Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No Internet Explorer connection [CLOSED]


  • This topic is locked This topic is locked

#1
beavy1969

beavy1969

    New Member

  • Member
  • Pip
  • 8 posts
I hope i am posting in the right area, i have no connection on IE, yet firefox is ok. My
recovery cd's will not work telling me they are not for the model i am using yet they were purchased from the manufacturer, can anyone point me in the right direction, any help appreciated.





Logfile of HijackThis v1.99.1
Scan saved at 7:52:03 PM, on 9/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Steve\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tpg.com.au/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iprimus.com.au/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [uhmpadv] C:\WINDOWS\system32\yefxrni.exe r
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Systweak Wallpaper Changer] wallpaper.exe -minimize
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe"
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.co...ml/gtdownlr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda..../aub/games4.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2822.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
  • 0

Advertisements


#2
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Hi and welcome to GeeksToGo! My name is Sam and I will be helping you. :tazz:

Before we can get started on fixing your problem you must change the location of Hijackthis. It should not run directly from your desktop or a temp directory. Please create a directory on your c: drive called c:\hijackthis and download and unzip hijackthis into that directory. Run the program from that directory from now on. It is essential that you follow these steps or certain important features of the program will not function correctly.

Once you have Hijackthis running from a permanent folder, please reboot and post a new hijackthis log.
  • 0

#3
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you for your help Sam, bear with me as i am not fully aware of exactly what is affecting the system.



Logfile of HijackThis v1.99.1
Scan saved at 8:10:07 PM, on 10/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TrojanHunter 4.2\THGuard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tpg.com.au/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iprimus.com.au/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [uhmpadv] C:\WINDOWS\system32\yefxrni.exe r
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Systweak Wallpaper Changer] wallpaper.exe -minimize
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe"
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.co...ml/gtdownlr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda..../aub/games4.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2822.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
  • 0

#4
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
I see a few issues in your log. Let's get those cleaned up first and then we'll see about fixing IE.

Please follow these steps:
  • Please make sure that you can View Hidden Files
    • Click Start -> My Computer
    • Select Tools -> Folder options
    • Select the View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled.
    • Also make sure that 'Display the contents of system folders' is checked.
    • For more info on how to show hidden files click here.


  • Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then close all other windows--you should only see HijackThis on your Desktop--and click the Fix Checked button.


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
    O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - (no file)
    O4 - HKLM\..\Run: [uhmpadv] C:\WINDOWS\system32\yefxrni.exe r
    O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c9.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...ip/RdxIE601.cab
    O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda..../aub/games4.cab




  • Delete this file (Do not be concerned if it does not exist):


    C:\WINDOWS\system32\yefxrni.exe


Please run Panda Online Virus Scan
  • You must allow the active-x control to run when asked.
  • There may be files that this scan will not remove.
  • Please include that information in your next post.
Reboot and post a new hijackthis log and the info from your virus scan.
  • 0

#5
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Have done the operations requested, but the panda virus scan says it will only work with ie, not firefox.........


Logfile of HijackThis v1.99.1
Scan saved at 3:33:28 PM, on 10/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tpg.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iprimus.com.au/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Systweak Wallpaper Changer] wallpaper.exe -minimize
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe"
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.co...ml/gtdownlr.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2822.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
  • 0

#6
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Have done the operations requested, but the panda virus scan says it will only work with ie, not firefox.........


Logfile of HijackThis v1.99.1
Scan saved at 3:33:28 PM, on 10/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tpg.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iprimus.com.au/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Systweak Wallpaper Changer] wallpaper.exe -minimize
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe"
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.co...ml/gtdownlr.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2822.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
  • 0

#7
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Have done the operations requested, but the panda virus scan says it will only work with ie, not firefox.........


Logfile of HijackThis v1.99.1
Scan saved at 3:33:28 PM, on 10/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tpg.com.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.iprimus.com.au/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://vaio-online.sony.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:2323
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [Systweak Wallpaper Changer] wallpaper.exe -minimize
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Program Files\Advanced System Optimizer\adblock.exe"
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://vaio-online.sony.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} - http://inst.c-wss.co...ml/gtdownlr.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n7/dlhelper.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - http://entimg.msn.co...snmusax2822.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
  • 0

#8
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Please download Bit Defender 8 Free Edition
  • Install the program and then follow the prompts to download all available updates.
  • Perform a full scan on your Local drive.
  • When the scan is complete save the log and post it back here in your next reply.

  • 0

#9
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Ok thanks, here is the report.


//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 10/10/2005 21:45:12
//
//-----------------------------------------------------------------


Statistics

Scan path : C:\
D:\
E:\
F:\
Folders : 3872
Files : 432751
Archives : 8955
Packed files : 56399
Identified viruses : 20
Infected files : 201
Warnings : 0
Suspect files : 15
Disinfected files : 0
Deleted files : 113
Copied files : 0
Moved files : 110
Renamed files : 0
I/O errors : 75
Scan time : 01:14:55
Scan speed (files/sec) : 96

Virus definitions : 219521
Scan plugins : 13
Archive plugins : 39
Unpack plugins : 4
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Summary:

C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6525bd3e-747a65b8.zip=>Dummy.class Infected Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6525bd3e-747a65b8.zip=>Dummy.class Disinfection failed
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6525bd3e-747a65b8.zip Moved
C:\Program Files\Norton AntiVirus\Quarantine\005671DD.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\005671DD.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\005671DD.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\011A4905.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\011A4905.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\011A4905.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\01E24A2A.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\01E24A2A.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\01E24A2A.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\02A94B4F.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\02A94B4F.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\02A94B4F.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\036D2277.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\036D2277.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\036D2277.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\04374D99.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\04374D99.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\04374D99.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\04FE4EBD.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\04FE4EBD.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\04FE4EBD.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\05E349C2.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\05E349C2.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\05E349C2.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\06AA4AE7.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\06AA4AE7.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\06AA4AE7.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\07714C0B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\07714C0B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\07714C0B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\0CB210F8 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\0CB210F8 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\0CD65ED0 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\0CD65ED0 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\0CE05CC5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Tue, 3 Aug 2004 18:29:47 +0300]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\0CE05CC5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Tue, 3 Aug 2004 18:29:47 +0300]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\0CE05CC5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Tue, 3 Aug 2004 18:29:47 +0300]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\113D6C96=>(Quarantine-2)=>[Subject: Re: Message Error][Date: Wed, 9 Jun 2004 19:05:44 -0400]=>(MIME part)=>readme.pif Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\113D6C96=>(Quarantine-2)=>[Subject: Re: Message Error][Date: Wed, 9 Jun 2004 19:05:44 -0400]=>(MIME part)=>readme.pif Deleted
C:\Program Files\Norton AntiVirus\Quarantine\113D6C96=>(Quarantine-2)=>[Subject: Re: Message Error][Date: Wed, 9 Jun 2004 19:05:44 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\113D6C96=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\113D6C96 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\118146D6.exe=>(Quarantine-2) Infected Trojan.Crypt.E
C:\Program Files\Norton AntiVirus\Quarantine\118146D6.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\118146D6.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\11D3607C=>(Quarantine-2) Infected Trojan.Crypt.E
C:\Program Files\Norton AntiVirus\Quarantine\11D3607C=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\11D3607C Moved
C:\Program Files\Norton AntiVirus\Quarantine\19420BEA=>(Quarantine-2) Infected Win32.Klez.H@mm
C:\Program Files\Norton AntiVirus\Quarantine\19420BEA=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\19935D7E=>(Quarantine-2) Infected Java.Trojan.OpenConnection.W
C:\Program Files\Norton AntiVirus\Quarantine\19935D7E=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\19935D7E Moved
C:\Program Files\Norton AntiVirus\Quarantine\1C512D11.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\1C512D11.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1C512D11.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1D125A3D.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\1D125A3D.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1D125A3D.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1D780479=>(Quarantine-2) Infected Win32.Klez.H@mm
C:\Program Files\Norton AntiVirus\Quarantine\1D780479=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1DB94C31 Infected [email protected]
C:\Program Files\Norton AntiVirus\Quarantine\1DB94C31 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1DD95B62.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\1DD95B62.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1DD95B62.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1E3B1806 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\1E3B1806 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\1EA05C87.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\1EA05C87.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1EA05C87.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1EB01A70.exe=>(Quarantine-2) Infected Win32.P2P.Bereb.B@mm
C:\Program Files\Norton AntiVirus\Quarantine\1EB01A70.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1EB01A70.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1F6433AF.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\1F6433AF.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\1F6433AF.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\1FB773DA=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\1FB773DA=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\21355FD0 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\21355FD0 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\21762788=>(Quarantine-2)=>[Subject: =?ISO-8859-15?Q?Notification_d'=E9tat_][Date: Thu, 5 Aug 2004 15:22:32 +0200]=>(MIME part)=>(message)=>[Subject: Mail Delivery (failure [email protected])][Date: Thu, 5 Aug 2004 16:23:01 +0300]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\21762788=>(Quarantine-2)=>[Subject: =?ISO-8859-15?Q?Notification_d'=E9tat_][Date: Thu, 5 Aug 2004 15:22:32 +0200]=>(MIME part)=>(message)=>[Subject: Mail Delivery (failure [email protected])][Date: Thu, 5 Aug 2004 16:23:01 +0300]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\21762788=>(Quarantine-2)=>[Subject: =?ISO-8859-15?Q?Notification_d'=E9tat_][Date: Thu, 5 Aug 2004 15:22:32 +0200]=>(MIME part)=>(message)=>[Subject: Mail Delivery (failure [email protected])][Date: Thu, 5 Aug 2004 16:23:01 +0300]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\21D71CF9.exe=>(Quarantine-2) Infected Worm.P2p.Banuris.A
C:\Program Files\Norton AntiVirus\Quarantine\21D71CF9.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\21D71CF9.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\220B7C41=>(Quarantine-2)=>[Subject: Congratulations!][Date: Fri, 14 May 2004 07:40:58 -0400]=>(MIME part)=>list.doc Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\220B7C41=>(Quarantine-2)=>[Subject: Congratulations!][Date: Fri, 14 May 2004 07:40:58 -0400]=>(MIME part)=>list.doc Deleted
C:\Program Files\Norton AntiVirus\Quarantine\220B7C41=>(Quarantine-2)=>[Subject: Congratulations!][Date: Fri, 14 May 2004 07:40:58 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\220B7C41=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\220B7C41 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\22105CE0 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\22105CE0 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\221630D8=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 5 Aug 2004 17:15:51 +0300]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\221630D8=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 5 Aug 2004 17:15:51 +0300]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\221630D8=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 5 Aug 2004 17:15:51 +0300]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\25AE3012=>(Quarantine-2) Infected Win32.Klez.H@mm
C:\Program Files\Norton AntiVirus\Quarantine\25AE3012=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\293F53CA Infected [email protected]
C:\Program Files\Norton AntiVirus\Quarantine\293F53CA Deleted
C:\Program Files\Norton AntiVirus\Quarantine\29664B9E Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\29664B9E Deleted
C:\Program Files\Norton AntiVirus\Quarantine\299B0AA6 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\299B0AA6 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2A097C74=>(Quarantine-2) Infected Win32.Klez.H@mm
C:\Program Files\Norton AntiVirus\Quarantine\2A097C74=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2A267654 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\2A267654 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2AB35DFA Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\2AB35DFA Deleted
C:\Program Files\Norton AntiVirus\Quarantine\2AE11EA2.exe=>(Quarantine-2) Infected Trojan.Crypt.E
C:\Program Files\Norton AntiVirus\Quarantine\2AE11EA2.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2AE11EA2.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\2B4D082B=>(Quarantine-2) Infected Trojan.Crypt.E
C:\Program Files\Norton AntiVirus\Quarantine\2B4D082B=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\2B4D082B Moved
C:\Program Files\Norton AntiVirus\Quarantine\31812D2B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\31812D2B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\31812D2B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\31FD155A=>(Quarantine-2) Infected Win32.Klez.H@mm
C:\Program Files\Norton AntiVirus\Quarantine\31FD155A=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\32450454.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\32450454.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\32450454.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\33095B7C.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\33095B7C.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\33095B7C.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\33D05CA1.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\33D05CA1.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\33D05CA1.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\34321DDF Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\34321DDF Deleted
C:\Program Files\Norton AntiVirus\Quarantine\34975DC6.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\34975DC6.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\34975DC6.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\355F5EEB.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\355F5EEB.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\355F5EEB.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part)=>message.scr Deleted
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 18 Jun 2004 01:56:05 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\35D21A48 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\3609640B Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\3609640B Deleted
C:\Program Files\Norton AntiVirus\Quarantine\36233613.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\36233613.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36233613.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\36EA3738.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\36EA3738.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\36EA3738.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\36F32309 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\36F32309 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\371B1ADE Infected [email protected]
C:\Program Files\Norton AntiVirus\Quarantine\371B1ADE Deleted
C:\Program Files\Norton AntiVirus\Quarantine\373B3EBA Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\373B3EBA Deleted
C:\Program Files\Norton AntiVirus\Quarantine\375C6296 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\375C6296 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\37AE0E60.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\37AE0E60.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\37AE0E60.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\38750F85.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\38750F85.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\38750F85.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\38FB2DDB Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\38FB2DDB Deleted
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part)=>message.scr Deleted
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sat, 15 May 2004 09:08:30 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\392C23A5 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\3932496E Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\3932496E Deleted
