Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What Is Fijavxmn.exe For?


  • This topic is locked This topic is locked
7 replies to this topic

#1 gdd

gdd

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 08 April 2006 - 10:59 PM

I was just really curious as to what fijavxmn.exe does! I can't find it on google or on these boards, but it live in my system32 folder, even after doing a clean out.

the HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 3:55:04 p.m., on 9/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\SBTING~1\LOCALS~1\Temp\d2l_Install.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.xtra.co.nz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [zgnfyttbshncv] C:\WINDOWS\system32\fijavxmn.exe
O4 - HKLM\..\Run: [dbjrdnhygzzx] C:\WINDOWS\system32\fijavxmn.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: BJ Status Monitor Canon S200SP.lnk = C:\Documents and Settings\S B Ting\cnmss3y.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC3D45F9-47E7-4E8B-BA9E-505607916154}: NameServer = 203.96.152.4,203.96.152.12
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (file missing)


Does anyone else have this? Is it something I need to worry about?

BC AdBot (Login to Remove)

 


#2 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:12:43 AM

Posted 13 April 2006 - 10:07 PM

gdd,

Welcome to Bleeping Computer, sorry about the delay but we get real busy around here and sometimes we just cant get to logs as fast as we would like to.


Have you by chance run Hijackthis in Safemode, if not I have got to say you run a lean ship. :thumbsup: If you did , I need you to boot your system normally, run HJT and post a new log.


I would also like you to go here Jotti and upload this file for analisis. Just open the site and use the browse feature and navigate to C:\WINDOWS\system32\fijavxmn.exe
Then click on Submit and you will get results of that file.
Post the results of the scan along with a new HJT log.

Ken :flowers:

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#3 gdd

gdd
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 21 April 2006 - 07:02 PM

Hey Ken! Thanks for replying, :thumbsup:
That hijack log was indeed run in normal mode, perhaps I have nothing to worry about?
The thing is, I went to Jotti, I have hidden folder showing, but I can't find the exe file! I did a search on my whole C drive as well.
I ran Hijack again and it is still there, do you think it's something I should not worry about? It's just that I've never heard of that filename before ...

Logfile of HijackThis v1.99.1
Scan saved at 11:53:47 a.m., on 22/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
D:\English\Install_MayaPLE5_English.exe
C:\DOCUME~1\SBTING~1\LOCALS~1\Temp\pft34.tmp\Maya\winsleep2.exe
D:\English\Install_MayaPLE5_English.exe
C:\DOCUME~1\SBTING~1\LOCALS~1\Temp\pft48.tmp\Maya\winsleep2.exe
C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe
C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\msiexec.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.xtra.co.nz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [zgnfyttbshncv] C:\WINDOWS\system32\fijavxmn.exe
O4 - HKLM\..\Run: [dbjrdnhygzzx] C:\WINDOWS\system32\fijavxmn.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: BJ Status Monitor Canon S200SP.lnk = C:\Documents and Settings\S B Ting\cnmss3y.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC3D45F9-47E7-4E8B-BA9E-505607916154}: NameServer = 203.96.152.4,203.96.152.12
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (file missing)
O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing)

#4 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:12:43 AM

Posted 21 April 2006 - 09:52 PM

gdd,

You have a few things on your log that I have not come accross before and can't find any info on, most of the time that is a bad sign.


Download and install Ewido Anti-Malware
Ewido Anti-Malware
* When installing, under Additional Options uncheck
* Install background guard
* Install scan via context menu
* Launch Ewido, there should be an icon on your desktop.
o Click on update
o You should see Update Complete when done.
o Now close out the program <-- Dont run it yet


Now reboot into Safemode

* Go to Start> Shut off Your Computer> Restart
* As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly, this will bring up a menu.
* Use the UP AND DOWN ARROW KEYS to scroll up to Safemode
* Then press the Enter Key on your Keyboard


Now open Ewido
o Click on scanner.
o Run a full system scan
o Let the program scan the machine.
o While the scan is in progress you will be prompted to clean files, click OK.
o Once the scan has completed, there will be a button located on the bottom of the screen named Save report.
o Click Save report.
o Save the report to your desktop.



Reboot normally and lets run a system cleaner.

Download and Install CCleaner
* Click on Run Cleaner
* Run the Issues Scan < When it asks you to backup the Registry..Say Yes
Tutorial for CCleaner



Post back with the Ewido Report and a new HJT log please.

Ken

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#5 gdd

gdd
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 02 May 2006 - 03:30 PM

WAHOO!! You guys ARE magical! You got rid of the weird file! Thank you so much!!Here are my logs, hope they look good now, :thumbsup:




Logfile of HijackThis v1.99.1
Scan saved at 8:25:31 a.m., on 3/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\S3apphk.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\drivers\dcfssvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\jre\bin\java.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.xtra.co.nz
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paradise.net.nz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: BJ Status Monitor Canon S200SP.lnk = C:\Documents and Settings\S B Ting\cnmss3y.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC3D45F9-47E7-4E8B-BA9E-505607916154}: NameServer = 203.96.152.4,203.96.152.12
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Maya 7 PLE Documentation Server (mple7docserver) - Unknown owner - C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\wrapper.exe" -s "C:\Program Files\Alias\Maya 7.0 Personal Learning Edition\docs\Wrapper.conf (file missing)










---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 4:18:00 p.m., 24/04/2006
+ Report-Checksum: E57AAC92

+ Scan result:

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
:mozilla.9:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.23:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.50:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.51:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.52:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.53:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.62:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.63:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.64:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.66:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.67:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.68:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.69:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.70:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.71:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.75:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.76:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.77:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.102:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.104:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.105:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.106:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.107:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.108:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.109:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.119:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.124:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.161:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.168:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.169:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.170:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.171:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.172:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.173:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.174:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.175:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.176:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.177:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.178:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.183:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.184:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.186:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.187:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.188:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.189:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.190:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.191:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.192:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.223:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.224:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.225:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.226:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.227:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.228:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.229:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.230:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.231:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.248:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.250:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.251:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.252:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.253:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.272:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.273:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.275:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.276:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.305:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.306:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.342:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.343:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.345:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.365:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.375:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.376:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.377:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.378:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.381:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.384:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.393:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.413:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.416:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.417:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.418:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.442:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.443:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.444:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.454:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.455:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.456:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.493:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup
:mozilla.494:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adocean : Cleaned with backup
:mozilla.499:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.521:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.533:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.540:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.569:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.570:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.571:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.579:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.580:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.586:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.587:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.588:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.631:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.632:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.650:C:\Documents and Settings\S B Ting\Application Data\Mozilla\Firefox\Profiles\beqbvoaf.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\SpywareNukerInstaller.exe -> Downloader.Agent.h : Cleaned with backup


::Report End

#6 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:12:43 AM

Posted 02 May 2006 - 07:12 PM

gdd,

Fix this line with HJT
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

The rest of your log looks good :thumbsup: and the bad entries are gone.

Any other issues??

Ken :flowers:

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#7 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:12:43 AM

Posted 21 May 2006 - 08:58 PM

This post will be closed if no response in 48 hours.

Ken

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#8 gdd

gdd
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 24 May 2006 - 07:57 AM

Thanks very much for your help Ken!! <3 I didn't want to bump this topic to the front again cos things are working good, you guys are awesomeness!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users