Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

computer shuts down can't run ad aware

Started by rmbas , Feb 19 2006 12:44 PM

  • This topic is locked This topic is locked
12 replies to this topic

#1 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 19 February 2006 - 12:44 PM

Logfile of HijackThis v1.99.1
Scan saved at 1:35:39 PM, on 2/19/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLServiceHost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\HPCENT~1\137903\Program\BACKWE~1.EXE
C:\Documents and Settings\Owner\My Documents\HijackThis.exe

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [hpinstantsupport] "C:\Program Files\Hewlett-Packard\hpis\bin\matcliwrapper.exe" "C:\Program Files\Hewlett-Packard\hpis\" -boot
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (WebProgramManager Class) - http://isupport4.hp....SWebManager.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://64.146.72.210...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

    Advertisements

Register to Remove

#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 24 February 2006 - 07:44 PM

rmbas,

You have been helped in this forum before and have never bothered to update your Operating System. Is there a reason for this?? Without using the Windows Update and installing the the service packs you are leaving your system very vunerable to attacks.


You have Limewire installed, you can read about it here and make your up your own mind if you want to uninstall it or not.
http://www3.ca.com/s...px?id=453088059


DO THIS FIRST
Your HIJACKTHIS program is current, but it is very important that it resides in its own folder.
We will use Hijackthis (HJT) to make changes to your system and HJT will make backups of those changes,
If HJT is not in its own folder, those backups could be lost.

Easy to fix,
* just go to MY COMPUTER > YOUR C:\ DRIVE and create a new folder and name it HIJACKTHIS .
* Now scroll to where you have HJT currently, right click on the HJT icon and select CUT .
* Now open the new folder you just created and right click within that folder and select PASTE .
* Now HJT should reside in C:\HIJACKTHIS\HIJACKTHIS.EXE




This is what I need you to do, open up Internet Explorer and go to Tools > Windows Updates and download the latest updates for your system, then post back with a new HJT log.

Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#3 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 25 February 2006 - 10:36 AM

Thanks Ken this is my childrens computer I'll have to do better on updates and software they are running. I uninstalled Limewire and got the updates. Moved the hijackthis to its own folder. This is the new log also I think i removed alot of spy-ware with trend micro when waiting to here from you. thanks


Logfile of HijackThis v1.99.1
Scan saved at 11:18:24 AM, on 2/25/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLServiceHost.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2cf41f1db14bc8f414e16e1555b77108\update\update.exe
C:\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [hpinstantsupport] "C:\Program Files\Hewlett-Packard\hpis\bin\matcliwrapper.exe" "C:\Program Files\Hewlett-Packard\hpis\" -boot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (WebProgramManager Class) - http://isupport4.hp....SWebManager.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://64.146.72.210...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

#4 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 26 February 2006 - 12:12 AM

rmbas,

Limewire is removed :thumbup: , HJT is right where we want it to be :thumbup: but I dont see any windows updates on your system. I have to tell you that without them you are leaving yourself open to all sorts of Infections and attacks. You need to go to the windows update sites and for the time being, install SP1 (Service Pack I )
You can download it here
Service Pack 1a
If you get that installed, hold off until your computer is clean and we can then install SP2.



Download and install the 30 day trial of Ewido Anti-Malware
Ewido Anti-Malware
* Launch Ewido, there should be an icon on your desktop for it to double-click.
o Click on update
o You should see Update Complete when done.
o Now close out the program <-- Dont run it yet.



Enable Windows to Show All Files and Folders

* Click on MY COMPUTER
* Then on your C: Drive
* Then to TOOLS/ FOLDER OPTIONS/ VIEW
* Choose the radio button to SHOW HIDDEN FILES AND FOLDERS
* Take the checkmark out of HIDE EXTENSIONS FOR KNOWN FILE TYPES
* Then APPLY/ OK
* Don't forget to reverse this once your computer is clean




Reboot your computer into Safemode

* Go to START/ SHUT OF YOUR COMPUTER/ RESTART
* As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly, this will bring up a menu.
* Use the UP AND DOWN ARROW KEYS to scroll up to SAFEMODE
* Then press the ENTER KEY ON YOUR KEYBOARD





o Now open up Ewido
* Click on scanner
* Click on Complete System Scan and the scan will begin.
* You will be prompted to clean the first infection.
* Select "Perform action on all infections", then proceed.
* Once the scan has completed, there will be a button located on the bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop or a location where you can find it easily.
* Close Ewido Security Suite.



Reboot normally


Download and Install CCleaner

* Click on Run Cleaner
* Run the Issues Scan < When it asks you to backup the Registry..Say Yes

Tutorial for CCleaner
http://www.ccleaner.com/help/tour1.asp


Post back with a new HJT log and the report from Ewido.

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#5 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 26 February 2006 - 12:10 PM

ok thanks ken i don't understand the updates it says all that is needed is sp2 anyway i completed the instructions here are the logs

Logfile of HijackThis v1.99.1
Scan saved at 12:58:13 PM, on 2/26/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLServiceHost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [hpinstantsupport] "C:\Program Files\Hewlett-Packard\hpis\bin\matcliwrapper.exe" "C:\Program Files\Hewlett-Packard\hpis\" -boot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (WebProgramManager Class) - http://isupport4.hp....SWebManager.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140970083310
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://64.146.72.210...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

--------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 12:41:15 PM, 2/26/2006
+ Report-Checksum: B72A1B6B

+ Scan result:

HKLM\SOFTWARE\DelFin -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\DelFin\PromulGate -> Adware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DelFin Media Viewer -> Adware.Delfin : Cleaned with backup
HKU\S-1-5-21-3978503659-1026747355-2798751602-1003\Software\Support Software -> Adware.NetworkEssentials : Cleaned with backup
HKU\S-1-5-21-3978503659-1026747355-2798751602-1003\Software\Support Software\Params -> Adware.NetworkEssentials : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\eskin -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\IESkins -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055547.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055563.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055937.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1063425.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1066790.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1067475.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383623.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387587.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\566217.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\600583.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\625696.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\698191.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\819382.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\890068.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\985612.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL.dat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\bstat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Reunion.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Reunion.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar2.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2reg.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2_Bubbles2.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles_Bubbles.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\components.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_categorize.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_comparison.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_favorites.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_Games.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_Hide.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_hsskin.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_new.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_premium.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_searchfor.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_searchgo.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_weather.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Default_yellowpages.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar10.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar2.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar5.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar9.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.htm -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\theweb.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Janine\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\Top7_theweb.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Kinsey\Cookies\kinsey@ads18.bpath[1].txt -> TrackingCookie.Bpath : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\eskin -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\IESkins -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\IESkins\0118surf1.bmp -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\IESkins\0621ZeXtreme08.bmp -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOL -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOL\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\HostOL\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1001864.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055563.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1055937.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1059014.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1063425.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1063947.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1310840.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383595.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383623.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383637.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383771.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1384070.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387587.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\144914.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\147608.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\499863.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\543827.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\566217.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\573421.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\600583.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\625696.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\656102.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\662778.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\698191.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\773390.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\800531.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\819382.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\829423.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\848631.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\880604.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\88503.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\890068.sdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL.dat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\bstat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles2_Bubbles2.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\bubbles_Bubbles.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Reunion.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbarcom.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\samplegroups2.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\1\s_icons_buttons.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles2_Bubbles2.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\bubbles_Bubbles.bbl -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtone.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbarcom.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\samplegroups2.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\bubbles2.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@adorigin[2].txt -> TrackingCookie.Adorigin : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@sexlist[2].txt -> TrackingCookie.Sexlist : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned with backup
C:\Documents and Settings\Neils\Cookies\neils@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfk4goc5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfkiskajeaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjk4qlajilp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjl4apajmdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjliepc5cap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\eskin -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\IESkins -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\IESkins\0118surf1.bmp -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\IESkins\0521ZCelso192.bmp -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\IESkins\11260020001113-2.bmp -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\dynamic -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1 -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu -> Adware.HotBar : Cleaned with backup
C:\Documents and Settings\Ryan&

#6 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 26 February 2006 - 02:59 PM

rmbas,


Both Ewido and Spysweeper are picking up traces of Hotbar, Symantec has a removal tool, I would like you to run it.

First do this.

* On the Windows XP taskbar:
1. Click Start > Control Panel.
2. In the Control Panel window, double-click Add or Remove Programs.

Click one of the following program names if you see it listed, if not than proceed to the removal tool.

* Hotbar Web Tools
* Hotbar Outlook Tools
* Shopper Reports by Hotbar


Then download the tool to your desktop, reboot into Safemode and run the tool.
http://sarc.com/avce...are.hotbar.html


If it finds anything it will remove it, if not the rest of your log looks ok. Are you having any specific issues?

After we deem that your clean, then you need to install SP2.

Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#7 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 26 February 2006 - 08:43 PM

Ken Symantec didn't find anything. Things seem alot better. If you could help with one problem when I boot up I get a "Runner error" Runner file name (backweb-137930.exe_tobedeleted) must end in .dll or .exe. Ok for sp2?? thanks thanks!!! Mike

#8 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 27 February 2006 - 07:06 AM

rmbas,

That file has to do with your HP printer . Why dont you boot into Safemode and delete it, BUT keep it in your recycle bin for a few days to see if you have any problems. You may have to reinstall the drivers for your printer.


C:\Program Files\hp center\137903\Program\BackWeb-137903.exe


Ok for SP2, but before you do, get your ducks in a row.

1. * Go to START/ CONTROL PANEL> PERFORMANCE AND MAINTENANCE> REARRANGE ITEMS ON YOUR HARD DISK TO MAKE PROGRAMS RUN FASTER
This is the Windows Disk Defragger, run this maybe once or twice a month to keep your system running good. The first time you run it, it may take awhile.

2. Disable your anti virus software so it wont interfere in the installation.


3. Go for it.

Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#9 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 01 March 2006 - 05:07 PM

Ken I had some problems i'll tell you please give me your thoughts 1. CHKDSK verifing files 2.Correcting corrupt files $130 for file 4042 and file 21152 and many more. 3.Recovering orphaned files 4.Securitysuite.exe corrupt please run chkdsk utility 5.Active desktop recovery. The computer shuts down sometimes, almost every time i try to run adaware. please tell me what you think. mike

#10 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 01 March 2006 - 06:57 PM

Mike,

Ewido may have gotten corrupted along the way. Go to the Add-Remove programs in the control panel and remove Ewido.

As far as the other problems, this appears to be a windows issue, I am going to direct you to some excellent tech support forums for windows, like Tom Coyote there free but you have to register.


Tom Coyote
Windows Helpnet
Hardwareguys


Correcting corrupt files $130 for file 4042 and file 21152 and many more.

I am not totally following you on this one, is that a typo or a dollar sign?


Post back with one last HJT log and let me make sure that it is totally free or malware.

Ken :D

Edited by ken545, 01 March 2006 - 07:00 PM.


 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#11 rmbas

rmbas

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 01 March 2006 - 07:32 PM

Ken

I uninstalled ewido and new hjt log.
Yes I think it was a dollar sign I was tryong to write down while it was on the screen. You supect at windows problem? Could it be hardware or harddrive? Its interesting!!! thanks mike

Logfile of HijackThis v1.99.1
Scan saved at 8:22:27 PM, on 3/1/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1133832788\ee\AOLServiceHost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\HIJACKTHIS\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NAV Agent] c:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1133832788\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [hpinstantsupport] "C:\Program Files\Hewlett-Packard\hpis\bin\matcliwrapper.exe" "C:\Program Files\Hewlett-Packard\hpis\" -boot
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exe
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (WebProgramManager Class) - http://isupport4.hp....SWebManager.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1140970083310
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://64.146.72.210...sCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

#12 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 01 March 2006 - 07:52 PM

Mike,

I am afraid I really dont understand whats going on on your system. I dont know what you have done to create those problems. Downloading the windows updates would not corrupted any files.

Out side of these two entries, your log looks ok. :thumbup:


Open HJT Scan Only and fix both these entries.

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O16 - DPF: {60EFC337-15C2-4369-B2A0-3429B071D8B8} (WebProgramManager Class) - http://isupport4.hp....SWebManager.CAB


Sorry I cant be of any further help as this forum is for the removal of Malware. I would suggest that you post in one of or all of the forums that I recommeded to get the windows help that you need.

Ken :D

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#13 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,225 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 07 March 2006 - 10:18 AM

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·