Ant200thelink Posted March 11, 2006 Report Share Posted March 11, 2006 everytime I try to use the task Manager it say it was disabled by the Admin. so I turn it back on, then the next time I log on it is turn off againPlease help me with this, amoung other thingsLogfile of HijackThis v1.99.1Scan saved at 4:43:11 PM, on 3/11/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\WINDOWS\System32\cmd32.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Sony Handheld\HOTSYNC.EXEC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\wuauclt.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfileO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXEO4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htmO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.spamblockerutility.com/ins...ckerutility.cabO16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c9.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.salisbury.edu/activex/AxisCamControl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeO23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Link to post Share on other sites
therock247uk Posted March 12, 2006 Report Share Posted March 12, 2006 We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP, or Service Pack 4 if you are running Win2k. Without this update, you're wide open to re-infection, and we're both just wasting our time.Click hereApply the update, reboot, and post a fresh Hijack This log. Link to post Share on other sites
Ant200thelink Posted March 13, 2006 Author Report Share Posted March 13, 2006 I think I did it right, so here it is...Logfile of HijackThis v1.99.1Scan saved at 6:45:31 PM, on 3/13/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\WINDOWS\System32\cmd32.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Sony Handheld\HOTSYNC.EXEC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R3 - Default URLSearchHook is missingO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfileO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXEO4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htmO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.spamblockerutility.com/ins...ckerutility.cabO16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c9.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.salisbury.edu/activex/AxisCamControl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeO23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Link to post Share on other sites
therock247uk Posted March 14, 2006 Report Share Posted March 14, 2006 Try this link instead. http://www.microsoft.com/windowsxp/downloa...1/expresso.mspx Link to post Share on other sites
Ant200thelink Posted March 14, 2006 Author Report Share Posted March 14, 2006 because of the infections my computer is running very slowis there a way I can clean up some of of these viruses so I can download the upgrade Link to post Share on other sites
therock247uk Posted March 15, 2006 Report Share Posted March 15, 2006 Please download ewido anti-malware it is a trial version of the program.Install ewido anti-malwareWhen installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".Launch ewido, there should be an icon on your desktop double-click it.The program will now go to the main screenYou will need to update ewido to the latest definition files.On the left hand side of the main screen click updateThen click on Start UpdateThe update will start and a progress bar will show the updates being installed.If you are having problems with the updater, you can use this link to manually update ewido.ewido manual updatesBoot into safemode to do this keep tapping F8 on your keyboard while your PC is starting up you will get a menu select safemode.Open Ewido againClick on scannerClick on Complete System Scan and the scan will begin.While the scan is in progress you will be prompted to clean files, click OKWhen it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.Once the scan has completed, there will be a button located on the bottom of the screen named Save reportClick Save report.Save the report .txt file to your desktop.Now close ewido anti-malware.Reboot and Post the report Ewido made and a new Hijackthis log here in a reply. Link to post Share on other sites
Ant200thelink Posted March 16, 2006 Author Report Share Posted March 16, 2006 Such of the pop ups are gone, but I'm still running slowHJT LogLogfile of HijackThis v1.99.1Scan saved at 7:09:27 PM, on 3/15/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Sony Handheld\HOTSYNC.EXEC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\System32\wuauclt.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\Windows Media Player\wmplayer.exeC:\Program Files\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R3 - Default URLSearchHook is missingO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXEO4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htmO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.spamblockerutility.com/ins...ckerutility.cabO16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c9.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.salisbury.edu/activex/AxisCamControl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeO23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exeEwido log ewido anti-malware - Scan report--------------------------------------------------------- + Created on: 7:04:52 PM, 3/15/2006 + Report-Checksum: 879F420 + Scan result: C:\Documents and Settings\Jay\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Jay\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup C:\Documents and Settings\Jay\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup C:\Documents and Settings\Jay\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup C:\Documents and Settings\Jay\Cookies\[email protected][2].txt -> TrackingCookie.Valuead : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup C:\Documents and Settings\Jay\Cookies\jay@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup C:\Documents and Settings\Jay\Local Settings\Temporary Internet Files\Content.IE5\01234567\rdgUS2397[1].exe -> Downloader.Small.ayl : Cleaned with backup C:\ezStub.exe -> Adware.EZula : Cleaned with backup C:\installer\id53.exe -> Trojan.SecondThought.g : Cleaned with backup C:\mfcky.exe.bad -> Downloader.Agent.bq : Cleaned with backup C:\Overpro323.exe -> Downloader.Agent.ac : Cleaned with backup C:\Program Files\Aprps -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_23-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_24-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_25-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_26-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_27-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_28-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\AI_29-07-2005.log -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\atl.dll -> Adware.Apropos : Cleaned with backup C:\Program Files\Aprps\data.bin -> Adware.Apropos : Cleaned with backup C:\Program Files\backups\backup-20050730-034100-204.dll -> Adware.Wintol : Cleaned with backup C:\Program Files\backups\backup-20050730-051329-809.dll -> Adware.Wintol : Cleaned with backup C:\Program Files\ClockSync -> Adware.WhenU : Cleaned with backup C:\Program Files\ClockSync\Sync.exe_tobedeleted -> Adware.WhenU : Cleaned with backup C:\Program Files\Common Files\lucttomq\lntnomufao\dammrralu.exe -> Adware.Gator : Cleaned with backup C:\Program Files\Common Files\lucttomq\noonmqrb\ucmorqcc.exe -> Adware.Gator : Cleaned with backup C:\Program Files\EbatesMoeMoneyMaker -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\EbatesMoeMoneyMaker\System -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\EbatesMoeMoneyMaker\System\Temp -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\EbatesMoeMoneyMaker\System\Temp\dump.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\EbatesMoeMoneyMaker\System\Temp\run.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\Internet Explorer\fpbpdsfr.exe -> Downloader.Delf.aeu : Cleaned with backup C:\Program Files\Internet Explorer\rptjvomh.exe -> Downloader.Delf.aeu : Cleaned with backup C:\Program Files\Internet Explorer\ryoa.exe -> Downloader.Delf.aeu : Cleaned with backup C:\Program Files\Internet Explorer\xbpshbcz.exe -> Trojan.Small.ev : Cleaned with backup C:\Program Files\Kazaa\TopSearch.dll -> Adware.Altnet : Cleaned with backup C:\Program Files\MaxSpeed -> Adware.SideFind : Cleaned with backup C:\Program Files\MemoryWatcher -> Adware.MemoryWatcher : Cleaned with backup C:\Program Files\Preview AdService -> Adware.WinTaskAd : Cleaned with backup C:\Program Files\Preview AdService\Info.txt -> Adware.WinTaskAd : Cleaned with backup C:\Program Files\SEP -> Adware.SideFind : Cleaned with backup C:\Program Files\SEP\Uninst.exe -> Adware.SideFind : Cleaned with backup C:\Program Files\STC\60odhr0b.exe -> Dropper.Small.sc : Cleaned with backup C:\Program Files\STC\slmss.exe -> Trojan.SecondThought.a : Cleaned with backup C:\Program Files\WebSavingsfromEbates -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\merchants.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\systemdata1.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\tt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\tt\data_ebws400.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\tt\data_excludes_ebws400.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\ApplicationData\updates.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\cmpck.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\mercj400.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\Applications\psid410.dls -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Code -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Html -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Images -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\MTemp -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\MTemp\logfile.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\System -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\System\Temp\dump.txt -> Adware.MoneyMaker : Cleaned with backup C:\Program Files\WebSavingsfromEbates\WebSavingsfromEbates1.exe -> Adware.MoneyMaker : Cleaned with backup C:\SaveInstCsSm.exe/Save.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/SaveUninst.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/Save.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/SaveUninst.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/Search.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/Search.exe -> Adware.SaveNow : Error during cleaning C:\SaveInstCsSm.exe/DnldStub.exe -> Downloader.Small.kl : Error during cleaning C:\SaveInstCsSm.exe/DnldStub.exe -> Downloader.Small.kl : Error during cleaning C:\WINDOWS\bx23moc5.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\Downloaded Program Files\243461__.exe517 -> Trojan.Dialer.it : Cleaned with backup C:\WINDOWS\Downloaded Program Files\243461__.exe663 -> Trojan.Dialer.it : Cleaned with backup C:\WINDOWS\Downloaded Program Files\243461__.exe772 -> Trojan.Dialer.it : Cleaned with backup C:\WINDOWS\Downloaded Program Files\CONFLICT.1\rdgUS2397.exe -> Downloader.Small.ayl : Cleaned with backup C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UWFX5_0001_N57M2811NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Cleaned with backup C:\WINDOWS\Downloaded Program Files\HbInstIE.dll -> Adware.HotBar : Cleaned with backup C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll -> Adware.WinAD : Cleaned with backup C:\WINDOWS\Downloaded Program Files\rdgUS2397.exe -> Downloader.Small.ayl : Cleaned with backup C:\WINDOWS\Downloaded Program Files\UWFX5_0001_N57M2811NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.b : Cleaned with backup C:\WINDOWS\Downloaded Program Files\UWFX5_0001_NI530211NetInstaller.exe -> Not-A-Virus.Downloader.Win32.Agent.f : Cleaned with backup C:\WINDOWS\Downloaded Program Files\v3.dll -> Adware.EliteBar : Cleaned with backup C:\WINDOWS\loadclean.exe -> Downloader.Delf.aeu : Cleaned with backup C:\WINDOWS\loadnew.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\mtog7gub.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\n5c24abt.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\oug007mo.