Hi thatman
I followed all your instructions step by step. I found and got rid of the files you told me. Two things though. One, when i tried to find any prefetch folder my pc kept telling me that the file is missing. Two, since you told me to get rid of the wmplayer.exe, all the icons for the windows media player are still on my computer but of course the application is not there anymore for me to run. So i'm left with all these icons and with no Windows media player which i need. What could i do about that?
Here are all the logs you asked for.
Panda logsIncident Status Location
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Anti Spam.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Black Jack Online.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Home Loan.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Network Security.url
Adware:Adware/SuperSpider No disinfected C:\Documents and Settings\Administrator\Favorites\Online Dating.url
Adware:Adware/CWS No disinfected C:\Documents and Settings\Administrator\Favorites\Online Gambling\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Online Gambling.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Online Pharmacy.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\Favorites\Spyware Removal.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\Administrator\My Documents\Your Scanner.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\All Users\Desktop\Online Dating.url
Adware:Adware/Popuper No disinfected C:\Documents and Settings\All Users\Desktop\Remove Spyware.url
Adware:Adware/Popuper No disinfected C:\Online Pharmacy.url
Adware:Adware/nCase No disinfected C:\Program Files\SoftwareInstall.exe
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\a.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\b.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ba.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bb.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\be.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bf.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bg.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bh.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bi.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bj.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bk.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bl.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bm.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bn.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bo.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bp.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bq.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\br.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bs.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bt.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bu.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bw.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bx.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\by.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\bz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\c.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ca.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cb.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ce.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cf.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cg.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ch.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ci.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cj.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ck.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cl.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cm.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cn.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\co.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cp.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cq.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cr.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cs.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ct.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cu.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cx.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\cz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\d.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\da.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\db.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dc.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dd.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\de.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\df.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\di.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dl.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dn.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dp.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dr.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ds.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dt.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\du.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dv.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dw.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dy.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\dz.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\ed.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\f.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\h.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\i.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\j.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\l.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\m.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\Main.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\n.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\p.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\q.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\r.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\s.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\t.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\u.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\w.class
Adware:Adware/TopMoxie No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\x.class
Adware:Adware/MoeMoney No disinfected C:\Program Files\WebSavingsfromEbates\System\Code\y.class
Adware:Adware/Twain-Tech No disinfected C:\WINNT\smdat32a.sys
Adware:Adware/Twain-Tech No disinfected C:\WINNT\smdat32m.sys
Adware:Adware/Popuper No disinfected C:\WINNT\system32\hhk.dll
Spyware:Spyware/Whazit No disinfected C:\WINNT\system32\kyf.dat
Spyware:Spyware/ClientMan No disinfected C:\WINNT\system32\msfaol.dll
Spyware:Spyware/Omi No disinfected C:\WINNT\system32\msfdje.gif
Spyware:Spyware/ClientMan No disinfected C:\WINNT\system32\msglji.gif
Spyware:Spyware/ClientMan No disinfected C:\WINNT\system32\msiaih.dll
Adware:Adware/Virmaid No disinfected C:\WINNT\system32\perfcii.ini
HijackThis logsLogfile of HijackThis v1.99.1
Scan saved at 1:56:42 AM, on 1/1/2002
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://search123.biz/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.startsear...earch.php?qq=%1R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.startsearches.net/bar.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.startsear...earch.php?qq=%1R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.startsear...earch.php?qq=%1R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://www.startsear...earch.php?qq=%1R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.startsear...earch.php?qq=%1R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
http://www.startsearches.net/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
http://www.qfind.net/R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=
O2 - BHO: VMHomepage Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINNT\system32\hpD374.tmp (file missing)
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: (no name) - {44BE0690-5429-47f0-85BB-3FFD8020233E} - (no file)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LiveNote] livenote.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINNT\System32\rmctrl.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 3.8\THGuard.exe"
O4 - HKLM\..\Run: [mswspl] C:\Program Files\Windows Media Player\wmplayer.exe
O4 - HKLM\..\Run: [jex] C:\WINNT\jex.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Multimedia Codecs] C:\WINNT\system32\mcc.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [cf] C:\WINNT\system32\cf.exe
O4 - HKLM\..\Run: [Windows] C:\WINNT\system32\windows\services.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Preview AdService] C:\Program Files\Preview AdService\PrevAdServ.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINNT\system32\gah95on6.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [CTFMONSS] C:\WINNT\system32\CTFMONSS.EXE
O4 - HKCU\..\Run: [CSRSSW] C:\WINNT\system32\CSRSSW.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip....tgameloader.cabO16 - DPF: Yahoo! Chat -
http://us.chat1.yimg...t/c381/chat.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....738&clcid=0x409O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -
http://www.miniclip....pGameLoader.dllO16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg...v45/yacscom.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai...all/xscan53.cabO16 - DPF: {7589EEE6-E336-11D4-8A7E-EE1D971D9B47} -
http://secure.aconti.../goodthinxx.cabO16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.bang-oluf...Objs/isetup.cabO16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) -
http://us.dl1.yimg.c.../ymmapi_416.dllO16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/...ro.cab27513.cabO16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) -
http://www.live365.c...ers/play365.cabO16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) -
http://www.shockwave...outLauncher.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://utu.popcap.co...aploader_v5.cabO16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O20 - Winlogon Notify: NavLogon - C:\WINNT\System32\NavLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINNT\system32\ZoneLabs\vsmon.exe
Ewido logs---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 1:49:57 AM, 1/1/2002
+ Report-Checksum: 6902EA6C
+ Date of database: 2/21/2002
+ Version of scan engine: v3.0
+ Duration: 58 min
+ Scanned Files: 72212
+ Speed: 20.54 Files/Second
+ Infected files: 3
+ Removed files: 3
+ Files put in quarantine: 3
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: No
+ Scanned items:
C:\
+ Scan result:
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\WINNT\system32\intmon.exe -> Trojan.Zapchast -> Cleaned with backup
::Report End
Thanks again for all your help.
This topic is locked
Sign In
Create Account
