759-9154-562C497E2BB4}: NameServer = 85.255.115.58,85.255.112.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4C04BBE-FC20-47A4-82EA-A21EEB66F36F}: NameServer = 85.255.115.58,85.255.112.116
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Any more sugestions ?
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
2 Problems, One with folders and files becoming read only... Sk2k52 Spyware, Adware, Viruses and HijackThis Logs 4 26-10-2007 11:09 AM
C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe danny_d21 Spyware, Adware, Viruses and HijackThis Logs 3 25-06-2007 03:37 AM
No right click menu on files or folders? lori1232 Windows XP Help 1 21-12-2006 05:01 AM
network shared files Ian Smith Firewalls and Networks 1 09-08-2005 01:29 AM
Files and Folders yellaman Windows XP Help 1 21-08-2004 07:17 PM


All times are GMT +1. The time now is 09:16 AM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav