Options
Can someone please help me?
I am a simpleton when it comes to my pc, so please have patience with me. I have several problems. First of all, my PC recently went to black screen and I thought it was a powersurge that caused it. I tried to reboot several times, but it didnt work. I finally rebooted in safe mode, and ran Hijack This, Spybot and Adaware. I got rid of a few things from Hijackthis, but they keep coming back. The same goes for Spybot. . Anyway, my PC kept locking up. ctrl-alt-delete wouldn't solve the lock ups so I would reboot. This went on for two days. Finally my Pc stopped locking up. I dont know why, because I didnt do anything different. It seems to be running alright, but my Norton Corporate client edition antivirus software will not run. When I try, it tells me "Symantec Antivirus could not access the scan engine. Please ensure the product is properly installed." So I went to control panel, and removed the program and reinstalled, but it still didnt work. I attempted to DL the latest virus definition from: http://securityresponse.symantec.com/avcenter/download/pages/US-N95.html and then doubleclicked on the update. The update said that it checked my system and made one update. I then tried to run the antivirus, but it still doesn't work.
In addition to this I also have found a few things in my Add/Remove programs that I dont recognize and I can't get rid of. Specifically, Home Search Assisiant, Search Extender, and Shopping Wizard.
As I mentioned before, I am not the sharpest knife in the drawer when it comes to pcs. If anyone can help, please try to leave simple instructions designed for a beginner. Thanks in advance.
Here is my Hijack This Logfile:
Logfile of HijackThis v1.99.0
Scan saved at 4:19:59 AM, on 7/15/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sacre.SACRE29\Desktop\hijackthis\HijackThis.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
In addition to this I also have found a few things in my Add/Remove programs that I dont recognize and I can't get rid of. Specifically, Home Search Assisiant, Search Extender, and Shopping Wizard.
As I mentioned before, I am not the sharpest knife in the drawer when it comes to pcs. If anyone can help, please try to leave simple instructions designed for a beginner. Thanks in advance.
Here is my Hijack This Logfile:
Logfile of HijackThis v1.99.0
Scan saved at 4:19:59 AM, on 7/15/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Symantec AntiVirus\VPTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\sacre.SACRE29\Desktop\hijackthis\HijackThis.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
0
Comments
http://www.mvps.org/winhelp2002/DelDomains.inf
Just because your HijackThis log is clean does not mean that your system is 100% spyware or virus free. Running a free virus scan at the link below will report back any remains of viruses that are not executable, but are still on on your system.
http://pandasoftware.com/activescan/
There may be some files that the scan above cannot remove. Please post the log that it puts out here.
Incident Status Location Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\vx1x.nls
Adware:adware/sahagent No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
Adware:adware/sidestep No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
Spyware:spyware/petro-line No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Credit counseling.url
Adware:adware/searchaid No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\Seven days of free porn.url
Adware:adware/gator No disinfected C:\WINDOWS\GatorPatch.log
Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
Adware:adware/sidefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TSL INSTALLER
Adware:adware/searchrelevancy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\SEARCHRELEVANCY
Adware:adware/cws.008k No disinfected HKEY_CLASSES_ROOT\CLSID\{A3C5C0CE-5122-E73A-AB92-E8EE67589A00}
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\pnelennp\epcpnnjj.exe
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\bnblceatac\nfcbnnlfl.exe
Virus:Trj/HideProc.B Disinfected C:\Documents and Settings\sacre.SACRE29\Local Settings\Temp\42.tmp
Possible Virus. No disinfected C:\Documents and Settings\sacre.SACRE29\Local Settings\Temp\43.tmp.exe
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\system32\ipwb.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\qdkli.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\fsykd.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\ezlta.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\zznjo.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\yalui.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\mwefz.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmlparse.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmltok.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\zybcs.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\ebayj.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[Uninstall.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[bargains.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adv.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adx.exe]
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\osytw.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\ncggp.dll
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exdl.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[mqexdlm.srg]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exul.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[javexulm.vxd]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[msexreg.exe]
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\fwaxf.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\olvyl.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\hrudm.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\zhojd.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\system32\vfpgu.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkek.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apicr32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\netfx32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkqz32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\aqsbo.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\wince32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ipba32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\mfccm32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\pvhcp.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lqszzt.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mdeqks.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sauxji.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\igbhsf.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qlftyv.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\ajazbc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hloypf.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\pgphna.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fiaugq.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\qsgybs.txt
Virus:Trj/Agent.DW Disinfected C:\WINDOWS\jfyjle.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hvsfoe.txt
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lmlsax.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\xgoxed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\eoyiww.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\uavvwg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuorqk.txt
Adware:Adware/Winshow No disinfected C:\WINDOWS\sqjjnp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\liifgl.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cfxyqa.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mxidws.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rntzxh.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\xqahsr.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uapiea.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\eykoii.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dicpth.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zdqsmg.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ikkgqc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\efyjjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\icygut.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jywbrq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kbijdc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\avueed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pmudpr.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ihsyen.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kdplsk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zcabig.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\axywxc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\spmxat.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\poqvip.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xikqaz.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dbhiif.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rxozvp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\esguvw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bhzfiq.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cdosxn.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nwkpzx.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\oshcwt.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bsfhxy.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ontkif.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bkupbp.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bfyxob.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvxbba.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qbpuej.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\unfese.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lezzyq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\thxtrm.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dqkykg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\okejeb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\tkdfnw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gtaeat.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\wbswzk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\vycpqp.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\aplps.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jmuotg.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\qqmkia.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\qizjs.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\smtne.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\opqfsk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\fnkmdz.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\vdxwr.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\pzwgcl.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cbnxoc.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\rhyguh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hracec.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\hhqhfu.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuigtf.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xwjmn.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqeuyr.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\mngvhw.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqronw.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\oncuco.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvpsuj.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\grtvt.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fyryig.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\pwlfln.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fwsdbc.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\uiptij.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mwgcsd.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ucgcid.dat
There is more, but it won't fit. What shall I do now?
Here's the rest of the panda scan:
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ucgcid.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pblhhz.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ozukxo.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ieuz.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sdkcq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\winjw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\atlfz32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\iwjjoe.txt
Adware:Adware/EasySearch No disinfected C:\WINDOWS\irkzrb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qagemb.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\dnpfa.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\xzciwh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xnwtvu.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gnttiz.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\awccxb.log
I have run Spybot twice, but it only removed a few of these. :bawling:
As I mentioned in the very first entry to this thread, I believe alot of this is stuff I haven't been able to remove ( Home Search Assisiant, Search Extender, and Shopping Wizard)
I guess I have alot of work to do. Any suggestions?
Thanks, sacre
http://www.majorgeeks.com/download4289.html
Incident Status Location
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\vx1x.nls
Adware:adware/sahagent No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
Adware:adware/sidestep No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
Spyware:spyware/petro-line No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Credit counseling.url
Adware:adware/searchaid No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\Seven days of free porn.url
Adware:adware/gator No disinfected C:\WINDOWS\GatorPatch.log
Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
Adware:adware/sidefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TSL INSTALLER
Adware:adware/searchrelevancy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\SEARCHRELEVANCY
Adware:adware/cws.008k No disinfected HKEY_CLASSES_ROOT\CLSID\{A3C5C0CE-5122-E73A-AB92-E8EE67589A00}
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\pnelennp\epcpnnjj.exe
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\bnblceatac\nfcbnnlfl.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\ezlta.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\zznjo.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmlparse.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmltok.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[Uninstall.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[bargains.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adv.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adx.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exdl.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[mqexdlm.srg]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exul.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[javexulm.vxd]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[msexreg.exe]
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkek.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apicr32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\netfx32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkqz32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\aqsbo.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\wince32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ipba32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\mfccm32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\pvhcp.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lqszzt.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mdeqks.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sauxji.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\igbhsf.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qlftyv.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\ajazbc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hloypf.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\pgphna.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fiaugq.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\qsgybs.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hvsfoe.txt
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lmlsax.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\xgoxed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\eoyiww.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\uavvwg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuorqk.txt
Adware:Adware/Winshow No disinfected C:\WINDOWS\sqjjnp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\liifgl.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cfxyqa.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mxidws.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rntzxh.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\xqahsr.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uapiea.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\eykoii.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dicpth.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zdqsmg.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ikkgqc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\efyjjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\icygut.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jywbrq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kbijdc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\avueed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pmudpr.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ihsyen.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kdplsk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zcabig.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\axywxc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\spmxat.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\poqvip.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xikqaz.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dbhiif.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rxozvp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\esguvw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bhzfiq.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cdosxn.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nwkpzx.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\oshcwt.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bsfhxy.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ontkif.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bkupbp.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bfyxob.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvxbba.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qbpuej.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\unfese.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lezzyq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\thxtrm.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dqkykg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\okejeb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\tkdfnw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gtaeat.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\wbswzk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\vycpqp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jmuotg.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\qqmkia.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\opqfsk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\fnkmdz.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cbnxoc.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\rhyguh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hracec.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuigtf.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqeuyr.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\mngvhw.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqronw.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvpsuj.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fyryig.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\pwlfln.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fwsdbc.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\uiptij.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mwgcsd.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ucgcid.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pblhhz.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ozukxo.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ieuz.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sdkcq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\winjw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\atlfz32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\iwjjoe.txt
Adware:Adware/EasySearch No disinfected C:\WINDOWS\irkzrb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qagemb.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\xzciwh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xnwtvu.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gnttiz.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\awccxb.log
Incident Status Location
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\pnelennp\epcpnnjj.exe
Adware:Adware/Gator No disinfected C:\Program Files\Common Files\bthcpcen\bnblceatac\nfcbnnlfl.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\ezlta.dll
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\system32\zznjo.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmlparse.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\xmltok.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[Uninstall.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[bargains.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adv.exe]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\mac80ex.idf[adx.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exdl.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[mqexdlm.srg]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[exul.exe]
Adware:Adware/ExactSearch No disinfected C:\WINDOWS\system32\netut80ex.vxd[javexulm.vxd]
Spyware:Spyware/BargainBuddy No disinfected C:\WINDOWS\system32\netut80ex.vxd[msexreg.exe]
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkek.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apicr32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\netfx32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\sdkqz32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\aqsbo.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\wince32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ipba32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\mfccm32.dll
Adware:Adware/EasySearch No disinfected C:\WINDOWS\system32\pvhcp.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lqszzt.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mdeqks.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sauxji.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\igbhsf.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qlftyv.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\ajazbc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hloypf.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\pgphna.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fiaugq.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\qsgybs.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hvsfoe.txt
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lmlsax.txt
Adware:Adware/StartPage.BK No disinfected C:\WINDOWS\xgoxed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\eoyiww.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\uavvwg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuorqk.txt
Adware:Adware/Winshow No disinfected C:\WINDOWS\sqjjnp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\liifgl.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cfxyqa.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mxidws.dat
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rntzxh.log
Adware:Adware/Winshow No disinfected C:\WINDOWS\xqahsr.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uapiea.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\eykoii.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dicpth.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zdqsmg.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ikkgqc.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\efyjjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\icygut.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jywbrq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kbijdc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\avueed.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pmudpr.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ihsyen.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\kdplsk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\zcabig.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\axywxc.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\spmxat.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\poqvip.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xikqaz.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dbhiif.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\rxozvp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\esguvw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bhzfiq.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cdosxn.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nwkpzx.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\oshcwt.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bsfhxy.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ontkif.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bkupbp.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\bfyxob.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvxbba.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qbpuej.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\unfese.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\lezzyq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\thxtrm.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dqkykg.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\okejeb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\tkdfnw.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gtaeat.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\wbswzk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\vycpqp.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jmuotg.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\qqmkia.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\opqfsk.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\fnkmdz.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\cbnxoc.dat
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\rhyguh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\hracec.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuigtf.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqeuyr.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\mngvhw.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\nqronw.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\dvpsuj.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fyryig.log
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\pwlfln.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\fwsdbc.txt
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\uiptij.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\mwgcsd.dat
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ucgcid.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\pblhhz.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ozukxo.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\ieuz.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\sdkcq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\winjw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\atlfz32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\iwjjoe.txt
Adware:Adware/EasySearch No disinfected C:\WINDOWS\irkzrb.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\qagemb.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\xzciwh.log
Adware:Adware/SearchAid No disinfected C:\WINDOWS\xnwtvu.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\gnttiz.log
Adware:Adware/EasySearch No disinfected C:\WINDOWS\awccxb.log
What is my next move?
Boot into Safe Mode and delete the following files:
C:\Program Files\Common Files\bthcpcen\pnelennp\epcpnnjj.exe
C:\Program Files\Common Files\bthcpcen\bnblceatac\nfcbnnlfl.exe
C:\WINDOWS\system32\apprm32.dll
C:\WINDOWS\system32\ezlta.dll
C:\WINDOWS\system32\zznjo.dll
C:\WINDOWS\system32\ntpr.exe
C:\WINDOWS\system32\d3za.exe
C:\WINDOWS\system32\xmlparse.dll
C:\WINDOWS\system32\xmltok.dll
C:\WINDOWS\system32\ievq32.dll
C:\WINDOWS\system32\iefn32.dll
C:\WINDOWS\system32\mac80ex.idf
C:\WINDOWS\system32\netut80ex.vxd
C:\WINDOWS\system32\sdkek.dll
C:\WINDOWS\system32\apicr32.dll
C:\WINDOWS\system32\netfx32.dll
C:\WINDOWS\system32\sdkqz32.dll
C:\WINDOWS\system32\aqsbo.dll
C:\WINDOWS\system32\wince32.dll
C:\WINDOWS\system32\ipba32.dll
C:\WINDOWS\system32\mfccm32.dll
C:\WINDOWS\lqszzt.dat
C:\WINDOWS\system32\pvhcp.dll
C:\WINDOWS\sauxji.dat
C:\WINDOWS\mdeqks.dat
C:\WINDOWS\igbhsf.dat
C:\WINDOWS\qlftyv.dat
C:\WINDOWS\ajazbc.log
C:\WINDOWS\hloypf.log
C:\WINDOWS\pgphna.dat
C:\WINDOWS\fiaugq.txt
C:\WINDOWS\qsgybs.txt
C:\WINDOWS\hvsfoe.txt
C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
C:\WINDOWS\lmlsax.txt
C:\WINDOWS\xgoxed.txt
C:\WINDOWS\eoyiww.log
C:\WINDOWS\sxwlr.dll
C:\WINDOWS\uavvwg.log
C:\WINDOWS\sqjjnp.log
C:\WINDOWS\liifgl.dat
C:\WINDOWS\cfxyqa.dat
C:\WINDOWS\dsfbi.dll
C:\WINDOWS\mxidws.dat
C:\WINDOWS\mfbsl.dll
C:\WINDOWS\rntzxh.log
C:\WINDOWS\xqahsr.txt
C:\WINDOWS\uapiea.txt
C\WINDOWS\eykoii.dat
C:\WINDOWS\dicpth.dat
C:\WINDOWS\zdqsmg.txt
C:\WINDOWS\ikkgqc.log
C:\WINDOWS\efyjjk.dat
C:\WINDOWS\icygut.txt
C:\WINDOWS\kbijdc.txt
C:\WINDOWS\avueed.txt
C:\WINDOWS\pmudpr.txt
C:\WINDOWS\ihsyen.log
C:\WINDOWS\kdplsk.dat
C:\WINDOWS\zcabig.log
C:\WINDOWS\axywxc.txt
C:\WINDOWS\spmxat.dat
C:\WINDOWS\poqvip.dat
C:\WINDOWS\xikqaz.dat
C:\WINDOWS\dbhiif.txt
C:\WINDOWS\rxozvp.log
C:\WINDOWS\esguvw.dat
C:\WINDOWS\bhzfiq.log
C:\WINDOWS\cdosxn.dat
C:\WINDOWS\nwkpzx.dat
C:\WINDOWS\oshcwt.txt
C:\WINDOWS\bsfhxy.txt
C:\WINDOWS\ontkif.log
C:\WINDOWS\bkupbp.txt
C:\WINDOWS\bfyxob.log
C:\WINDOWS\dvxbba.txt
C:\WINDOWS\qbpuej.dat
C:\WINDOWS\unfese.log
C:\WINDOWS\lezzyq.dat
C:\WINDOWS\thxtrm.log
C:\WINDOWS\dqkykg.log
C:\WINDOWS\okejeb.txt
C:\WINDOWS\tkdfnw.dat
C:\WINDOWS\n_kspjuq.txt
C:\WINDOWS\n_jgukjk.dat
C:\WINDOWS\gtaeat.log
C:\WINDOWS\wbswzk.dat
C:\WINDOWS\vycpqp.log
C:\WINDOWS\jmuotg.dat
C:\WINDOWS\qqmkia.txt
C:\WINDOWS\opqfsk.dat
C:\WINDOWS\fnkmdz.log
C:\WINDOWS\cbnxoc.dat
C:\WINDOWS\rhyguh.log
C:\WINDOWS\hracec.dat
C:\WINDOWS\uuigtf.log
C:\WINDOWS\addav32.dll
C:\WINDOWS\nqeuyr.log
C:\WINDOWS\mngvhw.txt
C:\WINDOWS\nqronw.log
C:\WINDOWS\dvpsuj.log
C:\WINDOWS\fyryig.log
C:\WINDOWS\pwlfln.txt
C:\WINDOWS\fwsdbc.txt
C:\WINDOWS\uiptij.txt
C:\WINDOWS\mwgcsd.dat
