Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

HijackThis Log

Started by epademic1984 , Feb 18 2006 03:43 PM

  • This topic is locked This topic is locked
22 replies to this topic

#1 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 18 February 2006 - 03:43 PM

Logfile of HijackThis v1.99.1
Scan saved at 14:30:34, on 18/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
E:\Program Files\lotus\notes\ntmulti.exe
E:\Program Files\Norton Internet Security\NISUM.EXE
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Norton Internet Security\ccPxySvc.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\WINDOWS\System32\igfxtray.exe
E:\WINDOWS\System32\hkcmd.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\QuickTime\qttask.exe
E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Ares\Ares.exe
E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Microsoft Office\Office10\WINWORD.EXE
E:\DOCUME~1\Mom\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.ebay.ca/ws...&...Ah:mebay:CA
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [SonicFocus] "E:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "E:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsear...?p=ZCxdm414YYCA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1114985369295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140294676390
O16 - DPF: {9294206B-A9B2-4F73-938E-89F694F48101} - http://xlonhcld.xlon...4/ldsdlprod.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) - http://www.walmartph...x/PCAXSetup.cab?
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - E:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: Intel® Active Monitor (imonNT) - Unknown owner - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe (file missing)
O23 - Service: Multi-user Cleanup Service - Unknown owner - E:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - E:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    Advertisements

Register to Remove

#2 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 18 February 2006 - 04:00 PM

Someone please help me out here. This is a friends computer, it shouldn't be running this slow. After running Spybot S&D, Adaware 7.0, and AVG free, I have found absolutely nothing, but yet it's still glitching. Spybot said that it has MyWay.MyWebSearch on it, but wouldn't remove it.

#3 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 18 February 2006 - 04:41 PM

Hello epademic1984, welcome to the forum.

Important: Do this before any fix.

Please put your HijackThis in it's own folder, (I create a new folder in C:\ named HJT).
You can do a Right Click on any open area on the desktop, New> Folder, then rename the folder HJT.

Go to where your HijackThis is and Right Click on HijackThis.exe, select Cut, then open the new folder you just created (HJT) Right Click in the folder and select paste.

The reason we do this is Hijackthis creates backup files just in case you'd need to restore one and we'll be cleaning out the temp files.



After the above:

Use Add/Remove Programs and remove if listed:
MyWebSearch

Next:
Please download the trial version of ewido anti-malware 3.5 here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.


Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Then please run Ewido, click on the Scanner run a full scan and let it clean everything it finds. Save the logfile from the scan.


Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#4 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 18 February 2006 - 09:00 PM

Here's a copy of my EWIDO log and my HijackThis log's. Please help me fix what ever's going on with this computer.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 19:53:58, 18/02/2006
+ Report-Checksum: 983CBB0A

+ Scan result:

