many thanks.
Logfile of HijackThis v1.99.1
Scan saved at 9:54:15 AM, on 18/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel Chow\Desktop\HijackThis.exe
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [waqfon] c:\windows\system32\fckirqr.exe r
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
____________________________________________________________________
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 10:48:29 AM, 18/06/2005
+ Report-Checksum: 3D7570F4
+ Scan result:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ZepMon -> Spyware.BetterInternet
[1228] VM_01940000 -> Spyware.BetterInternet
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@abetterinternet[2].txt -> Spyware.Cookie.Abetterinternet
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@adsfac[2].txt -> Spyware.Cookie.Adsfac
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@atdmt[1].txt -> Spyware.Cookie.Atdmt
C:\Documents and Settings\Daniel Chow\Cookies\daniel [email protected][2].txt -> Spyware.Cookie.Btgrab
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@cliks[2].txt -> Spyware.Cookie.Cliks
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@doubleclick[1].txt -> Spyware.Cookie.Doubleclick
C:\Documents and Settings\Daniel Chow\Cookies\daniel [email protected][2].txt -> Spyware.Cookie.Com
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@offeroptimizer[2].txt -> Spyware.Cookie.Offeroptimizer
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@rn11[2].txt -> Spyware.Cookie.Rn11
C:\Documents and Settings\Daniel Chow\Cookies\daniel chow@serving-sys[2].txt -> Spyware.Cookie.Serving-sys
C:\Documents and Settings\Daniel Chow\Cookies\daniel [email protected][1].txt -> Spyware.Cookie.Adserver
C:\Documents and Settings\Daniel Chow\My Documents\Ant\recieved files\Messenger Plus! - Setup.exe/70000011.exe -> TrojanDownloader.Swizzor.af
C:\Program Downloads\Office\ORK\ORK.CAB/IEAK5CD.EXE_0003/runisp32.exe -> Heuristic.Win32.Downloader
C:\WINDOWS\mclydhmolgl.exe -> Spyware.BetterInternet
C:\WINDOWS\Nail.exe -> Trojan.Nail
C:\WINDOWS\pysokf.exe -> Spyware.BetterInternet
C:\WINDOWS\svcproc.exe -> Trojan.Stervis.c
::Report End