C:\WINDOWS\sxxhy.dll
C:\WINDOWS\ucgcid.dat
C:\WINDOWS\pblhhz.log
C:\WINDOWS\ozukxo.dat
C:\WINDOWS\ieuz.dll
C:\WINDOWS\sdkcq32.dll
C:\WINDOWS\winjw.dll
C:\WINDOWS\atlfz32.dll
C:\WINDOWS\iwjjoe.txt
C:\WINDOWS\irkzrb.txt
C:\WINDOWS\qagemb.log
C:\WINDOWS\xzciwh.log
C:\WINDOWS\xnwtvu.dat
C:\WINDOWS\gnttiz.log
C:\WINDOWS\awccxb.log
Then boot back into Normal Mode, scan with Panda again, and post a new log.
C:\Program Files\Common Files\bthcpcen\pnelennp\epcpnnjj.exe
C:\Program Files\Common Files\bthcpcen\bnblceatac\nfcbnnlfl.exe
C:\WINDOWS\system32\apprm32.dll
C:\WINDOWS\system32\ntpr.exe
C:\WINDOWS\system32\d3za.exe
C:\WINDOWS\system32\ievq32.dll
C:\WINDOWS\system32\iefn32.dll
C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
C:\WINDOWS\sxwlr.dll
C:\WINDOWS\dsfbi.dll
C:\WINDOWS\mfbsl.dll
Should I still Panda Scan and post a new log?
Also: I have run Spybot twice and it is finding 8 Adware/Search Extender that it cannot get rid of. Any help here would be greatly appreciated. Thanks!
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\vx1x.nls
Adware:adware/sahagent No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
Adware:adware/sidestep No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
Spyware:spyware/petro-line No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Credit counseling.url
Adware:adware/gator No disinfected C:\WINDOWS\GatorPatch.log
Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
Adware:adware/sidefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TSL INSTALLER
Adware:adware/searchrelevancy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\SEARCHRELEVANCY
Adware:adware/searchaid No disinfected HKEY_CLASSES_ROOT\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5}
Adware:adware/cws.008k No disinfected HKEY_CLASSES_ROOT\CLSID\{A3C5C0CE-5122-E73A-AB92-E8EE67589A00}
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\uuorqk.txt
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\jywbrq.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
Anything else I should do?
C:\WINDOWS\SYSTEM32\vx1x.nls
C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Credit counseling.url
C:\WINDOWS\GatorPatch.log
C:\WINDOWS\system32\apprm32.dll
C:\WINDOWS\system32\ntpr.exe
C:\WINDOWS\system32\d3za.exe
C:\WINDOWS\system32\ievq32.dll
C:\WINDOWS\system32\iefn32.dll
C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
C:\WINDOWS\sxwlr.dll
C:\WINDOWS\uuorqk.txt
C:\WINDOWS\dsfbi.dll
C:\WINDOWS\mfbsl.dll
C:\WINDOWS\xixdw.dll
C:\WINDOWS\jywbrq.dat
C:\WINDOWS\n_kspjuq.txt
C:\WINDOWS\n_jgukjk.dat
C:\WINDOWS\addav32.dll
C:\WINDOWS\sxxhy.dll
Then boot back into Normal Mode, scan with Panda again, and post the new log.
