Tech Support Forum - View Single Post - My hijackthis log

babigurl · 11-28-2005, 04:40 AM

Hi Omerr, I've done everything that you've listed and hopefully everything is all good now :) Looks like the files that kaspersky found are all located in the norton quarantine so I don't know if that's good or not...

Here all the logs you asked for:

-----------------------------------------------------

Started Scanning
Internet Cookies
Programs in Memory
Windows Registry
Found '' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1'
Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run'
Internet URL Shortcuts
Files and Directories
Finished Scanning
Started Backup
Finished Backup
Started Cleaning
Finished Cleaning

--------------------------------------------------

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Monday, November 28, 2005 22:34:54
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 28/11/2005
Kaspersky Anti-Virus database records: 152082
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\

Scan Statistics:
Total number of scanned objects: 50341
Number of viruses found: 11
Number of infected objects: 26
Number of suspicious objects: 1
Duration of the scan process: 2392 sec

Infected Object Name - Virus Name
C:\Program Files\Norton AntiVirus\Quarantine\06BE56FC.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\10EE3FE4.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\10F169E0.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\10F413DC.frD Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\13412356.exe Infected: Trojan-Downloader.Win32.IstBar.ir
C:\Program Files\Norton AntiVirus\Quarantine\13444D53.exe Infected: Trojan-Downloader.Win32.IstBar.ir
C:\Program Files\Norton AntiVirus\Quarantine\1348774F.exe Infected: Trojan-Downloader.Win32.IstBar.ij
C:\Program Files\Norton AntiVirus\Quarantine\1348774F.htm Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\1C2E74A7.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\25F67EA8.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\36676273.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\366A0C6F.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\40B95F6A.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.htm Suspicious: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\53EA6CA0.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\53ED169C.dll Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\551232B5.exe Infected: Trojan-Downloader.Win32.IstBar.ij
C:\Program Files\Norton AntiVirus\Quarantine\55165CB1.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\566516A8.exe Infected: Trojan-Downloader.Win32.Small.alr
C:\Program Files\Norton AntiVirus\Quarantine\64377DD6.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\653127AB.exe Infected: Trojan-Downloader.Win32.IstBar.ij
C:\Program Files\Norton AntiVirus\Quarantine\6B6928A7.exe Infected: Trojan-Downloader.Win32.IstBar.gen

Scan process completed.

11-28-2005, 04:40 AM	#7 (permalink)
babigurl Registered User Join Date: Jun 2005 Posts: 16 OS: WinXP	Hi Omerr, I've done everything that you've listed and hopefully everything is all good now :) Looks like the files that kaspersky found are all located in the norton quarantine so I don't know if that's good or not... Here all the logs you asked for: ----------------------------------------------------- Started Scanning Internet Cookies Programs in Memory Windows Registry Found '' in 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1' Found '' in 'SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run' Internet URL Shortcuts Files and Directories Finished Scanning Started Backup Finished Backup Started Cleaning Finished Cleaning -------------------------------------------------- ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Monday, November 28, 2005 22:34:54 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version: 5.0.67.0 Kaspersky Anti-Virus database last update: 28/11/2005 Kaspersky Anti-Virus database records: 152082 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ Scan Statistics: Total number of scanned objects: 50341 Number of viruses found: 11 Number of infected objects: 26 Number of suspicious objects: 1 Duration of the scan process: 2392 sec Infected Object Name - Virus Name C:\Program Files\Norton AntiVirus\Quarantine\06BE56FC.exe Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\10EE3FE4.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\10F169E0.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\10F413DC.frD Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\13412356.exe Infected: Trojan-Downloader.Win32.IstBar.ir C:\Program Files\Norton AntiVirus\Quarantine\13444D53.exe Infected: Trojan-Downloader.Win32.IstBar.ir C:\Program Files\Norton AntiVirus\Quarantine\1348774F.exe Infected: Trojan-Downloader.Win32.IstBar.ij C:\Program Files\Norton AntiVirus\Quarantine\1348774F.htm Infected: Trojan-Downloader.JS.IstBar.j C:\Program Files\Norton AntiVirus\Quarantine\1C2E74A7.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\25F67EA8.exe Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\36676273.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\366A0C6F.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\40B95F6A.exe Infected: Trojan.Win32.P2E.br C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.htm Suspicious: Exploit.HTML.Mht C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v C:\Program Files\Norton AntiVirus\Quarantine\4F265E3C.zip Infected: Trojan-Downloader.Java.OpenConnection.v C:\Program Files\Norton AntiVirus\Quarantine\53EA6CA0.exe Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\53ED169C.dll Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\551232B5.exe Infected: Trojan-Downloader.Win32.IstBar.ij C:\Program Files\Norton AntiVirus\Quarantine\55165CB1.exe Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\566516A8.exe Infected: Trojan-Downloader.Win32.Small.alr C:\Program Files\Norton AntiVirus\Quarantine\64377DD6.exe Infected: Trojan-Downloader.Win32.IstBar.gen C:\Program Files\Norton AntiVirus\Quarantine\653127AB.exe Infected: Trojan-Downloader.Win32.IstBar.ij C:\Program Files\Norton AntiVirus\Quarantine\6B6928A7.exe Infected: Trojan-Downloader.Win32.IstBar.gen Scan process completed.