Tech Support banner

Status
Not open for further replies.
1 - 6 of 6 Posts

·
Registered
Joined
·
17 Posts
Discussion Starter #1
Hi, after running Norton Antivirus, Adaware, Spybot and Free Registry Fix my laptop still seems slow, sometimes when I connect to the internet I can't open up applications, or they take ages to open and I can hear the hardrive going wild, I can only assume something is clogging up my system, it was running fine a few weeks ago. I would really really appreciate anyone who can take the time to look at my log to spot anything that really needs to be removed or suggest any measures I can take to clean my system.

I'm running an Acer laptop, Windows XP, 1.6 Centrino processor, 512mb ram, 2 25gig hardrives (the c: drive is the only one in use and it has 5gig space free)

HIJACK LOG

Logfile of HijackThis v1.99.1
Scan saved at 19:50:34, on 22/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nprotect.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe
C:\Program Files\RSSoft\RSEDNClient.exe
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Documents and Settings\Lyle Christine\My Documents\CWShredder\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe -a
O4 - HKCU\..\Run: [PasswordCompanion] "C:\Program Files\Password Companion\Password Companion.exe"
O4 - HKCU\..\Run: [Red Swoosh EDN Client] C:\Program Files\RSSoft\RSEDNClient.exe
O4 - HKCU\..\Run: [Spam Bully for Outlook Express] "C:\Program Files\Axaware\Spam Bully 2 for OE\oespambully.exe" install
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Word\Office10\OSA.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} (InstallCtl Class) - http://download.redswoosh.net/Installer/rssoft.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CD39545-C642-4C86-BE57-F11B64C88309}: NameServer = 80.225.249.178 80.225.255.58
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\WINDOWS\system32\nprotect.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
There's only one thing which I didnt like about your log which is this program - Red Swoosh.

You can read up about it here.
Please uninstall it using add/remove programs.
Then delete it's containing folder - C:\Program Files\RSSoft\

After you have done so, Go to Start> Run - type cleanmgr (this starts Windows DiskCleanup)
  1. Select Drive C: & click the 'OK' button
  2. Select the following options:
    • Temporary Internet Files
      [*] Recycle Bin
      [*] Temporary Files
  3. Click the 'OK' button


Then , perform an online scan with Internet Explorer with Kaspersky WebScanner

Next Click on Launch Kaspersky Anti-Virus Web Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:
        • Standard
      • Scan Options:
        • Scan Archives
        • Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
Copy and paste that information in your next post along with a new HJT log

* Turn off the real time scanner of any existing antivirus program while performing the online scan
 

·
Registered
Joined
·
17 Posts
Discussion Starter #3
Thanks so much for taking the time to reply, I've done everything you said and here's the Kaspersky and Hijak Log:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Thursday, September 22, 2005 22:18:20
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 22/09/2005
Kaspersky Anti-Virus database records: 141558
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 53706
Number of viruses found: 41
Number of infected objects: 648
Number of suspicious objects: 4
Duration of the scan process: 2058 sec

Infected Object Name - Virus Name
C:\WINDOWS\system32\cvsnns.dll Infected: Trojan.Win32.Urbin.c
C:\WINDOWS\system32\nprotect.exe Infected: Trojan.Win32.Urbin.c
C:\Documents and Settings\Lyle Christine\Local Settings\Application Data\Identities\{C9C53D32-7635-4395-9552-3137A7BA3287}\Microsoft\Outlook Express\Deleted Items.dbx/[From "[email protected]" <[email protected]>][Date Mon, 19 Sep 2005 21:00:27 -0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.h
C:\Documents and Settings\Lyle Christine\Local Settings\Application Data\Identities\{C9C53D32-7635-4395-9552-3137A7BA3287}\Microsoft\Outlook Express\Deleted Items.dbx/[From "[email protected]" <[email protected]>][Date Mon, 19 Sep 2005 21:00:27 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.h
C:\Documents and Settings\Lyle Christine\Local Settings\Application Data\Identities\{C9C53D32-7635-4395-9552-3137A7BA3287}\Microsoft\Outlook Express\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bayfraud.h
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip/install_cheat_001.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip/install_cheat_001.exe Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-133f0f1a.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-133f0f1a.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-4c1bbbd6-1df4aea3.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-4c1bbbd6-1df4aea3.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loader.jar-1142b5ff-45e6d774.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenConnection.ad
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loader.jar-1142b5ff-45e6d774.zip Infected: Trojan-Downloader.Java.OpenConnection.ad
C:\Program Files\Norton AntiVirus\Quarantine\5ACC4476.cla Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\50EB4D92.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\50EB4D92.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\50EB4D92.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\50EB4D92.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\50EB4D92.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\50EE778F.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\50F87584.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\50FB1F80.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\27326359.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\27326359.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\532A2B1A.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\532A2B1A.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\532A2B1A.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\532A2B1A.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\1A4806B1.tmp/[From [email protected]][Date Sun, 1 May 2005 11:07:25 +0100]/your_picture.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\1A4806B1.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\59FA3F9B.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\59FA3F9B.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\59FA3F9B.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\59FA3F9B.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\1A5B029C.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\1A5B029C.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\59FD6997.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\4A5C2BC9.tmp/[From [email protected]][Date Sun, 1 May 2005 14:14:56 +0100]/your_letter.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\4A5C2BC9.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\5A001394.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\5A033D90.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1828096E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\78723B11.tmp/Bill.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\78723B11.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\18874B05.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\18874B05.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\18874B05.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\18874B05.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\18874B05.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\37991EC8.tmp/[From host82-10-39-247.not-set-yet.ntli.net [82.10.39.247] (may be forged)][Date Mon, 25 Jul 2005 11:25:41 -0700 (PDT)]/UNNAMED/[From [email protected]][Date Mon, 25 Jul 2005 19:06:14 +0100]/your_details.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\37991EC8.tmp/[From host82-10-39-247.not-set-yet.ntli.net [82.10.39.247] (may be forged)][Date Mon, 25 Jul 2005 11:25:41 -0700 (PDT)]/UNNAMED Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\37991EC8.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\189E70EC.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\32215F97.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\32215F97.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\18B416D3.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\1D9C7475.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\1D9C7475.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\18C812BE.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\51B25047.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\51B25047.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\22B855CE.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\22B855CE.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\22B855CE.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\22B855CE.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\22CC51B9.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\22CF7BB5.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\51CC202A.tmp/Data.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\51CC202A.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\22F91D86.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\482C22D4.tmp Infected: Email-Worm.Win32.Bagle.ai
C:\Program Files\Norton AntiVirus\Quarantine\232D3D4D.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\232D3D4D.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\232D3D4D.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\232D3D4D.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\5F066A95.tmp/[From [email protected]][Date Sun, 17 Jul 2005 18:39:28 +0100]/message_part2.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\5F066A95.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\5EC903FC.tmp Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton AntiVirus\Quarantine\52143BDB.tmp/Part-2.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\52143BDB.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\361F546C.tmp Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\44A35A76.tmp/[From [email protected]][Date Wed, 20 Jul 2005 22:11:45 +0100]/your_picture.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\44A35A76.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\4761136F.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\4761136F.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\4761136F.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\4761136F.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\1FA647A1.tmp/Notice.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\1FA647A1.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\4761136F.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\47643D6C.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\47643D6C.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\47676768.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\412B71E3.tmp/Textfile.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\412B71E3.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\47740F5A.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\6A3B0959.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\5FE644BC.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\414541C6.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\414541C6.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\5FE96EB8.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\414B15BF.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\414B15BF.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\168150B6.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\42DB29D0.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\6A45074E.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\70D43D6E.tmp/Notice.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\70D43D6E.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\6A45074E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\57136BDB.