C:\WINDOWS\SYSTEM32\vx1x.nls
C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
C:\WINDOWS\system32\apprm32.dll
C:\WINDOWS\system32\ntpr.exe
C:\WINDOWS\system32\d3za.exe
C:\WINDOWS\system32\ievq32.dll
C:\WINDOWS\system32\iefn32.dll
C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
C:\WINDOWS\sxwlr.dll
C:\WINDOWS\dsfbi.dll
C:\WINDOWS\mfbsl.dll
C:\WINDOWS\xixdw.dll
C:\WINDOWS\n_kspjuq.txt
C:\WINDOWS\n_jgukjk.dat
C:\WINDOWS\addav32.dll
C:\WINDOWS\sxxhy.dll
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\vx1.nls
Adware:adware/sahagent No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
Adware:adware/sidestep No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
Spyware:spyware/petro-line No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Insurance home.url
Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
Adware:adware/sidefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TSL INSTALLER
Adware:adware/wupd No disinfected HKEY_CLASSES_ROOT\ADMILLISERVX.INSTALLER
Adware:adware/searchrelevancy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\SEARCHRELEVANCY
Adware:adware/searchaid No disinfected HKEY_CLASSES_ROOT\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5}
Adware:adware/cws.008k No disinfected HKEY_CLASSES_ROOT\CLSID\{A3C5C0CE-5122-E73A-AB92-E8EE67589A00}
Adware:adware/searchexe No disinfected HKEY_CLASSES_ROOT\Interface\{72423E8F-8011-11D2-BE79-00A0C9A83DA3}
Adware:Adware/SearchAid No disinfected C:\Recycled\Dc123.txt
Adware:Adware/SearchAid No disinfected C:\Recycled\Dc124.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
It's been a few days since I heard from you. Do you have any further instructions?
Please post a HJT log as well as results from Panda's activescan.
Logfile of HijackThis v1.99.0
Scan saved at 12:37:19 PM, on 8/16/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\sacre.SACRE29\Desktop\hijackthis\HijackThis.exe
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - F:\MYMUSI~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
I will do a Panda Active Scan again tonight.
Incident Status Location
Spyware:spyware/bargainbuddy No disinfected C:\WINDOWS\SYSTEM32\vx1.nls
Adware:adware/sahagent No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\LOCAL SETTINGS\TEMP\cdt1001.sah
Adware:adware/sidestep No disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\SbCIe01f.txt
Spyware:spyware/petro-line No disinfected C:\DOCUMENTS AND SETTINGS\SACRE.SACRE29\FAVORITES\SITES ABOUT\Insurance home.url
Adware:adware/cws.homesearchasisstantNo disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HSA
Adware:adware/sidefind No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TSL INSTALLER
Adware:adware/wupd No disinfected HKEY_CLASSES_ROOT\ADMILLISERVX.INSTALLER
Adware:adware/searchrelevancy No disinfected HKEY_LOCAL_MACHINE\SOFTWARE\SEARCHRELEVANCY
Adware:adware/searchaid No disinfected HKEY_CLASSES_ROOT\CLSID\{676575DD-4D46-911D-8037-9B10D6EE8BB5}
Adware:adware/cws.008k No disinfected HKEY_CLASSES_ROOT\CLSID\{A3C5C0CE-5122-E73A-AB92-E8EE67589A00}
Adware:adware/searchexe No disinfected HKEY_CLASSES_ROOT\Interface\{72423E8F-8011-11D2-BE79-00A0C9A83DA3}
Adware:Adware/SearchAid No disinfected C:\Recycled\Dc123.txt
Adware:Adware/SearchAid No disinfected C:\Recycled\Dc124.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\apprm32.dll
Adware:Adware/CWS.Aboutblank No disinfected C:\WINDOWS\system32\ntpr.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\d3za.exe
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\ievq32.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\system32\iefn32.dll
Adware:Adware/SideStep No disinfected C:\WINDOWS\Downloaded Program Files\SbCIe026.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\sxwlr.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\dsfbi.dll
Adware:Adware/Winshow No disinfected C:\WINDOWS\mfbsl.dll
Adware:Adware/OneMore.A No disinfected C:\WINDOWS\xixdw.dll
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_kspjuq.txt
Adware:Adware/SearchAid No disinfected C:\WINDOWS\n_jgukjk.dat
Adware:Adware/SearchAid No disinfected C:\WINDOWS\addav32.dll
Adware:Adware/HT401 No disinfected C:\WINDOWS\sxxhy.dll
I will be out of town this weekend, but will come back next week to see what you have advised. Thanks for your patience.