This is the result of my Ewido scan:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 12:06:05 PM, 7/5/2005
+ Report-Checksum: 7037D002
+ Scan result:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
HKU\S-1-5-21-1214440339-926492609-725345543-1000\Software\Microsoft\Internet Explorer\Explorer Bars\{2CF0B992-5EEB-4143-99C0-5297EF71F444} -> Spyware.BrowserAid : Cleaned with backup
HKU\S-1-5-21-1214440339-926492609-725345543-1000\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Spyware.InternetOptimizer : Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\7QRP5UAB\load01[1].exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\Documents and Settings\Serena\Cookies\serena@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Serena\Cookies\serena@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Serena\Cookies\serena@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Common Files\Verizon Online\ConnMgr\Verizon Online.exe -> Heuristic.Win32.Dialer : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\88776928-DE79-44FC-B483-E05D44\7B7642AB-CB87-4434-B3FF-D92A09 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\F588CEE6-AD02-4825-92FF-41BFEB\5B61D259-BCB8-43AF-A8D4-06FFF9 -> TrojanDownloader.Agent.pi : Cleaned with backup
C:\winloadhh.dll -> TrojanDownloader.Small.asy : Cleaned with backup
C:\WINNT\Downloaded Program Files\gdnUS1865.exe -> TrojanDownloader.Small.ayl : Cleaned with backup
C:\WINNT\gds5.dll -> TrojanDownloader.Small.azf : Cleaned with backup
C:\WINNT\Ipmc.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\ModemDet.txt:aztdel -> Trojan.Agent.em : Cleaned with backup
C:\WINNT\security_and_privacy.htm:qshui -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINNT\sysmf32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINNT\system32\24234.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\4223718.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\529119531.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\57630546.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\615529078.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\701944109.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\intel32.exe -> Trojan.Agent.ff : Cleaned with backup
C:\WINNT\system32\winldra.exe -> Backdoor.Dumador.cz : Cleaned with backup
C:\WINNT\system32\zolker001.dll -> TrojanDownloader.Agent.pi : Cleaned with backup
C:\WINNT\UnstSA5.exe -> TrojanDropper.Delf.z : Cleaned with backup
C:\WINNT\UPGRADE.TXT:vhjbaw -> Trojan.Agent.em : Cleaned with backup
C:\WINNT\WinPoET_PreInstallation.txt:wyspcb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINNT\_default.pif:ebfpb -> TrojanDownloader.Agent.bq : Cleaned with backup
C:\WINNT\_default.pif:tzuwf -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINNT\_default.pif:vhcfr -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINNT\_default.pif:zjydq -> TrojanDownloader.Agent.bq : Cleaned with backup
::Report End
This is the result of my active scan:
Incident Status Location
Virus:W32/Smitfraud.B Disinfected Operating system
Adware:Adware/Smitfraud No disinfected C:\WINNT\System32\OLEADM.dll
Adware:Adware/CWS.Yexe No disinfected C:\WINNT\stchost.exe
Adware:Adware/Smitfraud No disinfected C:\WINNT\System32\intel32.exe
Virus:Bck/Haxdoor.A Disinfected Operating system
Adware:Adware/SAHAgent No disinfected C:\WINNT\System32\SahImages
Adware:Adware/CWS.Yexe No disinfected C:\WINNT\stchost.exe
Adware:Adware/VirtualBouncer No disinfected C:\WINNT\Downloaded Program Files\BundleOuter*.exe
Adware:Adware/DelFinMedia No disinfected C:\keys.ini
Virus:Trj/Dumarin.H Disinfected Operating system
Adware:Adware Program No disinfected C:\$$$_.log
Adware:Adware/CWS.Searchmeup No disinfected C:\WINNT\toolbar.exe
Adware:Adware/StoolBar No disinfected Windows Registry
Adware:Adware/AzeSearch No disinfected C:\WINNT\System32\ztoolbar.bmp
Virus:Bck/Dumador.O Disinfected Operating system
Adware:Adware/Adsmart No disinfected C:\dkload.exe
Adware:Adware/Popuper No disinfected Windows Registry
Adware:Adware/Smitfraud No disinfected C:\WINNT\System32\oleadm.dll
Adware:Adware/PsGuard No disinfected C:\Documents and Settings\All Users\Desktop\PSGuard.lnk
Adware:Adware Program No disinfected C:\$$$_.log
Adware:Adware/CWS.Searchmeup No disinfected C:\dkload.exe
Adware:Adware/PsGuard No disinfected C:\Documents and Settings\All Users\Desktop\PSGuard.lnk
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\All Users\Start Menu\PopUp Blocker.lnk
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\All Users\Start Menu\Spyware Remover.lnk
Virus:Trj/Classloader.B Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\in_s.class-18fee360-78152e91.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-6a595dd3-66083253.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-6a595dd3-66083253.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-6a595dd3-66083253.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar.jar-6a595dd3-66083253.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2fdafaa7-2899a417.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2fdafaa7-2899a417.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2fdafaa7-2899a417.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-2fdafaa7-2899a417.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-4e089340-388aa5c9.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-4e089340-388aa5c9.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-4e089340-388aa5c9.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-4e089340-388aa5c9.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-54c913c1-4d975df5.zip[GetAccess.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-54c913c1-4d975df5.zip[InsecureClassLoader.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-54c913c1-4d975df5.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-54c913c1-4d975df5.zip[Installer.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68717ba7-5785c8df.zip[BlackBox.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68717ba7-5785c8df.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68717ba7-5785c8df.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-68717ba7-5785c8df.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[Counter.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[Gummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[VerifierBug.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[Worker.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[Xeyond.class]
Virus:Trj/Downloader.CHD Disinfected C:\Documents and Settings\Dave Gibson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-6f6bfb45-213ea776.zip[web.exe]
Adware:Adware/AzeSearch No disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\86PEUG56\loadppc[1].exe
Adware:Adware/DelFinMedia No disinfected C:\keys.ini
Adware:Adware/CWS.Yexe No disinfected C:\sys39491099.exe
Adware:Adware/VirtualBouncer No disinfected C:\WINNT\Downloaded Program Files\BundleOuter2501031120.EXE
Adware:Adware/CWS.Aboutblank No disinfected C:\WINNT\n_vtnscb.dat
Adware:Adware/CWS.Yexe No disinfected C:\WINNT\stchost.exe
Adware:Adware/Smitfraud No disinfected C:\WINNT\system32\intel32.exe
Adware:Adware/Smitfraud No disinfected C:\WINNT\system32\oleadm.dll
Adware:Adware/CWS.Searchmeup No disinfected C:\WINNT\system32\systime.exe
Virus:W32/Smitfraud.B Disinfected C:\WINNT\system32\wininet.dll
Adware:Adware/AzeSearch No disinfected C:\WINNT\system32\ztoolbar.bmp
Adware:Adware/CWS.Searchmeup No disinfected C:\WINNT\toolbar.exe
I hope this is how I"m supposed to do this. I'm sorry if it isn't. Thanks for your time.
Dave