C:\Program Files\Norton AntiVirus\Quarantine\39DC50B3 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\39DC50B3 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3B286646.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3B286646.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3B286646.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3BEC3D6E.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3BEC3D6E.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3BEC3D6E.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3CB43E93.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3CB43E93.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3CB43E93.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3D7E69B4.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3D7E69B4.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3D7E69B4.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3E456AD9.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3E456AD9.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3E456AD9.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3EF96E43=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\3EF96E43=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3F0C6BFE.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3F0C6BFE.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3F0C6BFE.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\3F1D3C1C=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\3F1D3C1C=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3F5B59D8 Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\3F5B59D8 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3F7853B7 Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\3F7853B7 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3F8925A5=>(Quarantine-2) Infected Win32.Bagle.K@mm
C:\Program Files\Norton AntiVirus\Quarantine\3F8925A5=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\3FD04326.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\3FD04326.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\3FD04326.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\4095637D Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4095637D Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4098444B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\4098444B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4098444B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\40B25D5C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 1 Jul 2004 19:50:42 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\40B25D5C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 1 Jul 2004 19:50:42 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\40B25D5C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 1 Jul 2004 19:50:42 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\41694365.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\41694365.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\41694365.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\422C1A8D.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\422C1A8D.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\422C1A8D.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\42AF6120.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\42AF6120.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\42AF6120.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\43733848.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\43733848.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\43733848.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\44370F71.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\44370F71.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\44370F71.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\44FF1096.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\44FF1096.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\44FF1096.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\45C611BA.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\45C611BA.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\45C611BA.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\468D12DF.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\468D12DF.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\468D12DF.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\47516A08.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\47516A08.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\47516A08.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\48186B2C.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\48186B2C.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\48186B2C.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\4847468E=>(Quarantine-2) Infected Win32.Bagle.J@mm
C:\Program Files\Norton AntiVirus\Quarantine\4847468E=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\48DC4255.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\48DC4255.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\48DC4255.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\49A3437A.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\49A3437A.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\49A3437A.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\49D84E51=>(Quarantine-2)=>[Subject: Re: Notify][Date: Sun, 6 Jun 2004 03:15:06 -0400]=>(MIME part)=>document.pif Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\49D84E51=>(Quarantine-2)=>[Subject: Re: Notify][Date: Sun, 6 Jun 2004 03:15:06 -0400]=>(MIME part)=>document.pif Deleted
C:\Program Files\Norton AntiVirus\Quarantine\49D84E51=>(Quarantine-2)=>[Subject: Re: Notify][Date: Sun, 6 Jun 2004 03:15:06 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\49D84E51=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\49D84E51 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\4A442246=>(Quarantine-2) Infected Win32.MyDoom.S@mm
C:\Program Files\Norton AntiVirus\Quarantine\4A442246=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4A8669FE=>(Quarantine-2) Infected Win32.MyDoom.S@mm
C:\Program Files\Norton AntiVirus\Quarantine\4A8669FE=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4AC867C6 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4AC867C6 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4AE237A9 Infected [email protected]
C:\Program Files\Norton AntiVirus\Quarantine\4AE237A9 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4AF95D90 Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\4AF95D90 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B08796E=>(Quarantine-2) Infected Win32.MyDoom.S@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B08796E=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4B4A4126=>(Quarantine-2) Infected Win32.MyDoom.S@mm
C:\Program Files\Norton AntiVirus\Quarantine\4B4A4126=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F176C73 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4F176C73 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F2701D4 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4F2701D4 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F5F0824 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4F5F0824 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4F896D68 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\4F896D68 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\4FA33D4C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 20 Sep 2004 08:08:37 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\4FA33D4C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 20 Sep 2004 08:08:37 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\4FA33D4C=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 20 Sep 2004 08:08:37 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\552B4DAD Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\552B4DAD Deleted
C:\Program Files\Norton AntiVirus\Quarantine\553E4998=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 4 Jul 2004 02:55:28 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\553E4998=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 4 Jul 2004 02:55:28 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\553E4998=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 4 Jul 2004 02:55:28 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\556C1565 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\556C1565 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\55C82D01 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\55C82D01 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\55FC4CC7 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\55FC4CC7 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\56064ABC=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 5 Jul 2004 23:10:12 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\56064ABC=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 5 Jul 2004 23:10:12 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\56064ABC=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Mon, 5 Jul 2004 23:10:12 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\561C70A3 Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\561C70A3 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57AF3AEF Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\57AF3AEF Deleted
C:\Program Files\Norton AntiVirus\Quarantine\57E80115=>(Quarantine-2) Infected Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\57E80115=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\57E80115 Moved
C:\Program Files\Norton AntiVirus\Quarantine\5C3C3E16 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5C3C3E16 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part)=>message.scr Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 3 Jun 2004 15:49:24 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\5CD24970 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\5D0F1CED Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5D0F1CED Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5D1C4D7D.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\5D1C4D7D.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5D1C4D7D.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\5D3A08FD Infected Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\5D3A08FD Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5DCD201C Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\5DCD201C Deleted
C:\Program Files\Norton AntiVirus\Quarantine\5DD71E11=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 21 Oct 2004 01:56:07 -0500]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\5DD71E11=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 21 Oct 2004 01:56:07 -0500]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5DD71E11=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Thu, 21 Oct 2004 01:56:07 -0500]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\5DDD7AA9.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\5DDD7AA9.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5DDD7AA9.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\5EA47BCE.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\5EA47BCE.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5EA47BCE.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\5F6B7CF2.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\5F6B7CF2.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\5F6B7CF2.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\602F541B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\602F541B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\602F541B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\608751A5 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\608751A5 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\60F65540.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\60F65540.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\60F65540.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\61BE5664.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\61BE5664.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\61BE5664.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\62855789.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\62855789.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\62855789.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\634F02AA.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\634F02AA.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\634F02AA.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\63C27D4D=>(Quarantine-2) Infected Java.Trojan.Exploit.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\63C27D4D=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\63C27D4D Moved
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part)=>message.scr Deleted
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Sun, 6 Jun 2004 03:20:53 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\63D463B9 Update failed
C:\Program Files\Norton AntiVirus\Quarantine\641359D3.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\641359D3.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\641359D3.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\643A51A8=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\643A51A8=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\643A51A8 Moved
C:\Program Files\Norton AntiVirus\Quarantine\64444F9D=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\64444F9D=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\64444F9D Moved
C:\Program Files\Norton AntiVirus\Quarantine\64855794=>(Quarantine-2) Infected Win32.Bagle.Z@mm
C:\Program Files\Norton AntiVirus\Quarantine\64855794=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\64855794 Moved
C:\Program Files\Norton AntiVirus\Quarantine\65415715.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\65415715.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\65415715.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\66020441.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\66020441.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\66020441.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\66760D11 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\66760D11 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\669730ED Infected Win32.Netsky.D@mm