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\71053338.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\71053338.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\571A3FD4.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\571A3FD4.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\571A3FD4.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\571A3FD4.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\571A3FD4.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\104D7082.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\104D7082.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\57967B4B.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\568E509F.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\568E509F.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\70E8096E.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\70E8096E.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\70E8096E.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\70E8096E.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\56C9445E.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\56C9445E.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\70EF5D67.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\147D0ABF.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\147D0ABF.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\266A098D.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\148B32B1.tmp/[From [email protected]][Date Fri, 6 May 2005 22:07:51 +0100]/your_details.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\148B32B1.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\294D2384.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\5965497E.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\5965497E.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\49AC753E.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\61DA062F.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\61DA062F.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\212B415B.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\6F3635C5.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6F3635C5.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6AFC3685.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\6AFC3685.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\6AFC3685.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\6AFC3685.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\349A6967.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\349A6967.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6AFF6081.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\08DC4665.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\08DC4665.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6B020A7D.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\1B765E35.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\1B765E35.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6B05347A.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\6E913F09.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6E913F09.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\6B095E76.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\35871EF2.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\35871EF2.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\7E024F94.tmp Infected: Email-Worm.Win32.Bagle.ai
C:\Program Files\Norton AntiVirus\Quarantine\33A21F99.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\33A21F99.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\41AC78B7.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\41AC78B7.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\04F07FD5.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\04F07FD5.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\117F28FB.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\48426851.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\48426851.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\118352F8.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\22843390.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\22843390.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\118352F8.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\47431B1F.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\47431B1F.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\11867CF4.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\5E874185.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\5E874185.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\11907AE9.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\28BA08B8.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\28BA08B8.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\4F8761DD.tmp Infected: Email-Worm.Win32.Bagle.ai
C:\Program Files\Norton AntiVirus\Quarantine\722A39E7.tmp/Textfile.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\722A39E7.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\31303DB1.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\31303DB1.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\14E122F4.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\21101695.tmp Infected: Net-Worm.Win32.Mytob.c
C:\Program Files\Norton AntiVirus\Quarantine\14EB20E9.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\14EB20E9.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\14EB20E9.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\14EB20E9.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\14EB20E9.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\79485D7F.tmp Infected: Net-Worm.Win32.Mytob.c
C:\Program Files\Norton AntiVirus\Quarantine\14F174E2.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\376A05B2.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\376A05B2.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\14F51EDE.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\48F156B0.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\48F156B0.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\14FB72D7.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\2CAA3417.tmp/message.html Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\2CAA3417.tmp Infected: Email-Worm.Win32.Mimail.a
C:\Program Files\Norton AntiVirus\Quarantine\14FE1CD3.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\39897C7B.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\15081AC9.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\399D7865.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\17E02DA7.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\17E02DA7.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\17E02DA7.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\17E02DA7.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\77D85A67.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\77D85A67.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\77D85A67.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\77D85A67.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\77D85A67.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\209034A8.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\39BE1C41.tmp/document.txt .exe Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\39BE1C41.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\20945EA5.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\20945EA5.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\20945EA5.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\20945EA5.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\20945EA5.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\209A329D.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\20A10696.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\082E4F13.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\20A43093.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1FA74C62.exe Infected: Trojan-Dropper.Win32.Small.yu
C:\Program Files\Norton AntiVirus\Quarantine\222934E7.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\222934E7.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\222934E7.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\222934E7.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\20D70D13.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\20D01059.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\20D01059.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\20D01059.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\20D01059.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\20D01059.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\222C5EE3.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\222F08E0.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\1A7A4778.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\223232DC.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1AEC04FA.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\22365CD9.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\6D045935.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\1FD82C97.tmp/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\1FD82C97.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\6D2F7B06.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\6D4276F1.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\581074BA.tmp/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\581074BA.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\0DA82AB7.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\244C20D4.tmp/jenifer.jpg .scr Infected: Email-Worm.Win32.Mabutu.a
C:\Program Files\Norton AntiVirus\Quarantine\244C20D4.tmp Infected: Email-Worm.Win32.Mabutu.a
C:\Program Files\Norton AntiVirus\Quarantine\4E862555.js Infected: Trojan-Downloader.JS.Small.ag
C:\Program Files\Norton AntiVirus\Quarantine\2645005A.tmp Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton AntiVirus\Quarantine\26492A57.tmp Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton AntiVirus\Quarantine\0FF15602.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\7AA15605.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\1F064DAB.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\133142EF.tmp Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\14B6168E.tmp Infected: Trojan-Clicker.Win32.Small.gj
C:\Program Files\Norton AntiVirus\Quarantine\30FC4490.htm Infected: Trojan-Downloader.JS.IstBar.x
C:\Program Files\Norton AntiVirus\Quarantine\31006E8C.htm Infected: Trojan-Downloader.JS.IstBar.x
C:\Program Files\Norton AntiVirus\Quarantine\71B6184E.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\07E451C3.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\3430744A.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\07FF395B.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\0819093F.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\08295B2D.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\343A723F.tmp/Data.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\343A723F.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\38200665.tmp/[From [email protected].p][Date Wed, 10 Aug 2005 11:47:40 +0100]/my_details.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\38200665.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\53760C02.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\344A442E.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\63037C97.zip/a.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\63037C97.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\63037C97.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\63037C97.zip Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\63037C97.cla Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\63072693.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\630A508F.cla Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\630D7A8C.cla Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\3B2A4008.tmp/Important.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\3B2A4008.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\31FF63F3.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\6B824CD2.tmp Infected: Net-Worm.Win32.Mytob.c
C:\Program Files\Norton AntiVirus\Quarantine\4FE85B51.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\763564C1.tmp Infected: Net-Worm.Win32.Mytob.ba
C:\Program Files\Norton AntiVirus\Quarantine\08EC1FB7.exe Infected: Trojan.Win32.Urbin.c
C:\Program Files\Norton AntiVirus\Quarantine\27682FBF.tmp Infected: Net-Worm.Win32.Mytob.ba
C:\Program Files\Norton AntiVirus\Quarantine\08EC1FB7.tmp Infected: Trojan.Win32.Urbin.c
C:\Program Files\Norton AntiVirus\Quarantine\27A07982.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\08F947A9.htm Infected: Trojan-Downloader.JS.IstBar.x
C:\Program Files\Norton AntiVirus\Quarantine\5DA25A8C.htm Infected: Trojan-Downloader.JS.IstBar.x
C:\Program Files\Norton AntiVirus\Quarantine\27B71F68.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\27C4475A.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\59343F84.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip/Counter.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip/VerifierBug.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip/web.exe Infected: Trojan-Clicker.Win32.Small.hs
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip/Worker.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip/Xeyond.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\75C46082.zip Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\59725D40.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\7D5E2024.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\7D5E2024.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\7D5E2024.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\7D5E2024.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\4C097BB7.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\7D5E2024.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\7A5D28BB.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4CA843E2.tmp Infected: Net-Worm.Win32.Mytob.c
C:\Program Files\Norton AntiVirus\Quarantine\7A913A7D.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\4CC967BE.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\06D1507C.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\4CE00DA5.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\7D65741D.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\316F6544.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\733C0E6F.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\1AAF3B05.tmp Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton AntiVirus\Quarantine\31072322.tmp Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton AntiVirus\Quarantine\2750191F.htm Infected: Trojan-Downloader.JS.IstBar.x
C:\Program Files\Norton AntiVirus\Quarantine\6F88607A.tmp/data.rtf .scr Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\6F88607A.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\313318AA.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\6FA90456.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\6FAC2E53.tmp/[From [email protected]][Date Tue, 23 Aug 2005 14:53:42 -1000]/UNNAMED/html Suspicious: Exploit.HTML.Iframe.FileDownload
C:\Program Files\Norton AntiVirus\Quarantine\6FAC2E53.tmp/[From [email protected]][Date Tue, 23 Aug 2005 14:53:42 -1000]/UNNAMED Suspicious: Exploit.HTML.Iframe.FileDownload
C:\Program Files\Norton AntiVirus\Quarantine\6FAC2E53.tmp Suspicious: Exploit.HTML.Iframe.FileDownload
C:\Program Files\Norton AntiVirus\Quarantine\6BD31ED8.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\6BFA16AD.tmp/details.txt .scr Infected: Email-Worm.Win32.Mabutu.a
C:\Program Files\Norton AntiVirus\Quarantine\6BFA16AD.tmp Infected: Email-Worm.Win32.Mabutu.a
C:\Program Files\Norton AntiVirus\Quarantine\7F2F7BB3.tmp/Bill.txt .exe Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\7F2F7BB3.tmp Infected: Email-Worm.Win32.NetSky.aa
C:\Program Files\Norton AntiVirus\Quarantine\4FE428B9.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\50B94A17.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\5E867DC1.tmp/mail2.txt.scr Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton AntiVirus\Quarantine\5E867DC1.tmp Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton AntiVirus\Quarantine\7B4A0B66.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\725E570F.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\3C027EBF.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\0CF90C99.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\2BF572FB.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\0D193075.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\1CE368B5.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\0D265867.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\1CED66AA.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\0D4A263F.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\0F6D08AA.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\0D68201F.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\1939762A.tmp Infected: Net-Worm.Win32.Mytob.c