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\p6hddt7z.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\rhfgi8yk.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\system32\AdCache -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_0_0_105300.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_0_0_106800.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_0_0_107400.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_449200.gif -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_449200.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_449600.gif -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_449600.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_454300.gif -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_1_0_454300.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_2_0_105300.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_2_0_106800.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_2_0_107400.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_3_0_105300.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_3_0_106800.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_3_0_107400.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_4_0_111600.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_4_0_152400.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_4_0_155300.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\AdCache\B_329_4_0_164100.htm -> Adware.Cydoor : Cleaned with backup C:\WINDOWS\system32\b2search.exe -> Adware.EZula : Cleaned with backup C:\WINDOWS\system32\cmd32.exe -> Downloader.Delf.aeu : Cleaned with backup C:\WINDOWS\system32\nsfCA.dll -> Adware.Beginto : Cleaned with backup C:\WINDOWS\system32\nsrE2.dll -> Adware.Beginto : Cleaned with backup C:\WINDOWS\system32\nstBE.dll -> Adware.Beginto : Cleaned with backup C:\WINDOWS\system32\nsv15C.dll -> Adware.EZula : Cleaned with backup C:\WINDOWS\system32\nswC4.dll -> Adware.Beginto : Cleaned with backup C:\WINDOWS\system32\scmt16.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\vy1q0ruo.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINDOWS\y1c7533v.exe -> Downloader.Small.ckj : Cleaned with backup C:\WINNT\96wu19rd.exe -> Dropper.Small.sc : Cleaned with backup C:\WINNT\Admsarvw.gef\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Adoafkzen.ljm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Afewywadqgr.ket\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Afwdque.pko\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ageosypdvro.mej\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Agocctpcozf.fsk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Akedzdlye.pox\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Aknftre.ebt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Alchvpfo.ufu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Amvmknqrd.fun\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ancxvibyim.xse\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Apnmljrfxm.izb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Arnnapfa.zmj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Aspabrry.oxv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Atfuhuaiwb.udh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Atmiijaiop.hrw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Aynnadtohls.dew\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ayyskoird.vbq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Azbuaxuc.arb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Azzkbeubc.vzx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Baoaezix.lol\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bbcpvyolz.sxi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bddkjlme.btj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bhzxrolozxk.tfx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bipufqm.xdf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bjmizhtmz.cra\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bjnzvyhmts.jru\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bptsxrgtxya.gqc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Brezanq.loq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Btzkrigk.njg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bvyeasykj.sur\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Bxiwjcqyv.yvv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Carzajchuqh.rkh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cevhztesub.kxf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cfuwlqf.gle\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cfvpkssnxog.baw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ciejkkg.oag\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cmttxrncg.ycv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cnyaqdqidd.xda\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cpozxrba.jyy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cqjstslmul.jsr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cqobwkljv.avw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cqtncacuo.beh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Crdrvtorz.eto\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cssazyqymno.ajp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cuizpmd.ird\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cyjmvzl.xmv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Cyycrww.ekb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Dcxwgzolore.qqq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Djlnhdmx.uma\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Dnfdqwdo.ofa\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Downloaded Program Files\BridgeX.dll -> Downloader.Briss.a : Cleaned with backup C:\WINNT\Downloaded Program Files\clientax.dll -> Adware.180Solutions : Cleaned with backup C:\WINNT\Downloaded Program Files\CONFLICT.1\m67m.ocx -> Adware.MediaMotor : Cleaned with backup C:\WINNT\Downloaded Program Files\CONFLICT.1\YSBactivex.dll -> Downloader.IstBar.fa : Cleaned with backup C:\WINNT\Downloaded Program Files\CONFLICT.2\m67m.ocx -> Adware.MediaMotor : Cleaned with backup C:\WINNT\Downloaded Program Files\loader2.ocx -> Downloader.Agent.ex : Cleaned with backup C:\WINNT\Downloaded Program Files\m67m.ocx -> Adware.MediaMotor : Cleaned with backup C:\WINNT\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.a : Cleaned with backup C:\WINNT\Dpwdveeiwxv.ndy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Dryteppndhe.mva\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Dxdnvwrqyzo.nvi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ecnpkob.ngl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Edpfaaxvq.css\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Eemoeggpirp.cbb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Eeqeinrrqqu.unb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Egiagqlwwj.ozi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Egoencszf.vis\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Eihvkbx.hao\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ennjzssn.njo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Epgwfxy.jat\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Etlnznltlwn.ytl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Evrejrjqsq.ipu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ewswtbx.gnw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Eyxqdcrot.wbf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ffgkzsopa.nww\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fgjskwhxa.bbe\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fgzybvcz.sdo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fhcszbgspbs.wxf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fhojjonqsz.mxo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fiqpicpbpjo.foe\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fjtzeujpf.its\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fmeztppwmob.ite\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fngwgixz.wjc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fqzxkvy.lew\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Frgkorovnw.sxd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fryhjeenbvq.nan\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fsjozed.bvt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fuplyzy.ipd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fvomybbjim.eko\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Fytufyedbx.kda\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gcikgota.irr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Geeihpw.yep\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ghlpmylmxwn.ghd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gkkdasxxbku.xam\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Glclhyxrq.kbz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Glsdedyouo.hnd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Glyxzgjnur.ybp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gnexxzpk.edo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gonyhqyqeb.rnj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gptsdxy.dht\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Grctskv.ydz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gudinifmje.oam\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Gvqbqot.iev\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hazdzyygc.tsb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hfyihymc.hql\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hjbblig.pzb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hkihacloxvq.zyt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hlqgqqrqfa.jgl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hnvybif.vut\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hoipkoad.ckm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hrsscxql.imr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hsiqrvugbm.cug\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Huhdbtqxhxn.hxz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hujzkptz.ret\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hvsrztunhf.vxw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hwbnhxmwkwr.jxr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Hzeozlty.eiq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ibnltqfglgk.cwi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Iezmtjbcw.eel\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ignwyseyptk.eid\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ijeykdjxi.fnm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ilorggvjbng.ybb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ilwlgat.kcf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Innnlbm.dum\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ipbzrqihslu.qmt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\iplg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINNT\Ipvpmxu.mcw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Iqguyebz.qbe\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\javahg32.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINNT\Jivecup.gea\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jkchwgnva.lvs\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jlmcpjbmnhf.tkd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jlrwdoscrq.liv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jminplen.dad\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jmitmwphcn.vvm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jpuwvkq.wnp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Jwqmseiknqw.mbv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kcginne.lzo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kctdjeo.mjn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kejugib.rjb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kfujalkcz.gtk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kgwhjdvi.ogr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Khpfjcjbtt.xtw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kmpkbhullm.lty\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kmrbtzsox.ilw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Koophsnuykk.alq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Krgahgd.kxp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Krkbkwmzhxd.uqi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kwnzdbnph.ltq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kxlscgllqu.gqy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kyyrlsugl.qmn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Kzempujz.avq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lacgatrnv.gig\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\launchurl.exe -> Trojan.Zapchast : Cleaned with backup C:\WINNT\Lcblneylfs.mhe\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lhsxdordwl.guv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lijardn.mkj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ljhhlvd.tte\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lknqwpm.lad\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lmvkdfxmwp.psq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lpdcaohtj.cpf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lpdyiwzh.pln\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lrbyhtlths.osu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lrzkbxdh.szg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lsutmzw.vyg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lweskdckvhv.psr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lwsrpwb.kfr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lxxueohujs.gzf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Lzernjbsk.mnv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\MediaMotor25.exe -> Downloader.Small.aak : Cleaned with backup C:\WINNT\Mesrgtoal.ahx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Mhfzuhpis.xrn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\minigolf_affiliate.exe -> Downloader.Agent.f : Cleaned with backup C:\WINNT\MM32.exe -> Downloader.Small.aak : Cleaned with backup C:\WINNT\Mopfhkjssgq.aky\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Mqrqsryr.dll -> Adware.SearchBand : Cleaned with backup C:\WINNT\Mugiksoue.wit\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Mvmxcljthu.wnh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Mxyeinp.xfg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nahcgxp.jvk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nbfdzxnn.cmg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nbpofigyh.htl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ndayytutrf.udi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nicstmmypl.chg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nkhiksutcqi.zbh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nlbiwrcz.ytn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nmohrhqrta.xid\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nnmihgb.pfa\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Novlopqmjn.wzh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Npscpxd.tgo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nupogippo.xhr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nyejmogbejy.dwv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Nyumijau.zgc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Obrbqiq.rsi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ochzsttva.swv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ocwmuigi.foc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Odthvey.gyh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Oecvqsywyw.tzk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ofvenhvwz.bss\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Okpfmsnmj.iij\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Omtjcyi.tll\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Onowulbesya.pyw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Onuhuan.nld\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Onwzubgysp.qoc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Oofhvts.pwu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Owgcndubot.hob\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ozmlahdta.ypq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Oztrcfgxq.ton\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pajpqnm.nfh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Payfeqveitg.bek\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pcmprzm.ffr:xmmps -> Downloader.Agent.bc : Cleaned with backup C:\WINNT\Pdchptza.ish\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Phpqifibxe.ekc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Phqcsyt.lda\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pivfjhevkif.wcu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Poivdscbxpc.rov\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pqivdwvtsa.oih\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pqqbgveo.cxk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Prebuth.omf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\prelimhanse.exe -> Adware.WebHancer : Cleaned with backup C:\WINNT\Putdrwm.ygu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pwodflaxn.wny\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pwvzedpf.bbd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pwxzaohpmp.pur\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pxbpumne.qnf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Pzuvdbxbt.unl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qbmfekkacfu.jcq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qerkoayqzcq.rhp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qhtrdes.eqc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qmjoyyxnmd.mvg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qodqcmt.jqp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qogjwoygv.qql\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qpbkihun.vvx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qscmyzq.nhp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qvviaakzw.rlz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qwdvvtjc.hfk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qymqsevde.khn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qyotbco.ulw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qzesxnikfsz.tvq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Qzvjxjkyefx.psq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rbygvzkkyt.ctw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rceneuad.cka\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rdbadpouiag.wkb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Reawelm.hky\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rfoolbwpyj.zui\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rfovojdm.sep\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rirfehbcon.ply\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rjwpvwljzw.vrf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rlwjbjtvtg.wgt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Roxtmhsy.mnd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Rwoqdutwbg.zhv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\sahagent-fellymedia1002.