C:\Program Files\Norton AntiVirus\Quarantine\669730ED Deleted
C:\Program Files\Norton AntiVirus\Quarantine\66B854C9 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\66B854C9 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\66D0595F.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\66D0595F.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\66D0595F.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\66D54EA9 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\66D54EA9 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\66DB22A2=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 14:29:48 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\66DB22A2=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 14:29:48 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\66DB22A2=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 14:29:48 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\66F91C82 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\66F91C82 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\672A124C Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\672A124C Deleted
C:\Program Files\Norton AntiVirus\Quarantine\67341041=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 15:57:15 -0400]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability
C:\Program Files\Norton AntiVirus\Quarantine\67341041=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 15:57:15 -0400]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\67341041=>(Quarantine-2)=>[Subject: Mail Delivery (failure mrhat1@iprimus.][Date: Fri, 30 Jul 2004 15:57:15 -0400]=>(MIME part)=>(MIME part)=>(message body) Move failed
C:\Program Files\Norton AntiVirus\Quarantine\674A3628 Infected Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\674A3628 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\678D5C8F.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\678D5C8F.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\678D5C8F.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\67912C9A=>(Quarantine-2)=>[Subject: Re: your file][Date: Thu, 13 May 2004 11:20:05 -0400]=>(MIME part)=>file.txt.pif Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\67912C9A=>(Quarantine-2)=>[Subject: Re: your file][Date: Thu, 13 May 2004 11:20:05 -0400]=>(MIME part)=>file.txt.pif Deleted
C:\Program Files\Norton AntiVirus\Quarantine\67912C9A=>(Quarantine-2)=>[Subject: Re: your file][Date: Thu, 13 May 2004 11:20:05 -0400]=>(MIME part) Update
C:\Program Files\Norton AntiVirus\Quarantine\67912C9A=>(Quarantine-2) Update
C:\Program Files\Norton AntiVirus\Quarantine\67912C9A Update failed
C:\Program Files\Norton AntiVirus\Quarantine\68545DB3.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\68545DB3.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\68545DB3.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\68E46F98=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\68E46F98=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\691834DC.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\691834DC.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\691834DC.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\69DF3600.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\69DF3600.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\69DF3600.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\69EB7765=>(Quarantine-2) Infected Trojan.Downloader.Small.UY
C:\Program Files\Norton AntiVirus\Quarantine\69EB7765=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6A104C09 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\6A104C09 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6A211F70.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6A211F70.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6A211F70.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6AA73725.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6AA73725.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6AA73725.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6AE57699.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6AE57699.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6AE57699.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6AF376FB=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\6AF376FB=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6B1D18CD=>(Quarantine-2) Infected Win32.Bagle.M@mm
C:\Program Files\Norton AntiVirus\Quarantine\6B1D18CD=>(Quarantine-2) Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6B215944 Infected Win32.Netsky.AA@mm
C:\Program Files\Norton AntiVirus\Quarantine\6B215944 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6B4166A5 Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\6B4166A5 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6B6A0E4E.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6B6A0E4E.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6B6A0E4E.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6BA94DC1.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6BA94DC1.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6BA94DC1.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6C20732E Infected Win32.Netsky.C@mm
C:\Program Files\Norton AntiVirus\Quarantine\6C20732E Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6C320F72.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6C320F72.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6C320F72.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6C714EE6.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6C714EE6.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6C714EE6.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6C825EC3 Infected Win32.Netsky.P@mm
C:\Program Files\Norton AntiVirus\Quarantine\6C825EC3 Deleted
C:\Program Files\Norton AntiVirus\Quarantine\6D38500B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6D38500B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6D38500B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6DA02503.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6DA02503.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6DA02503.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6DFC2733.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6DFC2733.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6DFC2733.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6E647C2B.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6E647C2B.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6E647C2B.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6EC32858.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6EC32858.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6EC32858.exe Moved
C:\Program Files\Norton AntiVirus\Quarantine\6EFA3AF8.exe=>(Quarantine-2) Infected Trojan.Downloader.IstBar.GN
C:\Program Files\Norton AntiVirus\Quarantine\6EFA3AF8.exe=>(Quarantine-2) Disinfection failed
C:\Program Files\Norton AntiVirus\Quarantine\6EFA3AF8.exe Moved
C:�
  • 0