C:\Program Files\Norton AntiVirus\Quarantine\7A293B03.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\7A293B03.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\7A293B03.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\7A293B03.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\7A293B03.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4AC93956.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\139F713F.exe Infected: Trojan-Proxy.Win32.Small.co
C:\Program Files\Norton AntiVirus\Quarantine\17364384.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\13A21B3B.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\13A21B3B.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\13A21B3B.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\13A21B3B.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\113342FC.tmp Infected: Net-Worm.Win32.Mytob.az
C:\Program Files\Norton AntiVirus\Quarantine\4ABF143B.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\4ABF143B.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\4ABF143B.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\4ABF143B.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4ABF143B.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\2B1C5C79.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\13A64538.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\2B255A6E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\13A96F34.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\13A96F34.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\13A96F34.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\13A96F34.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\13A96F34.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\2B2C2E67.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\2B2C2E67.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\2B2C2E67.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\2B2C2E67.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\2B2C2E67.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\564F5039.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\564F5039.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\564F5039.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\564F5039.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\564F5039.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\2B320260.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\13AC1930.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\2B395659.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\13AF432D.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\2B395659.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\13B36D29.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\2B3C0055.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\27A76A37.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\13B94122.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\33382636.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\690E4096.tmp Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton AntiVirus\Quarantine\13BC6B1E.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\1AE14342.zip/a.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\1AE14342.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\1AE14342.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\1AE14342.zip Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\1AE8173B.cla Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\2D2837EA.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\1AEB4137.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\2E5E4C95.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\1AF53F2D.cla Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\2E684A8A.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\1B083B17.cla Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\2E6F1E83.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\2E6F1E83.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\2E6F1E83.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\2E6F1E83.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\2E6F1E83.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\7A920BF3.htm Infected: Trojan-Downloader.JS.Inor.a
C:\Program Files\Norton AntiVirus\Quarantine\2E72487F.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\7FED6E0E.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Program Files\Norton AntiVirus\Quarantine\7FED6E0E.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Program Files\Norton AntiVirus\Quarantine\2E791C78.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\7FF44207.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Program Files\Norton AntiVirus\Quarantine\7FF44207.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Program Files\Norton AntiVirus\Quarantine\2E7C4674.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\328D17FA.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\328D17FA.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\328D17FA.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\328D17FA.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip/Counter.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip/VerifierBug.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip/web.exe Infected: Trojan.Win32.LowZones.cp
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip/Worker.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip/Xeyond.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\011C55E6.zip Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip/Counter.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip/VerifierBug.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip/web.exe Infected: Trojan.Win32.LowZones.cp
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip/Worker.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip/Xeyond.class Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\039F2522.zip Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\3249040E.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3249040E.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3249040E.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\3249040E.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\324D2E0A.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\68BA4670.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\25186F4D.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\7801079A.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\0CBB182E.cla Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\7CA40F34.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\375618B6.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\7F475351.tmp Infected: Net-Worm.Win32.Mytob.ck
C:\Program Files\Norton AntiVirus\Quarantine\2D3E6A84.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\0FEB58B5.tmp Infected: Net-Worm.Win32.Mytob.ck
C:\Program Files\Norton AntiVirus\Quarantine\15422586.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\10434654.tmp/[From [email protected]][Date Wed, 14 Sep 2005 19:26:34 -0500]/your_file.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\10434654.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\057A3B8B.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\375942B3.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\3770689A.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\37731296.cla Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\444163A4.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\44440DA0.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\6F6158D2.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\44843B59.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\4D103479.htm Suspicious: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\44876555.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\44876555.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\44876555.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\44876555.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\44876555.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\44876555.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\448E394E.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\4491634B.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\44A13539.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\44A13539.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\44A13539.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\44A13539.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\48F77873.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\48F77873.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\48F77873.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\48F77873.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\48FB226F.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\48FE4C6C.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\48FE4C6C.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\49017668.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\49017668.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\49017668.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\49017668.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\49017668.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\49017668.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\49052064.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\49084A61.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4BDC2F86.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\4BDC2F86.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\4BDC2F86.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\4BDC2F86.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\4BDC2F86.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\490B745D.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\490B745D.exe Infected: Virus.Win32.Bube.l
C:\Program Files\Norton AntiVirus\Quarantine\490E1E5A.cla Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\490E1E5A.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\49157252.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\49181C4F.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\491F7048.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\34564182.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\49221A44.cla Infected: Trojan.Java.Femad
C:\Program Files\Norton AntiVirus\Quarantine\7A1E1F81.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\5E5C2606.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\5F02034F.tmp/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\5F02034F.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\11B421C7.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\14412DD3.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\14787796.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\6261006C.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\628F4C39.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\25B03EEB.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\44B718C0.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\0AA06BD0.tmp Infected: Net-Worm.Win32.Mytob.h
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\271C2677.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\27237A70.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\27294E69.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\272C7866.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\27302262.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\1A661306.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\1DF5551B.tmp Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton AntiVirus\Quarantine\33F42FFA.tmp Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton AntiVirus\Quarantine\08444B8C.tmp/party.txt.scr Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton AntiVirus\Quarantine\08444B8C.tmp Infected: Email-Worm.Win32.NetSky.b
C:\Program Files\Norton AntiVirus\Quarantine\06E66632.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\06E66632.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\06E66632.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\06E66632.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\06E9102E.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\06EC3A2B.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\06F06427.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\070D5E07.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\072403EE.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\07794790.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\077C718C.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\077C718C.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\077C718C.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\077C718C.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\077C718C.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\07834585.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\0789197E.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\07906D77.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\39FA4D20.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\3A002119.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\3A034B15.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\3A034B15.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\3AA35465.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3AA35465.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3AA35465.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\3AA35465.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\3AA77E61.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\3AAA285E.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\7F5D7A41.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\3DEB7AC9.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3DEB7AC9.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\3DEB7AC9.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\3DEB7AC9.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\3DEE24C6.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\3DF14EC2.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\0D515791.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\42C02377.htm Infected: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\42C44D74.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\42C44D74.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\42C44D74.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\42C44D74.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\568903B2.tmp Infected: Trojan.Java.ClassLoader.h
C:\Program Files\Norton AntiVirus\Quarantine\18DB4265.tmp Infected: Trojan.Java.ClassLoader.d
C:\Program Files\Norton AntiVirus\Quarantine\28B3518D.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\28B77B89.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\28B77B89.zip/InsecureClassLoader.class Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\28B77B89.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\28B77B89.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\28B77B89.zip Infected: Trojan-Downloader.Java.OpenConnection.v
C:\Program Files\Norton AntiVirus\Quarantine\28BD4F82.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\28C1797E.htm Infected: Exploit.VBS.Phel.a
C:\Program Files\Norton AntiVirus\Quarantine\28C4237B.cla Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\28C74D77.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\432F4C68.zip/BlackBox.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\432F4C68.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify
C:\Program Files\Norton AntiVirus\Quarantine\432F4C68.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\432F4C68.zip Infected: Trojan-Downloader.Java.OpenConnection.aa
C:\Program Files\Norton AntiVirus\Quarantine\432F4C68.cla Infected: Trojan.Java.ClassLoader.c
C:\Program Files\Norton AntiVirus\Quarantine\43327665.cla Infected: Trojan.Java.ClassLoader.Dummy.d
C:\Program Files\Norton AntiVirus\Quarantine\43352061.cla Infected: Exploit.Java.Bytverify
C:\Program Files\Norton AntiVirus\Quarantine\61E732E3.tmp/details.txt .pif Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\61E732E3.tmp Infected: Email-Worm.Win32.NetSky.q
C:\Program Files\Norton AntiVirus\Quarantine\792F0344.tmp/[From [email protected]][Date Sun, 10 Jul 2005 21:20:46 +0100]/document.pif Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\792F0344.tmp Infected: Email-Worm.Win32.NetSky.d
C:\Program Files\Norton AntiVirus\Quarantine\4FA566FA.zip/a.class Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\4FA566FA.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a
C:\Program Files\Norton AntiVirus\Quarantine\4FA566FA.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\4FA566FA.zip Infected: Trojan.Java.ClassLoader.u
C:\Program Files\Norton AntiVirus\Quarantine\4FA566FA.cla Infected: Trojan.Java.ClassLoader.b
C:\Program Files\Norton AntiVirus\Quarantine\4FA810F6.cla Infected: Trojan.Java.ClassLoader.Dummy.a

Scan process completed.


Logfile of HijackThis v1.99.1
Scan saved at 22:19:57, on 22/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nprotect.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Lyle Christine\My Documents\CWShredder\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe -a
O4 - HKCU\..\Run: [PasswordCompanion] "C:\Program Files\Password Companion\Password Companion.exe"
O4 - HKCU\..\Run: [Spam Bully for Outlook Express] "C:\Program Files\Axaware\Spam Bully 2 for OE\oespambully.exe" install
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Word\Office10\OSA.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} (InstallCtl Class) - http://download.redswoosh.net/Installer/rssoft.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CD39545-C642-4C86-BE57-F11B64C88309}: NameServer = 80.225.249.178 80.225.255.58
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\WINDOWS\system32\nprotect.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Before we proceed, Kaspersky found a lot of infected files in Norton's quarantine folder. Let's clear that up or the next scan will pick it up again.

Please use Symantec's guide to remove the Quarantine files.


Download & Save on Desktop - KillBox v2.0.0.175.exe (it's important that you get version v2.0.0.175)


Click Start->Run - type SERVICES.MSC & then click on the OK button
  1. Locate the service - Protected Exchange (MainService)
  2. Double-click on it to open the Properties dialog.
    • Under the General tab, note down the name of "Service name". We shall need it later.
    • Stop the service by using the Stop button.
    • Change the Startup type to Disabled & then click on the OK button
  3. Then start HiJackThis & go to Config>Misc.Tools...> Delete an NT service...
  4. In the popup box that appears, type in "Service name" & then click on the OK button


Have HijackThis fix this entry:

O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\WINDOWS\system32\nprotect.exe


Launch KillBox.exe & select the following options:
  • delete on Reboot
Select all the filenames below & then right-click & select Copy
  • C:\WINDOWS\system32\cvsnns.dll
    C:\WINDOWS\system32\nprotect.exe
    C:\Documents and Settings\Lyle Christine\Local Settings\Application Data\Identities\{C9C53D32-7635-4395-9552-3137A7BA3287}\Microsoft\Outlook Express\Deleted Items.dbx
    C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAd DaUj.zip
    C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv505.jar-11fac7b6-133f0f1a.zip
    C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa deradv637.jar-4c1bbbd6-1df4aea3.zip
    C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loa der.jar-1142b5ff-45e6d774.zip
* Go to the File menu, and choose Paste from Clipboard
* Click on the dropdown menu next to Full Path of File to Delete field.
* Verify that the filenames you pasted are found there
* Click the RED X button.
* Click Yes at the Delete on Reboot prompt.
* Click Yes at the 'Pending Operations prompt'.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, download and run missingfilesetup.exe. Then try Killbox again.
Upon reboot, repeat the Kaspersky scan & post the resultant report & a new HJT log.
 

·
Registered
Joined
·
17 Posts
Discussion Starter #5
Some files weren't found even after downloading the missing files.exe but I did as you said:



Logfile of HijackThis v1.99.1
Scan saved at 17:32:38, on 23/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\acer\epm\epm-dm.exe
C:\PROGRA~1\LAUNCH~1\LManager.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Lyle Christine\My Documents\Adawre Tools\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.3.3.2\InstallStub.exe -a
O4 - HKCU\..\Run: [PasswordCompanion] "C:\Program Files\Password Companion\Password Companion.exe"
O4 - HKCU\..\Run: [Spam Bully for Outlook Express] "C:\Program Files\Axaware\Spam Bully 2 for OE\oespambully.exe" install
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Word\Office10\OSA.EXE
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O16 - DPF: {FF0C042C-98E9-4C36-B2EC-E21FDFDCEF75} (InstallCtl Class) - http://download.redswoosh.net/Installer/rssoft.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CD39545-C642-4C86-BE57-F11B64C88309}: NameServer = 80.225.249.178 80.225.255.58
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe


-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Friday, September 23, 2005 17:32:04
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 23/09/2005
Kaspersky Anti-Virus database records: 141755
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 54358
Number of viruses found: 8
Number of infected objects: 23
Number of suspicious objects: 0
Duration of the scan process: 1934 sec

Infected Object Name - Virus Name
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip/install_cheat_001.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip/install_cheat_001.exe Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAdDaUj.zip Infected: Trojan-Downloader.Win32.IstBar.ki
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-133f0f1a.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-133f0f1a.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-4c1bbbd6-1df4aea3.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-4c1bbbd6-1df4aea3.zip Infected: Trojan-Downloader.Java.OpenStream.c
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loader.jar-1142b5ff-45e6d774.zip/Matrix.class Infected: Trojan-Downloader.Java.OpenConnection.ad
C:\Documents and Settings\Lyle Christine\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loader.jar-1142b5ff-45e6d774.zip Infected: Trojan-Downloader.Java.OpenConnection.ad
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046966.exe Infected: Trojan.Win32.Urbin.c
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046974.exe Infected: Trojan-Dropper.Win32.Small.yu
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046975.exe Infected: Trojan-Proxy.Win32.Small.co
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046976.exe Infected: Virus.Win32.Bube.l
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046977.exe Infected: Virus.Win32.Bube.l
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046978.exe Infected: Virus.Win32.Bube.l
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046979.exe Infected: Virus.Win32.Bube.l
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046986.DLL Infected: Trojan.Win32.Urbin.c
C:\System Volume Information\_restore{8399146D-CC1C-4DBE-A574-370D6E9F04C5}\RP154\A0046987.EXE Infected: Trojan.Win32.Urbin.c
C:\!Submit\cvsnns.dll Infected: Trojan.Win32.Urbin.c
C:\!Submit\nprotect.exe Infected: Trojan.Win32.Urbin.c
C:\!Submit\Deleted Items.dbx/[From "[email protected]" <[email protected]>][Date Mon, 19 Sep 2005 21:00:27 -0600]/UNNAMED/html Infected: Trojan-Spy.HTML.Bayfraud.h
C:\!Submit\Deleted Items.dbx/[From "[email protected]" <[email protected]>][Date Mon, 19 Sep 2005 21:00:27 -0600]/UNNAMED Infected: Trojan-Spy.HTML.Bayfraud.h
C:\!Submit\Deleted Items.dbx Infected: Trojan-Spy.HTML.Bayfraud.h

Scan process completed.
 

·
TSF Security Team, Emeritus
Joined
·
26,363 Posts
Because of the sheer length of their file paths\names, some files werent deleted by Killbox. You'll have to do that manually.

Locate & delete these files/folders:

C:\Documents and Settings\Lyle Christine\My Documents\Soundforge\sonysoundforge70_YoXgMcLsKlAd DaUj.zip

C:\!Submit\



Now that your system is clean, please follow these simple steps in order to keep your computer clean and secure:

  1. Clear Java Cache
    1. Click Start >Settings>Control Panel
    2. Click the Java Plugin Icon
    3. Click the Cache tab
    4. Click the Clear button and click OK to confirm
    Note: Please repeat this procedure for each "Java Plugin" button in your Control Panel

    Follow the instructions outlined here to clear Sun Java's cache.

  2. CLEAR & RESET SYSTEM RESTORE'S CACHE
    Go to Start >> Run - type control sysdm.cpl,,4 & press Enter
    • Tick on the checkbox - Turn off System Restore on all drives
    • Click Apply
    Turn it back 'On' by unticking the same checkbox & click OK


  3. DISABLE THE VIEWING OF SYSTEM FILES
    From Windows Explorer, go to Tools>Folder Options> View tab.
    • Untick - Show hidden files and folder
    • Tick - Hide file extensions for known types
    • Tick - Hide protected operating system files
    Click Yes to confirm & then click OK


  4. SECURING INTERNET EXPLORER
    Go to Start >> Run - type control inetcpl.cpl,,1 & press Enter
    • Click once on the Internet icon so it becomes highlighted.
    • Select Custom Level .
      • Change 'Download signed ActiveX controls' to Prompt
      • Change 'Download unsigned ActiveX controls' to Disable
      • Change 'Initialize and script ActiveX controls not marked as safe' to Disable
      • Change 'Installation of desktop items' to Prompt
      • Change 'Launching programs and files in an IFRAME' to Prompt
      • Change 'Navigate sub-frames across different domains' to Prompt
      • When all these changes have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Select OK to exit the Internet Properties page.


  5. ANTIVIRUS SOFTWARE
    It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

    It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.


  6. FIREWALL
    Without a firewall your computer is succeptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. A tutorial on Firewalls and a listing of some available ones can be found here.


  7. Microsoft Windows Update
    Visit windowsupdate.com regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


  8. SPYBOT - SEARCH & DESTROY
    Download and install Spybot - Search & Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here


  9. AD-AWARE
    Download and install Ad-Aware. You should use this program to scan your computer on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here


  10. SPYWAREBLASTER
    SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

    Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here


  11. IE-SPYAD
    IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. A tutorial on installing this product can be found here


  12. MVPS HOST FILE
    The MVPS Hosts file replaces your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is the IP of your local computer. It can be downloaded here - MVPS Hosts file

Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.
  • Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

  • Weather Watcher - Free taskbar weather program that is free, malware free, and resource light.

  • Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.

  • Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.

  • Google Toolbar - Get the free google toolbar to help stop pop up windows.

  • CleanUP! - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

  • Winpatrol - Download and install the free version of Winpatrol.
    A tutorial for this product is located here:
    Using Winpatrol to protect your computer from malicious software

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein

After doing all these, your system will be optimised against future threats.

It's okay to delete the Hijack This folder in a couple weeks if everything is working okay.
Have a safe & happy computing day.


Please respond to this thread one more time so we can mark this thread as resolved.
 
1 - 6 of 6 Posts
Status
Not open for further replies.
Top