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Satymomahc.kri\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Sbeqynkkrg.skq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Sdrzlslcda.jfc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Sfiewxa.acc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Smhtwbr.sty\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Sqxfyhlffw.ldt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Srcpcpr.vwt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Sulvoncev.qkk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Suujhwopx.gzp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\system32\2ndsrch.dll -> Trojan.SecondThought.ag : Cleaned with backup C:\WINNT\system32\apuc.dll -> Adware.BargainBuddy : Cleaned with backup C:\WINNT\system32\install2.exe -> Trojan.SecondThought.l : Cleaned with backup C:\WINNT\system32\lcinstaller.exe -> Adware.WinAD : Cleaned with backup C:\WINNT\system32\msjq.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINNT\system32\netuk.exe -> Trojan.Agent.bi : Cleaned with backup C:\WINNT\Szcljnsuxu.pmh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Tbatzvyim.oxn\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Tqawjchmp.ryb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Tsrvopg.kty\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Tteqqdra.nur\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ttjslncu.evj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Tudrbacm.tec\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Twynqhs.ubj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uavjdgj.snb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ubvurrndy.mly\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ucharelc.atp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Udktrnv.wis\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uhlyetbfw.uqb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uhoqqmgig.ytt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uhvwyvi.nza\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ulyqnsd.fed\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\UnstSA2.exe -> Dropper.Delf.z : Cleaned with backup C:\WINNT\Unswyezsx.uzf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Upxsdkq.bpi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Urdupxrjc.rvh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Usemebfk.erg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Usjqvayjc.mps\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Utnegjd.ari\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uxqkoway.dwg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Uzmoupilekh.cvo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vbkhyjzq.rxy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vduyvivm.oxc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vdwunwginpe.tvi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vdzbxbdofnb.igm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Viuvmweyo.gcd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vjisaaon.xll\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vlocmtve.opx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vozobkm.nuk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vpkwcqqjaus.xdl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vqcrrhsrvgz.eji\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vqegqea.qll\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vqrshtzdo.kab\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vrbixmlapb.kyq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vyucbltk.vpa\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Vzjpyowufn.pcd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Waznbxgvt.qxs\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wficzqbdemp.iur\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wgtnoytfiwp.qyw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Whrbxstk.kwo\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\WildApp.dll -> Adware.MediaTickets : Cleaned with backup C:\WINNT\winhy32.dll -> Downloader.Agent.bc : Cleaned with backup C:\WINNT\Wiozeit.jba\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wjspxfvjyz.xnm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wllqebu.isx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wlucecppyh.yhq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wtcpwboe.qhz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wtlnythormd.fni\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wuodpceerzu.biq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wwwijooiv.ndi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Wywkbhsjg.kbj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xcohcehbjda.miw\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xdruteelj.gwu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xenzqjrsq.edy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xhqzpgrvysp.pya\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xiawoxe.luu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xneqkhwhr.bts\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xnngcyqxon.ylz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xoqskxnhwj.gjx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xrlnszz.nze\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xryoehjue.ozm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xuzkchr.kzr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xveswjggfc.xwd\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xxmmsxwkgs.mkz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xxsnnhejtvu.qen\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xxwfkcryvtg.jfc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Xygrgaej.smp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yaoevfhfrgq.ftb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ycyoyest.jcx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yczxzax.zac\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yezbhoqnh.anu\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yghkzozbpwz.zae\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yhbavivnpxg.iwi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yigyjbwv.ebj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yiqldfdvfn.hyc\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ymumpcxyw.pfr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ymwfqgwxga.bqk\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Ystnuogpphc.qsv\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yujuqkcew.him\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yulssbui.hlt\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yuuffdedsv.krr\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yvcpdkb.sbq\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yxinamuwfr.pwy\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yxzstknl.osp\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yykqvyjohqn.bhf\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Yzcrzdouo.ywe\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zbrggrc.qoi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zgdgxiepeyn.axx\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zhyusonjlmi.ufl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zijazam.grh\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zirlbvtml.xgb\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zoakjuv.ddi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zokwkha.bmm\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zopipplx.zot\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zuzseebcm.obz\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zvfqxqpke.pmj\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zwfafwvu.fms\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zwzspveirql.hkg\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zxcdhpgecff.uvi\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\Zxkgmtoto.ijl\sah.exe -> Adware.Sahat : Cleaned with backup C:\WINNT\_default.pif:bmfff -> Downloader.Agent.bq : Cleaned with backup C:\WINNT\_default.pif:uiojq -> Downloader.Agent.bc : Cleaned with backup::Report End Link to post Share on other sites
therock247uk Posted March 16, 2006 Report Share Posted March 16, 2006 You may want to print out these instructions for reference, since you will have to restart your computer during the fix.Please download AproposFix from here:http://swandog46.geekstogo.com/aproposfix.exeSave it to your desktop but do NOT run it yet.Then please reboot your computer in Safe Mode by doing the following:1) Restart your computer2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.3) Instead of Windows loading as normal, a menu should appear4) Select the first option, to run Windows in Safe Mode.Once in Safe Mode, please double-click aproposfix.exe and unzip it to the desktop. Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.When the tool is finished, please reboot back into normal mode, and post a new HijackThis log, along with the entire contents of the log.txt file in the aproposfix folder. Link to post Share on other sites
Ant200thelink Posted March 16, 2006 Author Report Share Posted March 16, 2006 Alrighty...It looks like Aproposfix didn't do anything, but I don't know..log of AproposFix v1.1 ************ Running from directory: C:\Documents and Settings\Jay\Desktop\aproposfix************ Registry entries found: ************ No service found! Removing hidden folder: No folder found! Deleting files: Backing up files: Done! Removing registry entries: REGEDIT4 Done! Finished! HJT logLogfile of HijackThis v1.99.1Scan saved at 5:55:29 PM, on 3/16/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Sony Handheld\HOTSYNC.EXEC:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeC:\Program Files\ewido anti-malware\ewidoctrl.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\System32\wuauclt.exeC:\WINDOWS\System32\wuauclt.exeC:\Program Files\HijackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfmR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R3 - Default URLSearchHook is missingO2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\ycomp5_6_0_0.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exeO4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\CA\ETRUST~1\ETRUST~3\ca.exeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exeO4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTARTO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXEO4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.htmlO8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htmO8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htmO9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} - http://installs.spamblockerutility.com/ins...ckerutility.cabO16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c9.cabO16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.salisbury.edu/activex/AxisCamControl.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exeO23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exeO23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeO23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Link to post Share on other sites
therock247uk Posted March 17, 2006 Report Share Posted March 17, 2006 Ok can you please install service pack 1 now... Link to post Share on other sites
therock247uk Posted April 5, 2006 Report Share Posted April 5, 2006 Inactive topic...If you still need help on this problem, contact me or one of the Moderators to re-open this up.Topic closed. Link to post Share on other sites
Recommended Posts