E:\Documents and Settings\Connor\Cookies\connor@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@e-2dj6wgkiwkdjkfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@e-2dj6wjlyuhdjkdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@ehg-mybc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@h.starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@revenue[1].txt -> TrackingCookie.Revenue : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
E:\Documents and Settings\Connor\Cookies\connor@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@mediaplex[2].txt -> TrackingCookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@servedby.advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\Dad\Cookies\dad@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@ehg-hasbro.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\Guest\Cookies\guest@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@chumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@com[2].txt -> TrackingCookie.Com : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@data3.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4coajalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4oldpmco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4qgazofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4uhdziho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4uiazmfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4umcpsdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfk4whdzikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkiaiajedo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkisocjkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkoaocjsko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkoejdpaho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkokhdzocq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkowkdpmcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkyaoc5kbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkycgd5maq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkykjd5seo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkyohdzoeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkyqhdjoeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkyshd5wcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkywmdjeap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4kld5eeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4okajego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4qgdpmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4qnc5gkq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4wpcpklp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfl4wpdjalp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfliapdpgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfligmdzmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflikld5sbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflikpd5sap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfloeld5mfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflogoczsko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflokid5kaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfloolcjafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfloqpc5ogq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfloulcpagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflowic5sbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wflowlajmhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmiegd5ceo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmikodjokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmiolc5ofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmyckc5mdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmycocjigp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmyojdjofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmyupczoco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfmywnajegp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgk4ckdpceq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgk4qoazefp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkisncjwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkiukcjalo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkiwkdjkfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkoalcpokq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkoeodpwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkokidpcbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkoonczmaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkyamdpggq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkyamdzsdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkyqjczabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkyugczefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wgkyuhazahp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjk4aid5kbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjk4kkdpwlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjk4okajcfq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjk4ondzwap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjk4wncjwdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkochdjwcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkocnd5clp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkocod5okp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkocpc5oho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoehdpacp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoggdjolo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkokhazglp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkokjdjigp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoogcjkbq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkooidzcco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoonajgfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoqgczscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoqjdzmbq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoqkdjmep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkoqkdpoaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkosldpseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkosnczcep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkougdzifo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkowlazsgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyanc5slq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkychdpeho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyckazccq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyegdzggq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyehd5cfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyekcjsfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkygndjglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkykhdpwgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkykjajabp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkykkazgap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkykoajigo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyohdpmbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyoncjclq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyshdzago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyspd5gap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyspdzeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjkyuidjcfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjl4cnajsao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjl4coajolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjl4gncjcbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjl4ojdjmfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjl4sndpmdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlialcpkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlianajeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliapajoho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlichcjkdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliejdzgdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjligiczodp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjligjcpgbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjligkdzoap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliglazsdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlioidpsho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliomczekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlioncpwbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliskd5wlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliupdjcdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjliwgd5wao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjloghajgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlogjaziko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlogldpoeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlokod5weq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlougazmao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjloulajwbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyancjsfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyaoajgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyekczsbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlygicjakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlykjcpegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlykodpmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyojdzibp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyopczggp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyqgdzohp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyqiazcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjlyqndjwlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmiaod5glp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmicpcpgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmikmdjmeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmiopdzsap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmiuidpeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmiupdpibo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmyeic5meo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmyelajcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmygndzwdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmykgc5gaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmyqgcpgho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmysidzwbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmyuhajgko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjmywmcpeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1gazik.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1iajsf.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1iazek.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1id5ga.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1lcpeg.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1mczee.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1ocjkb.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1odjwa.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1pcpwk.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1pdjcg.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1pdpke.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1sajmd.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1sbzmf.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjny-1sdzwa.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyaicpwlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyakazcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyaldpecp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyamdjseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyandzcdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnycgcjslp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnycldpibp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnycndjmdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyehcpwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyejdzglp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyekdjmep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyepczafp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnygkc5ehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnygmcjggp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnygodzweq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnygpczgco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyogd5kbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyojajieo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyomajwgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyomazeaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyoncjclp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyopdpslp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyqidzegq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyqnd5elo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyuodzckp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnyupd5afp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnywocjwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@e-2dj6wjnywpc5sgo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@hotlog[2].txt -> TrackingCookie.Hotlog : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@pro-market[1].txt -> TrackingCookie.Pro-market : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@spylog[1].txt -> TrackingCookie.Spylog : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@web4.realtracker[2].txt -> TrackingCookie.Realtracker : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@www.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@bfast[2].txt -> TrackingCookie.Bfast : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@ehg-mybc.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
E:\Documents and Settings\Mom\Local Settings\Temp\Cookies\mom@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wfk4ogd5gco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wfkikmdjakp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wfkionajgfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wfkoemdjegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wfl4cgc5ebo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wflicndjokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjk4cndjifp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjk4wgczwaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjkoahcpkko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjkykjajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjlianazohp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjligkdzoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjloumd5aao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjlyeld5khq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjmiugd5icp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjny-1pc5sd.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjnyakazcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@e-2dj6wjnyogd5kbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@phg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@pmads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
E:\Documents and Settings\NATHANIEL\Cookies\nathaniel@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup


::Report End



Logfile of HijackThis v1.99.1
Scan saved at 19:54:59, on 18/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\Program Files\lotus\notes\ntmulti.exe
E:\Program Files\Norton Internet Security\NISUM.EXE
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Norton Internet Security\ccPxySvc.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
E:\WINDOWS\System32\igfxtray.exe
E:\WINDOWS\System32\hkcmd.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\QuickTime\qttask.exe
E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Ares\Ares.exe
E:\Documents and Settings\Mom\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.ebay.ca/ws...&...Ah:mebay:CA
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [SonicFocus] "E:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "E:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsear...?p=ZCxdm414YYCA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1114985369295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140294676390
O16 - DPF: {9294206B-A9B2-4F73-938E-89F694F48101} - http://xlonhcld.xlon...4/ldsdlprod.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) - http://www.walmartph...x/PCAXSetup.cab?
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - E:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel® Active Monitor (imonNT) - Unknown owner - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe (file missing)
O23 - Service: Multi-user Cleanup Service - Unknown owner - E:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - E:\P

#5 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 18 February 2006 - 09:11 PM

Be sure to keep SunJava, updated

In Add/Remove programs click on these and press *remove* if listed:
J2SE Runtime Environment 5.0 - 97.99Mb
J2SE Runtime Environment 5.0 Update 2 - 143.00Mb
J2SE Runtime Environment 5.0 Update 4 - 144.00Mb
J2SE Runtime Environment 5.0 Update 5- 151.00Mb
Java 2 Runtime Environment, SE v1.4.2_04 - 130.00Mb
Or any other outdated J2SE


It is important to remove older versions as these are the ones with the holes in them. You will be surprised when you go to add/remove to see all of the versions sitting there.

Download Newest >>>> http://www.java.com/...nload/index.jsp

Once installed you can test to see that it is in fact installed >>>>

Sun Java Test

Sun Microsystems has fixed five security bugs in Java that expose computers running Linux, Solaris and Windows to hacker attack.


Run hijackthis. Hit None of the above, Click Do a System Scan Only. Put a Check in the box on the left side on these:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.ebay.ca/ws...&...Ah:mebay:CA
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://bar.mywebsear...?p=ZCxdm414YYCA

Close ALL windows and browsers except HijackThis and click "Fix checked"


Delete this File if listed:
E:\PROGRAM FILES\MYWEBSEARCH\bar\1.bin\mwsoemon.exe

Delete this Folder
E:\PROGRAM FILES\MYWEBSEARCH


1. Open My Computer
2. Right click on your hard drive that you wish to clean (C drive, for example)
3. In the context menu that opens, select properties
4. Under the general tab you should select Disk Cleanup
5. Windows will scan your drive which will take a few seconds/minutes
6. A box will display the various files you can remove.
Check all boxes except compress old files (If listed)
7. Click OK and windows will comply.

Restart your computer.

Reboot and "copy/paste" a new log file into this thread.
Also please describe how your computer behaves at the moment.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#6 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 12:00 AM

After following the above directions, and restarting my computer, I now have no sound. My device manager says everything is fine. My computer also self-generated this file:

hs_err_pid3216

An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION (0xc0000005) occurred at PC=0xD661A2E
Function=[Unknown.]
Library=E:\Program Files\Java\j2re1.4.2\bin\jsound.dll

NOTE: We are unable to locate the function name symbol for the error
just occurred. Please refer to release documentation for possible
reason and solutions.


Current Java thread:
at com.sun.media.sound.MixerThread.runNative(Native Method)
at com.sun.media.sound.MixerThread.run(Unknown Source)