#10
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
The log may have been cut off at the end, but from what I can see everything is already quarantined by Norton. Go into Norton and delete all quarantined files.

Then reboot and run a new scan with Bit Defender. Post the log here in your next reply.
  • 0

#11
beavy1969

beavy1969

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Ok, here goes again....
When i try to download streaming video i am getting a connection error, also when i log onto the windows update site it can not verify my machine? I have heard that the virus causing this requires a complete re build of the hard drive, perhaps the reason my recovery discs won't work? Any help in direction appreciated.........


//-----------------------------------------------------------------
//
// Product: BitDefender 8 Free Edition
// Version: 8.0
//
// Created on: 11/10/2005 18:00:38
//
//-----------------------------------------------------------------


Statistics

Scan path : C:\
D:\
E:\
F:\
Folders : 3873
Files : 432215
Archives : 8871
Packed files : 56233
Identified viruses : 1
Infected files : 1
Warnings : 0
Suspect files : 0
Disinfected files : 0
Deleted files : 0
Copied files : 0
Moved files : 0
Renamed files : 0
I/O errors : 73
Scan time : 01:15:11
Scan speed (files/sec) : 95

Virus definitions : 219572
Scan plugins : 13
Archive plugins : 39
Unpack plugins : 4
Mail plugins : 6
System plugins : 1

Scan options

Detection
[X] Scan boot sectors
[X] Scan archives
[X] Scan packed files
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Copy to quarantine
[ ] Move to quarantine
[ ] Rename
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[ ] Copy to quarantine
[X] Move to quarantine
[ ] Rename
[ ] Prompt user

Scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: vscan.log
[ ] Append to existing report

Summary:

C:\WINDOWS\browserxtras\pn\remove.exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>zlib_nsis0002 Infected Trojan.Downloader.Keenval.F
C:\WINDOWS\browserxtras\pn\remove.exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>zlib_nsis0002 Disinfection failed
C:\WINDOWS\browserxtras\pn\remove.exe=>(NSIS o)=>zlib_nsis0001=>(NSIS o)=>zlib_nsis0002 Move failed
  • 0

#12
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Run Hijackthis and click on the Open Misc Tools section.
  • Go to Delete a file on Reboot
  • Select this file:

    C:\WINDOWS\browserxtras\pn\remove.exe

  • Click Open and Yes to confirm.
  • Reboot your computer.


Now let's see what can be done for IE.

Note: Both methods listed require that the Microsoft Windows XP CD-ROM be available.

Method 1: Microsoft Internet Explorer 6.x Repair for Windows XP
  • From the Start menu, select Run.
  • In the Open field, type sfc /scannow (Note: There is a space between sfc and /scannow)
  • Select the OK button.
  • Follow the prompts throughout the System File Checker process.
  • Reboot the computer when System File Checker completes.
Try Internet Explorer to see if this worked.

Method 2: Microsoft Internet Explorer 6.x Repair for Windows XP
  • From the Start menu, select Search, select All Files and Folders.
  • Select More Advanced Options and place a checkmark beside Search Hidden Files and Folders option.
  • Ensure that Search System Folders and Search Subfolders are also checked.
  • In the All or Part of the File Name box, type ie.inf
  • In the Look In drop-down menu, select C: or the letter of the hard drive that contains the Windows folder.
  • Click the Search button.
  • In the search results pane, find the ie.inf file located in Windows\Inf folder.
  • Right click the ie.inf file and click Install on the context menu.
  • Reboot the computer when the file copy process is complete.
Let me know how it goes.
  • 0

#13
Buckeye_Sam

Buckeye_Sam

    Malware Expert

  • Member
  • PipPipPipPipPipPipPipPip
  • 10,019 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP