Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Have Things I Dont Need Or Want On My Computer


  • Please log in to reply
12 replies to this topic

#1 ibdan61

ibdan61

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 06 January 2006 - 03:27 AM

I have two files that appeared on my desktop "eins009.exe" and "eins005.exe" that I cannot delete and also I have system processes running that I don't want and when I try and end them they restart by themselves.

I have run HiJack This and here is a copy of the log:

Logfile of HijackThis v1.99.1
Scan saved at 12:23:27 AM, on 1/6/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\HijackThis\HijackThis.exe

Any help will be much appreciated

Dan

BC AdBot (Login to Remove)

 


#2 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 15 January 2006 - 02:59 PM

Hi Dan and welcome to Bleeping computer :thumbsup:

Can you please send me a new hijack log, I need the entire log from top to bottom and we will see what we can do. :flowers:
Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image

#3 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 04 February 2006 - 01:46 PM

Ok John here it is....thank you for your help

Logfile of HijackThis v1.99.1
Scan saved at 10:43:56 AM, on 2/4/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\cidaemon.exe

#4 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 05 February 2006 - 01:57 PM

Hello again :thumbsup:

I still dont see what i want to see your missing over half the log. Take a look at the other logs in this section and you can see what i am refering to.

Edited by John L, 05 February 2006 - 01:58 PM.

Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image

#5 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 20 February 2006 - 11:12 PM

Logfile of HijackThis v1.99.1
Scan saved at 8:08:23 PM, on 2/20/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bakersfield.cox.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures05.aim.com/ygp/aol/plugin/u...AIM.9.5.1.8.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

This is all I get when I do a system scan and I don't know why you didnt get it all the last two times. I hope this is all of it this time.

Dan

#6 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 22 February 2006 - 08:20 PM

Hello Again :thumbsup:

Yep that was exactly what i needed to see.

This is what i want you to do first please.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Please download ewido security suite it is a free version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Launch ewido, there should be an icon on your desktop, double-click it.
  • The program will now open to the main screen.
  • When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  • The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.

Then a online scan.

Please do an online virus scan with Panda ActiveScan Here. You need to use Internet Explorer for this scan.
  • Once you get to the Panda site, scroll down a bit and click on Scan your PC
  • A new window will appear; click on Check Now!
  • A new window will appear; fill in the boxes (Country, State, email addy)
  • Click on Scan Now! >
    If you have never used ActiveScan before, you will be prompted to install an ActiveX control (asinst.cab) : click on Install. Panda will install the component, and then install the latest signature files.
  • From "Select a device to scan...", choose "My Computer"
  • Allow the scan to run. It'll take a while.
  • When complete, click on "See Report", and then on "Save report"; save it to a convenient location.
  • I will need you to post that report in your next reply; simply open the text file, then copy/paste the content here.
When these are complete, show me the logs they generate and a new hijack log as well please. :flowers:
Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image

#7 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 25 February 2006 - 11:42 PM

Thank you John for your help and mostly your patience. I followed your instructions to the "T" and here is what you asked to see.....

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 7:42:58 PM, 2/25/2006
+ Report-Checksum: 25689F22

+ Scan result:

C:\WINDOWS\system32\vaevf.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\Zapotec.bmp:qqzim -> Downloader.Agent.bc : Cleaned with backup
C:\WINDOWS\zbdvu.txt:acfsx -> Downloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:hzxtp -> Downloader.Agent.bc : Cleaned with backup
C:\WINDOWS\_default.pif:kttrf -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:lwidt -> Downloader.Agent.ap : Cleaned with backup
C:\WINDOWS\_default.pif:orqsq -> Downloader.Agent.bq : Cleaned with backup
C:\WINDOWS\_default.pif:ugvpi -> Downloader.Agent.bc : Cleaned with backup
D:\Archives\My Download Files\Scrabble_Setup-dm[1].exe -> Adware.Trymedia : Cleaned with backup


::Report End

Incident Status Location

Potentially unwanted tool:application/mywebsearch Not disinfected C:\WINDOWS\SYSTEM32\f3PSSavr.scr
Adware:adware/wupd Not disinfected C:\WINDOWS\SYSTEM32\ide21201.vxd
Adware:adware/searchaid Not disinfected C:\WINDOWS\SYSTEM32\sdkza32.exe
Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\Danno\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/bookedspace Not disinfected C:\WINDOWS\cfgmgr52.ini
Potentially unwanted tool:application/funweb Not disinfected C:\PROGRAM FILES\FunWebProducts
Adware:adware/dealhelper Not disinfected C:\WINDOWS\SYSTEM32\Newmsrdk
Adware:adware/addestroyer Not disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AdDestroyer
Adware:adware/virtualbouncer Not disinfected C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\VBouncer
Adware:adware/ezula Not disinfected Windows Registry
Potentially unwanted tool:application/myway Not disinfected HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Dialer:dialer generic Not disinfected HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}
Spyware:spyware/apropos Not disinfected Windows Registry
Dialer:dialer.bb Not disinfected HKEY_CLASSES_ROOT\TypeLib\{8EA362BD-39CB-40F5-9226-73CD40999095}
Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\Danno\Incomplete\T-100732-_working_ sony mini disc download.ace[toolBar.exe]
Potentially unwanted tool:Application/Zango Not disinfected C:\Program Files\HijackThis\backups\backup-20050821-025834-431.inf
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\HijackThis\backups\backup-20051006-165323-389.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\HijackThis\backups\backup-20051006-165405-222.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\HijackThis\backups\backup-20051024-030447-138.dll
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\HijackThis\backups\backup-20060214-001319-602.inf
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\HijackThis\backups\backup-20060214-001319-712.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MSN Messenger\riched20.dll
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3CJPEG.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3HISTSW.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3HTTPCT.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3PSSAVR.SCR
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3REPROX.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3RESTUB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3SCHMON.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3SCRCTR.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\F3WPHOOK.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\M3IDLE.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\M3OUTLCN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\M3PLUGIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\M3SKIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\MWSOEMON.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\4.bin\NPMYWEBS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Uninstall My Web Search.dll
Potentially unwanted tool:Application/FunWeb Not disinfected C:\WINDOWS\LastGood\Downloaded Program Files\f3initialsetup1.0.0.15.inf
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\WINDOWS\system32\f3PSSavr.scr
Spyware:Spyware/LinkReplacer Not disinfected C:\WINDOWS\system32\PreUninstallQL.exe


Logfile of HijackThis v1.99.1
Scan saved at 8:35:08 PM, on 2/25/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Yahoo!\Messenger\YPager.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bakersfield.cox.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures05.aim.com/ygp/aol/plugin/u...AIM.9.5.1.8.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


Ok I am as sure as I can be that this is all that you asked for, and I haven't tried to disinfect anything on my own as I figure I will be better off awaiting your instruction. Once again Thank You!