Dynamic libraries:
0x00400000 - 0x00419000 E:\Program Files\Internet Explorer\iexplore.exe
0x7C900000 - 0x7C9B0000 E:\WINDOWS\system32\ntdll.dll
0x7C800000 - 0x7C8F4000 E:\WINDOWS\system32\kernel32.dll
0x77C10000 - 0x77C68000 E:\WINDOWS\system32\msvcrt.dll
0x77D40000 - 0x77DD0000 E:\WINDOWS\system32\USER32.dll
0x77F10000 - 0x77F57000 E:\WINDOWS\system32\GDI32.dll
0x77F60000 - 0x77FD6000 E:\WINDOWS\system32\SHLWAPI.dll
0x77DD0000 - 0x77E6B000 E:\WINDOWS\system32\ADVAPI32.dll
0x77E70000 - 0x77F01000 E:\WINDOWS\system32\RPCRT4.dll
0x77760000 - 0x778CE000 E:\WINDOWS\system32\SHDOCVW.dll
0x77A80000 - 0x77B14000 E:\WINDOWS\system32\CRYPT32.dll
0x77B20000 - 0x77B32000 E:\WINDOWS\system32\MSASN1.dll
0x754D0000 - 0x75550000 E:\WINDOWS\system32\CRYPTUI.dll
0x76C30000 - 0x76C5E000 E:\WINDOWS\system32\WINTRUST.dll
0x76C90000 - 0x76CB8000 E:\WINDOWS\system32\IMAGEHLP.dll
0x77120000 - 0x771AC000 E:\WINDOWS\system32\OLEAUT32.dll
0x774E0000 - 0x7761D000 E:\WINDOWS\system32\ole32.dll
0x5B860000 - 0x5B8B4000 E:\WINDOWS\system32\NETAPI32.dll
0x771B0000 - 0x77256000 E:\WINDOWS\system32\WININET.dll
0x76F60000 - 0x76F8C000 E:\WINDOWS\system32\WLDAP32.dll
0x77C00000 - 0x77C08000 E:\WINDOWS\system32\VERSION.dll
0x773D0000 - 0x774D2000 E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
0x7C9C0000 - 0x7D1D5000 E:\WINDOWS\system32\SHELL32.dll
0x5D090000 - 0x5D127000 E:\WINDOWS\system32\comctl32.dll
0x5AD70000 - 0x5ADA8000 E:\WINDOWS\system32\uxtheme.dll
0x75F80000 - 0x7607D000 E:\WINDOWS\system32\BROWSEUI.dll
0x20000000 - 0x20012000 E:\WINDOWS\system32\browselc.dll
0x77B40000 - 0x77B62000 E:\WINDOWS\system32\appHelp.dll
0x76FD0000 - 0x7704F000 E:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 - 0x77115000 E:\WINDOWS\system32\COMRes.dll
0x77260000 - 0x772FF000 E:\WINDOWS\system32\urlmon.dll
0x77FE0000 - 0x77FF1000 E:\WINDOWS\system32\Secur32.dll
0x77A20000 - 0x77A74000 E:\WINDOWS\System32\cscui.dll
0x76600000 - 0x7661D000 E:\WINDOWS\System32\CSCDLL.dll
0x77920000 - 0x77A13000 E:\WINDOWS\system32\SETUPAPI.dll
0x10000000 - 0x1000E000 E:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
0x01140000 - 0x01148000 E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
0x75E90000 - 0x75F40000 E:\WINDOWS\system32\SXS.DLL
0x011A0000 - 0x01465000 E:\WINDOWS\system32\xpsp2res.dll
0x01670000 - 0x016B1000 E:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
0x76EE0000 - 0x76F1C000 E:\WINDOWS\system32\RASAPI32.DLL
0x76E90000 - 0x76EA2000 E:\WINDOWS\system32\rasman.dll
0x71AB0000 - 0x71AC7000 E:\WINDOWS\system32\WS2_32.dll
0x71AA0000 - 0x71AA8000 E:\WINDOWS\system32\WS2HELP.dll
0x76EB0000 - 0x76EDF000 E:\WINDOWS\system32\TAPI32.dll
0x76E80000 - 0x76E8E000 E:\WINDOWS\system32\rtutils.dll
0x76B40000 - 0x76B6D000 E:\WINDOWS\system32\WINMM.dll
0x7D4A0000 - 0x7D787000 E:\WINDOWS\system32\Mshtml.dll
0x746C0000 - 0x746E7000 E:\WINDOWS\system32\msls31.dll
0x71AD0000 - 0x71AD9000 E:\WINDOWS\system32\wsock32.dll
0x77C70000 - 0x77C93000 E:\WINDOWS\system32\msv1_0.dll
0x76D60000 - 0x76D79000 E:\WINDOWS\system32\iphlpapi.dll
0x722B0000 - 0x722B5000 E:\WINDOWS\system32\sensapi.dll
0x769C0000 - 0x76A73000 E:\WINDOWS\system32\USERENV.dll
0x0FFD0000 - 0x0FFF8000 E:\WINDOWS\system32\rsaenh.dll
0x01E00000 - 0x01E20000 E:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
0x01E30000 - 0x01F58000 e:\program files\google\googletoolbar2.dll
0x76380000 - 0x76385000 E:\WINDOWS\system32\MSIMG32.dll
0x01F80000 - 0x02008000 E:\WINDOWS\system32\shdoclc.dll
0x75CF0000 - 0x75D81000 E:\WINDOWS\system32\mlang.dll
0x71A50000 - 0x71A8F000 E:\WINDOWS\system32\mswsock.dll
0x662B0000 - 0x66308000 E:\WINDOWS\system32\hnetcfg.dll
0x71A90000 - 0x71A98000 E:\WINDOWS\System32\wshtcpip.dll
0x76F20000 - 0x76F47000 E:\WINDOWS\system32\DNSAPI.dll
0x02050000 - 0x0205A000 E:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
0x024B0000 - 0x02776000 E:\WINDOWS\system32\msi.dll
0x76FC0000 - 0x76FC6000 E:\WINDOWS\system32\rasadhlp.dll
0x767F0000 - 0x76817000 E:\WINDOWS\system32\schannel.dll
0x68100000 - 0x68124000 E:\WINDOWS\system32\dssenh.dll
0x746F0000 - 0x7471A000 E:\WINDOWS\System32\msimtf.dll
0x74720000 - 0x7476B000 E:\WINDOWS\System32\MSCTF.dll
0x76390000 - 0x763AD000 E:\WINDOWS\system32\IMM32.DLL
0x32520000 - 0x32532000 E:\Program Files\Microsoft Office\Office10\msohev.dll
0x75C50000 - 0x75CBE000 e:\windows\system32\jscript.dll
0x73300000 - 0x73367000 e:\windows\system32\vbscript.dll
0x73DD0000 - 0x73ECE000 e:\windows\system32\MFC42.DLL
0x76200000 - 0x76271000 E:\WINDOWS\System32\mshtmled.dll
0x72D20000 - 0x72D29000 E:\WINDOWS\system32\wdmaud.drv
0x72D10000 - 0x72D18000 E:\WINDOWS\system32\msacm32.drv
0x77BE0000 - 0x77BF5000 E:\WINDOWS\system32\MSACM32.dll
0x77BD0000 - 0x77BD7000 E:\WINDOWS\system32\midimap.dll
0x30000000 - 0x30222000 E:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
0x763B0000 - 0x763F9000 E:\WINDOWS\system32\comdlg32.dll
0x6D430000 - 0x6D43A000 E:\WINDOWS\System32\ddrawex.dll
0x73760000 - 0x737A9000 E:\WINDOWS\System32\DDRAW.dll
0x73BC0000 - 0x73BC6000 E:\WINDOWS\System32\DCIMAN32.dll
0x66E50000 - 0x66E90000 E:\WINDOWS\System32\iepeers.dll
0x73000000 - 0x73026000 E:\WINDOWS\System32\WINSPOOL.DRV
0x71D40000 - 0x71D5C000 E:\WINDOWS\System32\actxprxy.dll
0x08260000 - 0x08597000 E:\WINDOWS\system32\wmploc.dll
0x070D0000 - 0x0710B000 E:\WINDOWS\system32\WMASF.DLL
0x07120000 - 0x07221000 E:\WINDOWS\system32\wmnetmgr.dll
0x4D4F0000 - 0x4D548000 E:\WINDOWS\system32\WINHTTP.dll
0x74380000 - 0x7438F000 E:\WINDOWS\system32\wdigest.dll
0x76D40000 - 0x76D58000 E:\WINDOWS\system32\MPRAPI.dll
0x77CC0000 - 0x77CF2000 E:\WINDOWS\system32\ACTIVEDS.dll
0x76E10000 - 0x76E35000 E:\WINDOWS\system32\adsldpc.dll
0x76B20000 - 0x76B31000 E:\WINDOWS\system32\ATL.DLL
0x71BF0000 - 0x71C03000 E:\WINDOWS\system32\SAMLIB.dll
0x76FB0000 - 0x76FB8000 E:\WINDOWS\System32\winrnr.dll
0x74810000 - 0x7497C000 E:\WINDOWS\System32\quartz.dll
0x736B0000 - 0x736B7000 E:\WINDOWS\system32\msdmo.dll
0x73F10000 - 0x73F6C000 E:\WINDOWS\system32\DSOUND.DLL
0x73EE0000 - 0x73EE4000 E:\WINDOWS\system32\KsUser.dll
0x77D00000 - 0x77D33000 E:\WINDOWS\system32\netman.dll
0x76400000 - 0x765A6000 E:\WINDOWS\system32\netshell.dll
0x76C00000 - 0x76C2E000 E:\WINDOWS\system32\credui.dll
0x73030000 - 0x73040000 E:\WINDOWS\system32\WZCSAPI.DLL
0x77620000 - 0x7768E000 E:\WINDOWS\system32\WZCSvc.DLL
0x76D30000 - 0x76D34000 E:\WINDOWS\system32\WMI.dll
0x76D80000 - 0x76D9E000 E:\WINDOWS\system32\DHCPCSVC.DLL
0x76F50000 - 0x76F58000 E:\WINDOWS\system32\WTSAPI32.dll
0x76360000 - 0x76370000 E:\WINDOWS\system32\WINSTA.dll
0x606B0000 - 0x607BD000 E:\WINDOWS\system32\ESENT.dll
0x71B20000 - 0x71B32000 E:\WINDOWS\system32\MPR.dll
0x75F60000 - 0x75F67000 E:\WINDOWS\System32\drprov.dll
0x71C10000 - 0x71C1E000 E:\WINDOWS\System32\ntlanman.dll
0x71CD0000 - 0x71CE7000 E:\WINDOWS\System32\NETUI0.dll
0x71C90000 - 0x71CD0000 E:\WINDOWS\System32\NETUI1.dll
0x71C80000 - 0x71C87000 E:\WINDOWS\System32\NETRAP.dll
0x75F70000 - 0x75F79000 E:\WINDOWS\System32\davclnt.dll
0x75970000 - 0x75A67000 E:\WINDOWS\system32\MSGINA.dll
0x74320000 - 0x7435D000 E:\WINDOWS\system32\ODBC32.dll
0x00CE0000 - 0x00CF7000 E:\WINDOWS\system32\odbcint.dll
0x6CC60000 - 0x6CC6B000 E:\WINDOWS\System32\dispex.dll
0x76820000 - 0x76834000 E:\WINDOWS\system32\HLINK.DLL
0x5FF50000 - 0x5FF61000 E:\WINDOWS\system32\msratelc.dll
0x6A900000 - 0x6A92E000 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DELS1UI.DLL
0x5B430000 - 0x5B440000 E:\WINDOWS\system32\tsappcmp.dll
0x05920000 - 0x059E6000 E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DELS1.DLL
0x74B80000 - 0x74C0C000 E:\WINDOWS\system32\printui.dll
0x74AE0000 - 0x74AE7000 E:\WINDOWS\system32\CFGMGR32.dll
0x66700000 - 0x66755000 E:\Program Files\QuickTime\QTPlugin.ocx
0x66D10000 - 0x66D42000 E:\WINDOWS\system32\QuickTime\QuickTimeWebHelper.qtx
0x66800000 - 0x66C4C000 E:\WINDOWS\system32\QuickTime.qts
0x05900000 - 0x0590C000 E:\WINDOWS\system32\ImgUtil.dll
0x67580000 - 0x675FF000 E:\WINDOWS\system32\QuickTime\QuickTime3GPP.qtx
0x66EF0000 - 0x6705E000 E:\WINDOWS\system32\QuickTime\QuickTimeAuthoring.qtx
0x67060000 - 0x670A5000 E:\WINDOWS\system32\QuickTime\QuickTimeCapture.qtx
0x670B0000 - 0x67129000 E:\WINDOWS\system32\QuickTime\QuickTimeEffects.qtx
0x672F0000 - 0x6736A000 E:\WINDOWS\system32\QuickTime\QuickTimeEssentials.qtx
0x67140000 - 0x671B8000 E:\WINDOWS\system32\QuickTime\QuickTimeImage.qtx
0x089A0000 - 0x08A6E000 E:\WINDOWS\system32\QuickTime\QuickTimeInternetExtras.qtx
0x67280000 - 0x672E8000 E:\WINDOWS\system32\QuickTime\QuickTimeMPEG.qtx
0x67370000 - 0x673D5000 E:\WINDOWS\system32\QuickTime\QuickTimeMPEG4.qtx
0x673E0000 - 0x67507000 E:\WINDOWS\system32\QuickTime\QuickTimeMPEG4Authoring.qtx
0x671C0000 - 0x67244000 E:\WINDOWS\system32\QuickTime\QuickTimeMusic.qtx
0x66C50000 - 0x66D07000 E:\WINDOWS\system32\QuickTime\QuickTimeStreaming.qtx
0x67690000 - 0x676E5000 E:\WINDOWS\system32\QuickTime\QuickTimeStreamingAuthoring.qtx
0x676F0000 - 0x6770C000 E:\WINDOWS\system32\QuickTime\QuickTimeStreamingExtras.qtx
0x66D70000 - 0x66DCB000 E:\WINDOWS\system32\QuickTimeVR.qtx
0x69200000 - 0x6920D000 E:\WINDOWS\system32\Macromed\Director\SwDir.dll
0x06590000 - 0x06620000 E:\WINDOWS\system32\Macromed\Shockwave 10\Control.dll
0x73940000 - 0x73A10000 E:\WINDOWS\system32\D3DIM700.DLL
0x73C20000 - 0x73C2B000 E:\WINDOWS\system32\ATMLIB.dll
0x6D440000 - 0x6D450000 E:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
0x5EDD0000 - 0x5EDE7000 E:\WINDOWS\system32\OLEPRO32.DLL
0x6D310000 - 0x6D327000 E:\Program Files\Java\j2re1.4.2\bin\jpiexp32.dll
0x6D380000 - 0x6D397000 E:\Program Files\Java\j2re1.4.2\bin\jpishare.dll
0x09860000 - 0x09996000 E:\PROGRA~1\Java\J2RE14~1.2\bin\client\jvm.dll
0x069A0000 - 0x069A7000 E:\PROGRA~1\Java\J2RE14~1.2\bin\hpi.dll
0x06B00000 - 0x06B0E000 E:\PROGRA~1\Java\J2RE14~1.2\bin\verify.dll
0x07D10000 - 0x07D28000 E:\PROGRA~1\Java\J2RE14~1.2\bin\java.dll
0x07D30000 - 0x07D3D000 E:\PROGRA~1\Java\J2RE14~1.2\bin\zip.dll
0x0C6E0000 - 0x0C7EA000 E:\Program Files\Java\j2re1.4.2\bin\awt.dll
0x09BA0000 - 0x09BF0000 E:\Program Files\Java\j2re1.4.2\bin\fontmanager.dll
0x6D2F0000 - 0x6D304000 E:\Program Files\Java\j2re1.4.2\bin\jpicom32.dll
0x0D610000 - 0x0D61F000 E:\Program Files\Java\j2re1.4.2\bin\net.dll
0x0D650000 - 0x0D673000 E:\Program Files\Java\j2re1.4.2\bin\jsound.dll
0x03670000 - 0x03692000 E:\Program Files\Java\j2re1.4.2\bin\dcpr.dll
0x59A60000 - 0x59B01000 E:\WINDOWS\system32\DBGHELP.dll
0x76BF0000 - 0x76BFB000 E:\WINDOWS\system32\PSAPI.DLL

Heap at VM Abort:
Heap
def new generation total 704K, used 205K [0x20020000, 0x200e0000, 0x20780000)
eden space 640K, 30% used [0x20020000, 0x20051410, 0x200c0000)
from space 64K, 13% used [0x200d0000, 0x200d21c0, 0x200e0000)
to space 64K, 0% used [0x200c0000, 0x200c0000, 0x200d0000)
tenured generation total 8704K, used 7864K [0x20780000, 0x21000000, 0x26020000)
the space 8704K, 90% used [0x20780000, 0x20f2e130, 0x20f2e200, 0x21000000)
compacting perm gen total 5376K, used 5197K [0x26020000, 0x26560000, 0x2a020000)
the space 5376K, 96% used [0x26020000, 0x265334d0, 0x26533600, 0x26560000)

Local Time = Thu Jan 19 17:04:46 2006
Elapsed Time = 864
#
# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot™ Client VM (1.4.2-b28 mixed mode)
#


Here is my HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 22:54:11, on 18/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\Program Files\lotus\notes\ntmulti.exe
E:\Program Files\Norton Internet Security\NISUM.EXE
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\Program Files\Norton Internet Security\ccPxySvc.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\WINDOWS\System32\igfxtray.exe
E:\WINDOWS\System32\hkcmd.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\QuickTime\qttask.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Ares\Ares.exe
E:\Documents and Settings\Mom\Desktop\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [SonicFocus] "E:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "E:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1114985369295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140294676390
O16 - DPF: {9294206B-A9B2-4F73-938E-89F694F48101} - http://xlonhcld.xlon...4/ldsdlprod.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) - http://www.walmartph...x/PCAXSetup.cab?
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - E:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel® Active Monitor (imonNT) - Unknown owner - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe (file missing)
O23 - Service: Multi-user Cleanup Service - Unknown owner - E:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - E:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

#7 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 01:08 AM

Also, while running the Ewido tool earlier, the computer shut down from overheating, I took it apart, cleaned it out, and on boot, i received this error message : isactiveguard:RegOpenKeyEx failed 2.0 would that be from the computer shutting down DURING the EWIDO scan?

#8 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 19 February 2006 - 06:59 AM

I don't know why your sound isn't working. Have you checked the speaker wires where they plug into the PC?

Can you try the Ewido scan in Safe Mode.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.


Then please run Ewido, click on the Scanner run a full scan and let it clean everything it finds. Save the logfile from the scan.


Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#9 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 02:21 PM

I ran Ewido in safe mode. And the speakers are plugged in fine, the sound was working before I did the fix that you told me to do. I will re-run Ewido, and repost the log. I have tried uninstalling and reinstalling the sound drivers, but for some reason they're still not working.

#10 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 02:22 PM

Please dont' feel i'm being short with you at all, just trying to summarise what i'm saying.

    Advertisements

Register to Remove

#11 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 19 February 2006 - 02:24 PM

We didn't do anything with any of the sound drivers. Is your sound card part of the system board or a addon card?

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#12 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 03:16 PM

Ok, well, i fixed the sound, when i had cleaned out the inside of the computer i must have losened up the sound card (makes NO sense to me how i did that), so i just checked it, pushed it in (didn't really feel any difference), restarted the computer and it worked. Here's my Ewido scan and my hijackThis scans. Also, after we're done this, while fixing this persons computer i've done an Ewido and HijackThis scan of my laptop and i was hoping you could check that over too.

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 14:05:58, 19/02/2006
+ Report-Checksum: 9A7B53DD

+ Scan result:

E:\Documents and Settings\Mom\Cookies\mom@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
E:\Documents and Settings\Mom\Cookies\mom@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup


::Report End




Logfile of HijackThis v1.99.1
Scan saved at 14:08:10, on 19/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\Program Files\lotus\notes\ntmulti.exe
E:\Program Files\Norton Internet Security\NISUM.EXE
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\WINDOWS\System32\igfxtray.exe
E:\WINDOWS\System32\hkcmd.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\QuickTime\qttask.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Ares\Ares.exe
E:\Program Files\Norton Internet Security\ccPxySvc.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Documents and Settings\Mom\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IgfxTray] E:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] E:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe
O4 - HKLM\..\Run: [SonicFocus] "E:\Program Files\Sonic Focus\SFIGUI\SFIGUI.EXE" BOOT
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "E:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "E:\Program Files\Ares\Ares.exe" -h
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: E:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1114985369295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140294676390
O16 - DPF: {9294206B-A9B2-4F73-938E-89F694F48101} - http://xlonhcld.xlon...4/ldsdlprod.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FC} (PCUploader Class) - http://www.walmartph...x/PCAXSetup.cab?
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - E:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - E:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Intel® Active Monitor (imonNT) - Unknown owner - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe (file missing)
O23 - Service: Multi-user Cleanup Service - Unknown owner - E:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - E:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

#13 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 19 February 2006 - 03:22 PM

Good Job :thumbup:


Log looks good :D :thumbup: How is it running any issues?

Note: This will remove all previous Restore Points

Turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn it back on.

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Remove the Check Turn off System Restore.
Click Apply, and then click OK.

Click Start> My Computer, select the Tools menu and then Folder Options, after the new window appears select the View tab…]
This time select the: Restore Defaults
Select: Apply, and click OK




If you dont have these three programs I would recommend that you get them. Spywareblaster, Spywareguard and IESPY AD. They will add 1000's of sites to your resticted zone and block some hijacks from happening. I also have a FREE FIREWALL and FREE ANTI VIRUS if you need one.

It is critical to have both a firewall and anti virus to protect your system.

Keep your system up to date and run Adaware & Spybot, once a week works, and hopefully you will be ok from here on. Both are available below.

Safe Surfing. :D

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein


Also, after we're done this, while fixing this persons computer i've done an Ewido and HijackThis scan of my laptop and i was hoping you could check that over too.

After the above, post it :thumbup:

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

#14 epademic1984

epademic1984

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 19 February 2006 - 04:59 PM

I still have to do the above, and post my laptops stuff, but while waiting for a reply from you this computer self generated a message saying that it needs to be defraged because to many files were corrupt. I'm running dik defrag right now, after that i'll do the above, then i'll post my laptop. Also, I'll throw those programs onto my laptop. Only questions i have are, I have Spybot S&D, Adaware 7.0, AVG Free, and Zone Alarm (free), why do i need spyware blaster/guard, iespy ad, the free firewall, and the free antivirus... will they work better than what i have? will there be conflicts between the firewalls. What would you suggest??

#15 LDTate

LDTate

    Grand Poobah

  • Root Admin
  • 57,211 posts

Posted 19 February 2006 - 05:03 PM

If you dont have these three programs I would recommend that you get them.
If you already have a Firewall, etc., don't worry about it

Edited by LDTate, 19 February 2006 - 05:04 PM.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·