Dan

#8 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 26 February 2006 - 04:19 PM

Hello again :thumbsup:

Looking good, lets run one more tool to make sure everything is gone.

Step 1:
Download the eScan Antivirus Toolkit Here. Save it to the Desktop, it is roughly 10MB in size.
Before running the program we need to update the signature files first in Step 2.

Step 2:
Updating the eScan Antivirus Toolkit with the latest files:

1.) Double-click on the mwav.exe file saved to the Desktop; it will extract the program files to a new folder called Kaspersky at the root of the C:\drive. (C:\Kaspersky.)

2.) Double-click on My Computer, double-click on the Hard Drive (usually the C:\drive), find and double-click on the Kaspersky folder; inside the Kaspersky folder, find and double-click on the kavupd.exe file. Double-clicking on the kavupd.exe file opens the Windows command prompt (DOS screen) and updates the program with all the latest signature files.

3.) After the update is complete, the bottom of the command prompt will read "Press any key to continue", press any key to close the screen.

Please do not run a scan with the eScan Antivirus Toolkit utility yet.

Step 3:
Please reboot into Safe Mode. Detailed instructions on how to boot into Safe Mode Here.

Step 4:
From Safe Mode, run the eScan Antivirus Toolkit. Please follow these instructions:

1.) To run the eScan Antivirus Toolkit program, look for a file called mwavscan.com inside the C:\Kaspersky folder.

2.) Double-click on the mwavscan.com file; this will open the eScan program.

3.) With the eScan interface on your Desktop, make sure that these boxes under Scan Option are checked : Memory, Registry, Startup Folders, System Folders, Services.

4.) Check the Drive box, this will give you access to the other Drive box (radio button) below it, check this second Drive box as well, now a large window across from the second Drive box appears. In this window use the drop-down arrow and choose the drive letter of your hard drive, usually C:\.

5.) Below these boxes, make sure the box Scan All Files is checked, not Program Files.

6.) Click the Scan Clean button and let the utility run until it completes a thorough scan of your hard drive. When the scan has finished it will read Scan Completed. Do not Exit the tool just yet.

7.) Open a new NotePad file (click on "Start" >> "All Programs" >>"Accessories" >> "NotePad"), then Copy/Paste the content of the Virus Log Information window into that file, and save it. eScan also creates a full log inside the C:\Kaspersky folder (named mwav.log), but it is huge and cannot be posted on a forum. Please post the content of the log you have saved (into NotePad) in your next reply, once all steps are completed.

Reboot your computer into normal Windows, and show me a nee hijack log please. :flowers:
Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image

#9 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 27 February 2006 - 08:07 AM

Hi John,
Well the Copy/Paste doesn't work inside of eScan so it took me a bit to extract it all from the "mwav.log"
file and paste it to another notepad file. So here is what you asked for....

Mon Feb 27 01:58:51 2006 => File C:\WINDOWS\System32\f3PSSavr.scr tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:06:10 2006 => File C:\Documents and Settings\Danno\Incomplete\T-100732-_working_ sony mini disc download.ace infected by "Trojan-Downloader.Win32.IstBar.nj" Virus. Action Taken: File Deleted.
Mon Feb 27 02:25:50 2006 => File C:\Program Files\HijackThis\backups\backup-20051006-165323-389.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch.l. No Action Taken.
Mon Feb 27 02:25:50 2006 => File C:\Program Files\HijackThis\backups\backup-20051006-165405-222.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch.p. No Action Taken.
Mon Feb 27 02:25:50 2006 => File C:\Program Files\HijackThis\backups\backup-20051024-030447-138.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch.p. No Action Taken.
Mon Feb 27 02:25:51 2006 => File C:\Program Files\HijackThis\backups\backup-20060214-001319-712.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch.ai. No Action Taken.
Mon Feb 27 02:32:17 2006 => File C:\Program Files\MSN Messenger\riched20.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:17 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:17 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.af. No Action Taken.
Mon Feb 27 02:32:17 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.f. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.ad. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.p. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.ab. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3DTACTL.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.al. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3HISTSW.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3HTMLMU.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3HTTPCT.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.af. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3POPSWT.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.af. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3PSSAVR.SCR tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3RESTUB.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3SCHMON.EXE tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:18 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3SCRCTR.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.al. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\F3WPHOOK.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\M3HTML.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.f. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\M3IDLE.DLL tagged as not-a-virus:AdWare.Win32.IWon.a. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\M3OUTLCN.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\M3PLUGIN.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.t. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\M3SKIN.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.ad. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\MWSOEMON.EXE tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\MWSOESTB.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Mon Feb 27 02:32:19 2006 => File C:\Program Files\MyWebSearch\bar\4.bin\NPMYWEBS.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.i. No Action Taken.
Mon Feb 27 02:32:21 2006 => File C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.l. No Action Taken.
Mon Feb 27 02:32:21 2006 => File C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL tagged as not-a-virus:AdWare.Win32.MyWebSearch.ai. No Action Taken.
Mon Feb 27 02:32:33 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\00554958.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\00BB3F60.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\011158A7.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\01891F18.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\021F3937.exe tagged as not-a-virus:AdWare.Win32.WebSearch.an. No Action Taken.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\02236333.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.a. No Action Taken.
Mon Feb 27 02:32:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\02B30419.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\02CE4353.exe tagged as not-a-virus:AdWare.Win32.WebSearch.aj. No Action Taken.
Mon Feb 27 02:32:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\02D16D4F.exe tagged as not-a-virus:AdWare.Win32.WebSearch.aj. No Action Taken.
Mon Feb 27 02:32:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\040612A3.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\04F07CF6.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\05FD758D.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\06001769.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\06106957.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\063B0B28.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\07816314.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\07C461AB.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\07FE6632.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\083A1C5F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\08645C3A.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0974177C.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:32:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0A0F25FF.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0A791FED.exe infected by "Trojan.Win32.Kolweb.e" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0A791FED.sys infected by "Trojan.Win32.Kolweb.e" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0AAB0D0B.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0AD858D9.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B355351.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B4461D0.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B6F6434.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B7F0F4F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B895384.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0B8C7D81.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0BE50557.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0C4B7B5E.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0CC02333.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:32:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0D1D4789.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0D282A06.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0D3551F8.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0D465F12.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0DE20339.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0E3746DC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0F2A2AF7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\0F2C13CE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\10017E0A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\10CF33EE.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:32:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\10F528D3.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\112526C7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11AD7A33.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11C74A16.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11D70911.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11DA330D.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11DE5D0A.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11E10706.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11E43102.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11E75AFF.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11EB04FB.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11EE2EF8.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11EE41EB.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11F158F4.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11F502F0.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11F82CED.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11FB56E9.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11FB69DD.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11FE00E6.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\11FF13D9.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12022AE2.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\120554DE.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12087EDB.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\120B28D7.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\120F52D4.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12127CD0.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:49 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\121526CC.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:49 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\121850C9.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:49 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\121C7AC5.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:49 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\121F24C2.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:49 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\122678BA.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\122922B7.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\122C4CB3.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\122F487E.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\122F76B0.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1232727B.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1264296A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:50 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12707881.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12797E2E.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\12914A3B.exe tagged as not-a-virus:AdWare.Win32.Searcher.l. No Action Taken.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\129B732D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13646256.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1371751D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:51 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13B910CE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:52 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13C638C0.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:52 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13CC2224.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:52 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13DB05CC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:52 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13E65C9C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:52 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\13F41839.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\14180989.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\14427437.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\14FF7767.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\15647635.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\157134E9.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:53 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\15862E37.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\16041647.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\16E76D4A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\16EC3B48.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\17764155.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\17DC375D.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\18072735.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:54 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\181F57A6.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\188341F0.exe infected by "Trojan-Downloader.Win32.VB.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1968291E.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\19B83B4A.dll infected by "Trojan.Win32.StartPage.vr" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1AA705BC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1ACA2161.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:32:55 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1C960D0D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1CC77071.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1DB247D2.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1DF27F8D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1ECC64E7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1F5677BA.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:56 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1F855437.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1FD24C36.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1FE3237A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\1FEB4A3F.tmp infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\21C2411F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\21F44049.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:57 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\220F6907.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\227E3D7D.tmp infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\22C07B68.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\23067D54.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\236C735C.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\23D85F10.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\240D1CDD.exe infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\24795444.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:58 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\25F95E03.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:59 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\26301BEA.dll infected by "Trojan.Win32.Kolweb.d" Virus. Action Taken: File Deleted.
Mon Feb 27 02:32:59 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\263E3E8F.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\272832E8.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\27431A9C.exe infected by "Trojan.Win32.Agent.ff" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\274A6E95.tmp infected by "Trojan.Win32.Agent.ff" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\278B11F4.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\27EF411F.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:00 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\28523771.so infected by "Trojan.Win32.Agent.ff" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\28572C70.exe infected by "Trojan.Win32.Agent.ay" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\28820D12.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\29A62612.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\29AB0F37.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2A0A3B63.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2A193477.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:01 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2B151036.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2B514663.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2B8B15BB.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2C6368CE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2CB65B4E.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2CFA4D03.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:02 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2D0D7013.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:03 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2D1D00DC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:03 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2D8C5587.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:03 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2DFE0E1E.exe tagged as not-a-virus:AdWare.Win32.BetterInternet. No Action Taken.
Mon Feb 27 02:33:03 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E01381A.exe tagged as not-a-virus:AdWare.Win32.BetterInternet. No Action Taken.
Mon Feb 27 02:33:03 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E046217.exe tagged as not-a-virus:AdWare.Win32.ImiBar.d. No Action Taken.
Mon Feb 27 02:33:04 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E080C13.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:04 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E0B3610.exe infected by "Trojan-Downloader.Win32.Stubby.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:04 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E0E600C.dll infected by "Trojan-Proxy.Win32.Sobit.d" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:05 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E0E600C.exe infected by "Trojan-Downloader.Win32.Intexp.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:05 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E110A08.exe infected by "Trojan-Downloader.Win32.Intexp.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:05 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E4804E4.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:05 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E844C76.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E8C40AC.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2E963953.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2EFC2F5A.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\2FFE0F66.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\30A74ADC infected by "Exploit.VBS.Phel.a" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:06 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\30A74ADC.zip infected by "Trojan.Java.ClassLoader.u" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\30E92361.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3149671B.dll infected by "Trojan.Win32.Dialer.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\32171C7B.exe infected by "Trojan-Downloader.Win32.Adload.a" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\32775A32.exe tagged as not-a-virus:AdWare.Win32.WebSearch.an. No Action Taken.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\32E91E2F.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:07 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\335F766B.exe infected by "Trojan-Downloader.Win32.Small.akz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:08 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\33857129.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:08 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3420136C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:08 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\343154B1.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:08 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\356856E0.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:08 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\35772AD0.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.a. No Action Taken.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\358766BE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\358E5C6E.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\360019F1.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\36002F5C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\36A54C34.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\389D0C04.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\39376E77.exe infected by "Trojan-Downloader.Win32.Apropo.ab" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:09 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3A1C7CAB.dll tagged as not-a-virus:AdWare.Win32.HotSearchBar.e. No Action Taken.
Mon Feb 27 02:33:10 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3A1C7CAB.exe tagged as not-a-virus:AdWare.Win32.WebSearch.an. No Action Taken.
Mon Feb 27 02:33:10 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3A277551.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:10 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3A8D6B59.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:10 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3AF36160.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:10 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3B2C3E40.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3C8828DC.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3C9F38A7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3DA37EAE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3DD52B9A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3E094AC5.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:11 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3E401524.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:12 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3E742B9C.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:12 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3E8E27B0.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:12 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\3F110069.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:12 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\418B2E62.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\42360833.exe infected by "Trojan-Downloader.Win32.Agent.ti" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\42716B7B.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\42726CBD.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\438C15E4.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\438F3FE1.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\43B60FFF.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\43CF0AC7.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:13 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\44B041EE.dll infected by "Trojan-Downloader.Win32.Agent.ex" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\44B041EE.exe infected by "Trojan-Downloader.Win32.QDown.z" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\45AD38AA.exe infected by "Virus.Win32.Porad.a" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\45B73150.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\45BD23C4.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\45CA4BB5.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:14 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\45F21C65.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\461D2758.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\464B1EFC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\466A7CBC.dll infected by "Trojan-Clicker.Win32.Agent.dj" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\46831D5F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\46A255EB.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:15 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\475B359D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:16 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\48D441B5.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:16 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\48F46E38.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:16 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\49FF1CB6.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:16 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4A011589.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:16 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4A99206B.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4AB71C41.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4CC24651.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4D5B63F1.exe infected by "Trojan-Downloader.Win32.VB.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4D891948.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4E2C3A39.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4E59584A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:17 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4E7A2B40.exe infected by "Trojan-Downloader.Win32.Delf.go" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:19 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4E7A2B40.sys infected by "Trojan.Win32.Kolweb.e" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:19 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4E7F0CB0.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:19 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4F72423F.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:19 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4F7249A5.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:19 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4F7839A9.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:20 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\4F896F8C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:21 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\50417DED.exe infected by "Trojan.Win32.Kolweb.e" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:21 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\51AD6356.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:21 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5213595E.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\52CE3741.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\530E3D11.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\53C80B52.exe infected by "Trojan-Downloader.Win32.VB.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\543D72D1.dll tagged as not-a-virus:AdWare.Win32.Sahat.w. No Action Taken.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\546F69FF.dll tagged as not-a-virus:AdWare.Win32.BookedSpace.e. No Action Taken.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\546F69FF.exe tagged as not-a-virus:AdWare.Win32.WebSearch.an. No Action Taken.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\547213FB.exe tagged as not-a-virus:AdWare.Win32.BookedSpace.e. No Action Taken.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\54C00241.dll tagged as not-a-virus:AdWare.Win32.Sahat.w. No Action Taken.
Mon Feb 27 02:33:22 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\56612928.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\568D4D43.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5692143B.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\569F4E9C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\56EA1449.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57455554.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5746242C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57592025.exe infected by "Trojan-Downloader.Win32.Agent.hw" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57876BE5.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:23 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57901B02.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57AE0D29.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\57F67F6A.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\583E7EB9.tmp infected by "Trojan-Downloader.Win32.Small.cdo" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59973224.tmp infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\599B5C21.tmp infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:24 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59A1301A.exe infected by "Trojan.Win32.Agent.em" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:25 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59AE580B.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:25 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59B10208.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:25 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59B52C04.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:26 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59B85601.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:26 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59BB7FFD.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:26 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59BC7638.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:26 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59BE29F9.dll tagged as not-a-virus:AdWare.Win32.WinAD.be. No Action Taken.
Mon Feb 27 02:33:26 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59BE29F9.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:27 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59C253F6.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:27 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59C57DF2.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:27 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59C827EF.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:27 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59CC51EB.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59CF7BE7.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59D225E4.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\59D54FE0.tmp infected by "Trojan-Downloader.Win32.Pacer.c" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5A8B18DC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:&#

#10 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 27 February 2006 - 08:13 AM

heres the rest

Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5A8B18DC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:28 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5D3E1F55.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5DA4155C.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5DB36637.exe infected by "Trojan.Win32.Agent.bi" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5E141482.exe tagged as not-a-virus:AdWare.Win32.WebSearch.an. No Action Taken.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5FEF2A14.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\5FF756E7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\60820B72.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\61156CD1.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:29 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6187484C.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:30 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\61A477A9.exe infected by "Trojan-Downloader.Win32.Delf.zw" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:30 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\63080562.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:30 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\64D33833.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:30 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\64F51C03.exe infected by "Trojan-Downloader.Win32.Delf.zw" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\65194EAD.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\654D3237.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\66CD15F1.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\66D64514.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\68970A81.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:31 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\68B47654.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\68C462AD.exe tagged as not-a-virus:AdWare.Win32.DealHelper.ab. No Action Taken.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\68CE5B53.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6934515B.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6AD66BCC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6AF05315.exe infected by "Trojan.Win32.Kolweb.d" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B0A22F8.dll infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:32 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B0A22F8.exe infected by "Trojan-Downloader.Win32.Delf.go" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:33 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B0D4CF4.dll tagged as not-a-virus:AdWare.Win32.QLF.b. No Action Taken.
Mon Feb 27 02:33:33 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B0D4CF4.exe infected by "Trojan.Win32.Kolweb.b" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:34 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B0D4CF4.sys infected by "Trojan.Win32.Kolweb.e" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B1076F1.exe infected by "Trojan-Dropper.Win32.Small.qn" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:35 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B1420ED.dll infected by "Trojan.Win32.Kolweb.d" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B1420ED.exe infected by "Trojan-Dropper.Win32.Agent.rs" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6B67684E.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6C8646F8.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6CD652BD.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6FD4484F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\6FE27B60.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:36 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\70254E56.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\709538FA.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\70DD6E35.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\710A25BB.exe tagged as not-a-virus:AdWare.Win32.HotSearchBar.e. No Action Taken.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\710D4FB7.dll tagged as not-a-virus:AdWare.Win32.WebSearch.aj. No Action Taken.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\710D4FB7.exe tagged as not-a-virus:AdWare.Win32.BookedSpace.e. No Action Taken.
Mon Feb 27 02:33:37 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\711079B4.exe tagged as not-a-virus:AdWare.Win32.Wintol.ab. No Action Taken.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\711423B0.dll tagged as not-a-virus:AdWare.Win32.EliteBar.z. No Action Taken.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\711423B0.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\71174DAD.dll tagged as not-a-virus:AdWare.Win32.EliteBar.af. No Action Taken.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\71174DAD.exe infected by "Trojan-Downloader.Win32.Small.abd" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\711A77A9.exe infected by "Trojan-Downloader.Win32.Small.abd" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\711D21A6.exe infected by "Virus.Win32.Porad.a" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:38 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\71214BA2.exe tagged as not-a-virus:AdWare.Win32.DealHelper.ac. No Action Taken.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7143643D.exe infected by "Trojan-Downloader.Win32.Small.baz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\71DA5D60.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\72F90D1A.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\73996833.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\73FB5286.cla infected by "Trojan.Java.Femad" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:39 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\746B4F76.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\74C50D5A.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\752B0361.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\753B3D81.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\76256714.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\76B372BE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\76C53A97.exe tagged as not-a-virus:AdWare.Win32.BetterInternet.a. No Action Taken.
Mon Feb 27 02:33:40 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7784293A.exe infected by "Trojan-Dropper.Win32.Agent.hl" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\77BD5196.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\77C16517.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\780B38F7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:41 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\786B3DFE.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\789555CD.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\78A2361F.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\78B603AC.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:42 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\78E44577.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\78FD4DBA.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\790E714B.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\798024CB.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\79C13BA6.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7A042C83.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7A1E7C66.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7B0509B1.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:43 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7B174C2F.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7B262D8D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7B596E84.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7B654D93.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7C3249D7.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7C6D2A34.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7D217467.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:44 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7D355813.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7D573AF1.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7EDD2392.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:45 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7EF41398.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7EFA790D.dll infected by "Trojan.Win32.StartPage.uz" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7F49572A.exe infected by "Trojan-Downloader.Win32.Pacer.h" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7FB63C54.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:46 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7F7948E3.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:47 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7FDD7932.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7FE55AAA.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.j. No Action Taken.
Mon Feb 27 02:33:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7FEF5351.exe infected by "Trojan-Downloader.Win32.Agent.jq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:33:48 2006 => File C:\Program Files\Norton AntiVirus\Quarantine\7FF36390.exe infected by "Trojan-Downloader.Win32.Agent.bq" Virus. Action Taken: File Deleted.
Mon Feb 27 02:36:09 2006 => File C:\Program Files\Uninstall My Web Search.dll tagged as not-a-virus:AdWare.Win32.MyWebSearch.p. No Action Taken.
Mon Feb 27 02:55:13 2006 => File C:\WINDOWS\system32\f3PSSavr.scr tagged as not-a-virus:AdWare.Win32.MyWebSearch. No Action Taken.
Logfile of HijackThis v1.99.1
Scan saved at 5:04:46 AM, on 2/27/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bakersfield.cox.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) - http://pictures05.aim.com/ygp/aol/plugin/u...AIM.9.5.1.8.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

#11 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 28 February 2006 - 09:23 PM

Hello again :thumbsup:

Wow!!! now i know why that tools is so good.

There are some things in there that i thought were all gone.

Let's run one more tool shall we?

Please download WebRoot SpySweeper from here (It's a 2 week trial): http://www.webroot.com/consumer/products/s...ode=af1&rc=3597
  • Click on "Download the trial"
  • Install it. Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Options on the left side.
  • Click the Sweep Options tab.
  • Under What to Sweep please put a check next to the following:
    • Sweep Memory
    • Sweep Registry
    • Sweep Cookies
    • Sweep All User Accounts
    • Enable Direct Disk Sweeping
    • Sweep Contents of Compressed Files
    • Sweep for Rootkits
    • Please UNCHECK Do not Sweep System Restore Folder.
  • Click Sweep Now on the left side.
  • Click the Start button.
  • When it's done scanning, click the Next button.
  • Make sure everything has a check next to it, then click the Next button.
  • It will remove all of the items found.
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.

Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image

#12 ibdan61

ibdan61
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:21 PM

Posted 03 March 2006 - 06:23 AM

2:19 AM: | Start of Session, Friday, March 03, 2006 |
2:19 AM: Spy Sweeper started
2:19 AM: Sweep initiated using definitions version 625
2:19 AM: Starting Memory Sweep
2:22 AM: Memory Sweep Complete, Elapsed Time: 00:03:04
2:22 AM: Starting Registry Sweep
2:22 AM: Found Adware: addestroyer
2:22 AM: HKCR\clsid\{d52433a9-a44c-43ab-a013-24b3c756dd2b}\ (13 subtraces) (ID = 102729)
2:22 AM: HKCR\interface\{6cdc3337-01f7-4a79-a4af-0b19303cc0be}\ (8 subtraces) (ID = 102732)
2:22 AM: HKCR\interface\{b288f21c-a144-4ca2-9b70-8afa1fae4b06}\ (8 subtraces) (ID = 102734)
2:22 AM: HKLM\software\classes\clsid\{d52433a9-a44c-43ab-a013-24b3c756dd2b}\ (13 subtraces) (ID = 102738)
2:22 AM: HKLM\software\classes\interface\{6cdc3337-01f7-4a79-a4af-0b19303cc0be}\ (8 subtraces) (ID = 102741)
2:22 AM: HKLM\software\classes\interface\{b288f21c-a144-4ca2-9b70-8afa1fae4b06}\ (8 subtraces) (ID = 102743)
2:22 AM: HKLM\software\classes\typelib\{e0d3b292-a0b0-4640-975c-2f882e039f52}\ (9 subtraces) (ID = 102747)
2:22 AM: HKCR\typelib\{e0d3b292-a0b0-4640-975c-2f882e039f52}\ (9 subtraces) (ID = 102751)
2:22 AM: Found Adware: apropos
2:22 AM: HKCR\clsid\{bc333116-6ea1-40a1-9d07-ecb192db8cea}\ (4 subtraces) (ID = 103729)
2:22 AM: HKLM\software\classes\clsid\{bc333116-6ea1-40a1-9d07-ecb192db8cea}\ (4 subtraces) (ID = 103767)
2:22 AM: HKLM\software\classes\interface\{bc333116-6ea1-40a1-9d07-ecb192db8cea}\ (5 subtraces) (ID = 103774)
2:22 AM: Found Adware: bookedspace
2:22 AM: HKLM\software\configuration manager\cfgmgr52\ (119 subtraces) (ID = 104873)
2:22 AM: Found Adware: coolwebsearch (cws)
2:22 AM: HKCR\clsid\{72071605-48f5-cc68-b374-2cddf451f27f}\ (2 subtraces) (ID = 107873)
2:22 AM: HKLM\software\classes\clsid\{72071605-48f5-cc68-b374-2cddf451f27f}\ (2 subtraces) (ID = 109257)
2:22 AM: Found Adware: cws_ns3
2:22 AM: HKCR\clsid\{0add4d53-b7dd-20f8-2ac9-ab9cb538a46f}\ (5 subtraces) (ID = 117597)
2:22 AM: HKCR\clsid\{dd25aef3-3dc7-625d-f3c6-de10b7c6bf82}\ (2 subtraces) (ID = 119174)
2:22 AM: HKLM\software\classes\clsid\{0add4d53-b7dd-20f8-2ac9-ab9cb538a46f}\ (5 subtraces) (ID = 119478)
2:22 AM: HKLM\software\classes\clsid\{dd25aef3-3dc7-625d-f3c6-de10b7c6bf82}\ (2 subtraces) (ID = 121010)
2:22 AM: Found Adware: cws_tiny0
2:22 AM: HKCR\clsid\{3061ef1c-f3c8-2dab-24e0-c96288eb621d}\ (2 subtraces) (ID = 123931)
2:22 AM: Found System Monitor: digi-watcher
2:22 AM: HKCR\.dgw\ (1 subtraces) (ID = 125191)
2:22 AM: HKCR\applications\watcher.exe\ (4 subtraces) (ID = 125192)
2:22 AM: HKCR\clsid\{a4545e47-89ca-11d6-af8d-000347889858}\ (20 subtraces) (ID = 125193)
2:22 AM: HKCR\clsid\{e2cfc218-a5ad-11d6-8e1a-000086427baf}\ (3 subtraces) (ID = 125194)
2:22 AM: HKCR\dgw_auto_file\ (4 subtraces) (ID = 125195)
2:22 AM: HKCR\dwbutton.dwbuttonctrl.1\ (5 subtraces) (ID = 125196)
2:22 AM: HKLM\software\classes\.dgw\ (1 subtraces) (ID = 125197)
2:22 AM: HKLM\software\classes\applications\watcher.exe\ (4 subtraces) (ID = 125199)
2:22 AM: HKLM\software\classes\clsid\{a4545e47-89ca-11d6-af8d-000347889858}\ (20 subtraces) (ID = 125200)
2:22 AM: HKLM\software\classes\dgw_auto_file\ (4 subtraces) (ID = 125201)
2:22 AM: HKLM\software\classes\dwbutton.dwbuttonctrl.1\ (5 subtraces) (ID = 125202)
2:22 AM: HKLM\software\microsoft\windows\currentversion\uninstall\watcher 2.22\ (5 subtraces) (ID = 125203)
2:22 AM: Found Adware: hotbar
2:22 AM: HKCR\clsid\{8c875948-9c60-4381-9248-0df180542d53}\ (11 subtraces) (ID = 127241)
2:22 AM: HKLM\software\classes\clsid\{8c875948-9c60-4381-9248-0df180542d53}\ (11 subtraces) (ID = 127404)
2:22 AM: HKLM\software\classes\typelib\{4cf5a3c1-07a2-4336-9b54-6870452ebde1}\ (9 subtraces) (ID = 127537)
2:22 AM: HKCR\typelib\{4cf5a3c1-07a2-4336-9b54-6870452ebde1}\ (9 subtraces) (ID = 127635)
2:22 AM: Found Adware: surfsidekick
2:22 AM: HKLM\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143400)
2:22 AM: Found Adware: tibs dialer
2:22 AM: HKCR\interface\{491be5b7-a7f8-40ec-aad4-cba11fdfd814}\ (8 subtraces) (ID = 143692)
2:22 AM: HKLM\software\classes\interface\{491be5b7-a7f8-40ec-aad4-cba11fdfd814}\ (8 subtraces) (ID = 143718)
2:22 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\tl7000.dll (ID = 143748)
2:22 AM: HKCR\typelib\{29358aa6-679d-44ea-8a51-59a3c6e6f811}\ (9 subtraces) (ID = 143756)
2:22 AM: Found Trojan Horse: topconverting downloader
2:22 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/website.ocx\ (2 subtraces) (ID = 143817)
2:22 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\website.ocx (ID = 143831)
2:22 AM: Found Adware: directrevenue-abetterinternet
2:22 AM: HKLM\software\classes\typelib\{8ea362bd-39cb-40f5-9226-73cd40999095}\ (9 subtraces) (ID = 145901)
2:22 AM: HKCR\typelib\{8ea362bd-39cb-40f5-9226-73cd40999095}\ (9 subtraces) (ID = 146146)
2:22 AM: Found Adware: websearch toolbar
2:22 AM: HKCR\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\ (17 subtraces) (ID = 146339)
2:22 AM: HKCR\clsid\{fb45c451-b0e9-4407-bb6a-9361013f3e9a}\ (10 subtraces) (ID = 146347)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\ (17 subtraces) (ID = 146402)
2:22 AM: HKLM\software\classes\clsid\{fb45c451-b0e9-4407-bb6a-9361013f3e9a}\ (10 subtraces) (ID = 146410)
2:22 AM: HKLM\system\currentcontrolset\enum\root\legacy_wintoolssvc\ (7 subtraces) (ID = 146518)
2:22 AM: Found Adware: ist software
2:22 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/ysbactivex.dll\ (2 subtraces) (ID = 147854)
2:22 AM: Found Adware: ist yoursitebar
2:22 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\ysbactivex.dll (ID = 147857)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\ (17 subtraces) (ID = 155047)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\localserver32\ (2 subtraces) (ID = 155049)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\implemented categories\ (5 subtraces) (ID = 155058)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\implemented categories\{7dd95801-9882-11cf-9fa9-00aa006c42c4}\ (1 subtraces) (ID = 155060)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\implemented categories\{7dd95802-9882-11cf-9fa9-00aa006c42c4}\ (1 subtraces) (ID = 155062)
2:22 AM: Found Adware: personal money tree
2:22 AM: HKCR\clsid\{d1a3a43b-05a1-40cd-834c-053e6c03b258}\ (8 subtraces) (ID = 359438)
2:22 AM: HKCR\comparishopper.application\ (3 subtraces) (ID = 359439)
2:22 AM: HKLM\software\classes\clsid\{d1a3a43b-05a1-40cd-834c-053e6c03b258}\ (8 subtraces) (ID = 359441)
2:22 AM: HKLM\software\classes\comparishopper.application\ (3 subtraces) (ID = 359442)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\localserver32\ || threadingmodel (ID = 393216)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\progid\ (1 subtraces) (ID = 393217)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\typelib\ (1 subtraces) (ID = 393219)
2:22 AM: HKLM\software\classes\clsid\{af8b3c81-cd19-45fb-b6be-160d27711de8}\version\ (1 subtraces) (ID = 393221)
2:22 AM: Found Adware: dealhelper
2:22 AM: HKLM\software\ddate\ (1 subtraces) (ID = 636618)
2:22 AM: Found Adware: winad
2:22 AM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediagatewayx.dll\ (2 subtraces) (ID = 763026)
2:22 AM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\mediagatewayx.dll (ID = 763028)
2:22 AM: Found Adware: clearsearch
2:22 AM: HKLM\software\prositefinder\ (18 subtraces) (ID = 773839)
2:22 AM: HKCR\interface\{38370864-346f-4afa-8c4b-4fbff518c0bb}\ (8 subtraces) (ID = 774268)
2:22 AM: HKLM\software\classes\interface\{38370864-346f-4afa-8c4b-4fbff518c0bb}\ (8 subtraces) (ID = 774544)
2:22 AM: HKCR\sbinstie.sbinstobj\ (5 subtraces) (ID = 968262)
2:22 AM: HKCR\sbinstie.sbinstobj.1\ (3 subtraces) (ID = 968268)
2:22 AM: HKLM\software\classes\sbinstie.sbinstobj\ (5 subtraces) (ID = 968817)
2:22 AM: HKLM\software\classes\sbinstie.sbinstobj.1\ (3 subtraces) (ID = 968823)
2:22 AM: HKU\S-1-5-21-1060284298-1935655697-682003330-1003\software\classes\applications\watcher.exe\ (4 subtraces) (ID = 125198)
2:22 AM: Found Trojan Horse: trojan-downloader-pacisoft
2:22 AM: HKU\S-1-5-21-1060284298-1935655697-682003330-1003\software\ps1\ (11 subtraces) (ID = 136529)
2:22 AM: Found Trojan Horse: trojan-downloader-moneymind
2:22 AM: HKU\S-1-5-21-1060284298-1935655697-682003330-1003\software\xjado\ (1 subtraces) (ID = 144725)
2:22 AM: Registry Sweep Complete, Elapsed Time:00:00:20
2:22 AM: Starting Cookie Sweep
2:22 AM: Found Spy Cookie: 888 cookie
2:22 AM: danno@888[1].txt (ID = 2019)
2:22 AM: danno@888[2].txt (ID = 2019)
2:22 AM: Found Spy Cookie: tribalfusion cookie
2:22 AM: danno@a.tribalfusion[1].txt (ID = 3590)
2:22 AM: Found Spy Cookie: yieldmanager cookie
2:22 AM: danno@ad.yieldmanager[2].txt (ID = 3751)
2:22 AM: Found Spy Cookie: adknowledge cookie
2:22 AM: danno@adknowledge[2].txt (ID = 2072)
2:22 AM: Found Spy Cookie: specificclick.com cookie
2:22 AM: danno@adopt.specificclick[2].txt (ID = 3400)
2:22 AM: Found Spy Cookie: belnk cookie
2:22 AM: danno@ath.belnk[2].txt (ID = 2293)
2:22 AM: Found Spy Cookie: atwola cookie
2:22 AM: danno@atwola[1].txt (ID = 2255)
2:22 AM: Found Spy Cookie: azjmp cookie
2:22 AM: danno@azjmp[1].txt (ID = 2270)
2:22 AM: danno@belnk[2].txt (ID = 2292)
2:22 AM: Found Spy Cookie: cassava cookie
2:22 AM: danno@cassava[1].txt (ID = 2362)
2:22 AM: Found Spy Cookie: enhance cookie
2:22 AM: danno@cl.enhance[1].txt (ID = 2614)
2:22 AM: Found Spy Cookie: 2o7.net cookie
2:22 AM: danno@coxhsi.112.2o7[1].txt (ID = 1958)
2:22 AM: Found Spy Cookie: overture cookie
2:22 AM: danno@data4.perf.overture[2].txt (ID = 3106)
2:22 AM: danno@dist.belnk[1].txt (ID = 2293)
2:22 AM: Found Spy Cookie: go.com cookie
2:22 AM: danno@go[2].txt (ID = 2728)
2:22 AM: Found Spy Cookie: hypertracker.com cookie
2:22 AM: danno@hypertracker[2].txt (ID = 2817)
2:22 AM: Found Spy Cookie: mygeek cookie
2:22 AM: danno@mygeek[1].txt (ID = 3041)
2:22 AM: Found Spy Cookie: nextag cookie
2:22 AM: danno@nextag[2].txt (ID = 5014)
2:22 AM: danno@partygaming.122.2o7[1].txt (ID = 1958)
2:22 AM: Found Spy Cookie: partypoker cookie
2:22 AM: danno@partypoker[2].txt (ID = 3111)
2:22 AM: Found Spy Cookie: paypopup cookie
2:22 AM: danno@paypopup[2].txt (ID = 3119)
2:22 AM: Found Spy Cookie: sirsearch cookie
2:22 AM: danno@sirsearch[1].txt (ID = 3379)
2:22 AM: Found Spy Cookie: web-stat cookie
2:22 AM: danno@web-stat[2].txt (ID = 3648)
2:22 AM: danno@www.888[1].txt (ID = 2020)
2:22 AM: Cookie Sweep Complete, Elapsed Time: 00:00:01
2:22 AM: Starting File Sweep
2:22 AM: Warning: Failed to open file "c:\recycler\s-1-5-21-1060284298-1935655697-682003330-1003\dc1.log". Access is denied
2:22 AM: c:\program files\prositefinder (4 subtraces) (ID = -2147477222)
2:22 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\escanlog.txt". Access is denied
2:22 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\scan report_20060225.txt.txt". Access is denied
2:22 AM: c:\program files\digi-watcher.com (295 subtraces) (ID = -2147481084)
2:22 AM: Found Trojan Horse: 2nd-thought
2:22 AM: c:\windows\system32\newmsrdk (ID = -2147481534)
2:22 AM: Found Adware: virtualbouncer
2:22 AM: c:\documents and settings\all users\application data\vbouncer (5 subtraces) (ID = -2147480097)
2:22 AM: c:\documents and settings\all users\application data\addestroyer (1 subtraces) (ID = -2147481464)
2:23 AM: 66708108.txt (ID = 116398)
2:23 AM: ccjdkeu3.xml (ID = 57652)
2:23 AM: vb.ini:qcemsn (ID = 204)
2:24 AM: Found Adware: quicklink search toolbar
2:24 AM: preuninstallql.exe (ID = 131326)
2:24 AM: scheduler.exe (ID = 59056)
2:24 AM: keyhook.dll (ID = 59052)
2:24 AM: watcherntservice.exe (ID = 59062)
2:25 AM: getserver.ini:omyhij (ID = 204)
2:25 AM: swsettings.xml (ID = 82816)
2:26 AM: setupact.log:whgjzd (ID = 204)
2:26 AM: explorer.scf:tntudt (ID = 204)
2:26 AM: dwbutton.ocx (ID = 59049)
2:27 AM: dgw2avi.exe (ID = 59047)
2:28 AM: wiaservc.log:xjzzwx (ID = 204)
2:28 AM: popcinfo.dat:bywwsf (ID = 204)
2:29 AM: river sumida.bmp:ywoanj (ID = 204)
2:29 AM: tmvainfo.xml:mzhxtp (ID = 204)
2:33 AM: watcherservice.exe (ID = 59064)
2:33 AM: preuninstallpmt.exe (ID = 74822)
2:33 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\msn messenger 7.0.lnk". Access is denied
2:34 AM: ntdtcsetup.log:nlazik (ID = 204)
2:35 AM: ccjdkek2.xml (ID = 57648)
2:35 AM: ccjdkek.xml (ID = 57646)
2:35 AM: netfxocm.log:ovnjzw (ID = 204)
2:35 AM: netfxocm.log:ulhmfz (ID = 204)
2:35 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\get your downloaded software.lnk". Access is denied
2:35 AM: ccjdkek1.xml (ID = 57647)
2:36 AM: ccjdkeu2.xml (ID = 57651)
2:36 AM: _default.pif:afmtyb (ID = 204)
2:36 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\activescan.txt". Access is denied
2:36 AM: watcher.exe (ID = 59060)
2:36 AM: ccjdkeu.xml (ID = 57649)
2:36 AM: ccjdkeu1.xml (ID = 57650)
2:36 AM: sskknwrd.dll (ID = 77733)
2:37 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\partypoker.lnk". Access is denied
2:38 AM: winnt.bmp:fjyise (ID = 204)
2:38 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\atf-cleaner.exe". Access is denied
2:38 AM: wmsetup.log:zlhwrd (ID = 204)
2:39 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\mwav.exe". Access is denied
2:39 AM: Warning: Failed to open file "c:\documents and settings\danno\desktop\online dating & free dating personals for singles - youloveme.com.url". Access is denied
2:40 AM: sskcwrd.dll (ID = 77712)
2:40 AM: 23353442.bin (ID = 116395)
2:40 AM: 67599164.bin (ID = 52512)
2:40 AM: Found Adware: 180search assistant/zango
2:40 AM: backup-20050821-025834-431.inf (ID = 70515)
2:40 AM: readme.txt (ID = 59054)
2:40 AM: user.xml (ID = 82817)
2:40 AM: ccjdkedk.xml (ID = 57645)
2:50 AM: watcher.exe.lnk (ID = 59060)
2:50 AM: watcher scheduler.lnk (ID = 59056)
2:50 AM: watcher.lnk (ID = 59060)
2:50 AM: run as nt service.lnk (ID = 59062)
2:50 AM: dgw to avi converter.lnk (ID = 59047)
2:51 AM: watcher.lnk (ID = 59060)
2:51 AM: File Sweep Complete, Elapsed Time: 00:28:35
2:51 AM: Full Sweep has completed. Elapsed time 00:32:03
2:51 AM: Traces Found: 1030
3:18 AM: Removal process initiated
3:19 AM: Quarantining All Traces: 180search assistant/zango
3:19 AM: Quarantining All Traces: 2nd-thought
3:19 AM: Quarantining All Traces: clearsearch
3:19 AM: Quarantining All Traces: cws_ns3
3:19 AM: Quarantining All Traces: digi-watcher
3:20 AM: Quarantining All Traces: directrevenue-abetterinternet
3:20 AM: Quarantining All Traces: trojan-downloader-moneymind
3:20 AM: Quarantining All Traces: websearch toolbar
3:20 AM: Quarantining All Traces: apropos
3:20 AM: Quarantining All Traces: coolwebsearch (cws)
3:20 AM: Quarantining All Traces: cws_tiny0
3:20 AM: Quarantining All Traces: hotbar
3:20 AM: Quarantining All Traces: quicklink search toolbar
3:20 AM: Quarantining All Traces: surfsidekick
3:20 AM: Quarantining All Traces: tibs dialer
3:20 AM: Quarantining All Traces: topconverting downloader
3:20 AM: Quarantining All Traces: trojan-downloader-pacisoft
3:20 AM: Quarantining All Traces: winad
3:20 AM: Quarantining All Traces: addestroyer
3:20 AM: Quarantining All Traces: bookedspace
3:20 AM: Quarantining All Traces: dealhelper
3:20 AM: Quarantining All Traces: ist software
3:20 AM: Quarantining All Traces: ist yoursitebar
3:20 AM: Quarantining All Traces: personal money tree
3:20 AM: Quarantining All Traces: virtualbouncer
3:20 AM: Quarantining All Traces: 2o7.net cookie
3:20 AM: Quarantining All Traces: 888 cookie
3:20 AM: Quarantining All Traces: adknowledge cookie
3:20 AM: Quarantining All Traces: atwola cookie
3:20 AM: Quarantining All Traces: azjmp cookie
3:20 AM: Quarantining All Traces: belnk cookie
3:20 AM: Quarantining All Traces: cassava cookie
3:20 AM: Quarantining All Traces: enhance cookie
3:20 AM: Quarantining All Traces: go.com cookie
3:20 AM: Quarantining All Traces: hypertracker.com cookie
3:20 AM: Quarantining All Traces: mygeek cookie
3:20 AM: Quarantining All Traces: nextag cookie
3:20 AM: Quarantining All Traces: overture cookie
3:20 AM: Quarantining All Traces: partypoker cookie
3:20 AM: Quarantining All Traces: paypopup cookie
3:20 AM: Quarantining All Traces: sirsearch cookie
3:20 AM: Quarantining All Traces: specificclick.com cookie
3:20 AM: Quarantining All Traces: tribalfusion cookie
3:20 AM: Quarantining All Traces: web-stat cookie
3:20 AM: Quarantining All Traces: yieldmanager cookie
3:21 AM: Removal process completed. Elapsed time 00:02:54
********
2:17 AM: | Start of Session, Friday, March 03, 2006 |
2:17 AM: Spy Sweeper started
2:17 AM: Your spyware definitions have been updated.
2:19 AM: | End of Session, Friday, March 03, 2006 |

#13 John L

John L

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:10:21 PM

Posted 05 March 2006 - 03:55 PM

Hello again :thumbsup:

Please show me a new hijack log :flowers:
Please be patient

Please do not private message me, they will be ignored. If you have a question post it on the board.

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users