netskyp@mm;JS.Bofra.a;Bagle.H@mm;exploit.htlm.iframebof.sen

Reglas del Foro
Normas Basicas | Los Titulos, dicen mucho | No postear en paralelo | Continua en tu tema | Cierra tu tema, antes de abrir otro | No escribas en temas antiguos
Enlaces a web/mail/blog/Msn NO estan permitidos | Mensajes Privados | Informes de resultados | Antivirus Online
Responder
psinatra
Mensajes: 3
Registrado: 26 Abr 2005, 03:10

netskyp@mm;JS.Bofra.a;Bagle.H@mm;exploit.htlm.iframebof.sen

Mensaje por psinatra » 28 Abr 2005, 18:12

Todo emepzó cuando abrí un email de una de mis direcciones sin asunto y el archivo con mi contraseña. Me mosquee y lo abrí. Lo primero que hizo fue extropearme el norton, pienso que fue norton el que melo envió (paranoia¿?). Bueno, pues tengo muchos virus, no puedo descargar ni navegar por muchas páginas. Paso constantemente adware, bitdefender o panda en modo seguro a veces pa poder ir trabajando.

netskyp@mm

JS.Bofra.a

Bagle.H@mm

exploit.htlm.iframebof.sen

netsky.Q@mm

vbs.redlof.E

Me atrevo a mandaros una copia del log de bitdefender,(y otra de hijackthis) aunque arranca creando un error xcommmsvr.exe.

Si me ayudais estaré eternamente agradecido. Ahora tengo muchas cosas pendientes en el pc.psinatra@wanadoo.es



//-----------------------------------------------------------------

//

// BitDefender report file

//

// Created on: 28/04/2005 13:18:05

//

//-----------------------------------------------------------------





Statistics



Scan path : A:\

C:\

D:\

E:\

Folders : 1949

Files : 387985

Archives : 17197

Packed files : 41275

Identified viruses : 7

Infected files : 33

Warnings : 0

Suspect files : 31

Disinfected files : 0

Deleted files : 26

Copied files : 0

Moved files : 1

Renamed files : 0

I/O errors : 26

Scan time : 01:36:16

Scan speed (files/sec) : 67



Virus definitions : 148756

Scan plugins : 13

Archive plugins : 39

Unpack plugins : 4

Mail plugins : 6

System plugins : 1



Scan options



Detection

[X] Scan boot sectors

[X] Scan archives

[X] Scan packed files

[X] Scan email



File mask

[ ] Programs

[X] All files

[ ] User defined extensions:

[ ] Exclude extensions: ;



Action



Infected objects

[ ] Ignore

[X] Disinfect

[ ] Delete

[ ] Copy to quarantine

[ ] Move to quarantine

[ ] Rename

[ ] Prompt user



Second action

[ ] Ignore

[ ] Delete

[ ] Copy to quarantine

[X] Move to quarantine

[ ] Rename

[ ] Prompt user



Scan options

[X] Enable warnings

[X] Enable heuristics

[ ] Show all files in log

[X] Report file: vscan.log

[ ] Append to existing report



Summary:



C:\RECYCLER\NPROTECT\00384769=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 5 Jul 2004 04:26:15 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384769=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 5 Jul 2004 04:26:15 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384769=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 5 Jul 2004 04:26:15 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384775=>(Quarantine-2)=>[Subject: Important m$6h?3p][Date: Fri, 7 May 2004 17:35:38 +0200]=>(MIME part)=>details03.txt Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384775=>(Quarantine-2)=>[Subject: Important m$6h?3p][Date: Fri, 7 May 2004 17:35:38 +0200]=>(MIME part)=>details03.txt Deleted

C:\RECYCLER\NPROTECT\00384775=>(Quarantine-2)=>[Subject: Important m$6h?3p][Date: Fri, 7 May 2004 17:35:38 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384775=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384775 Update failed

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 00:23:29 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384777=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384777 Update failed

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part)=>message.pif Infected Win32.NetSky.Q@mm

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part)=>message.pif Deleted

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2)=>[Subject: Server Error (pablogijon@terra.es)][Date: Fri, 30 Apr 2004 21:42:41 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384782=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384782 Update failed

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode) Infected Exploit.Html.Iframe.Bof.Gen

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode) Disinfection failed

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode)=>(JAVASCRIPT 2) Infected JS.Bofra.A

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode)=>(JAVASCRIPT 2) Disinfection failed

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode)=>(IFRAME) Infected Trojan.Exploit.HTML.IframeBof

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode)=>(JAVASCRIPT 4) Infected JS.Bofra.A

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(unicode)=>(JAVASCRIPT 4) Disinfection failed

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(JAVASCRIPT 2) Infected JS.Bofra.A

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(JAVASCRIPT 2) Disinfection failed

C:\RECYCLER\NPROTECT\00384788=>(Quarantine-2)=>(JAVASCRIPT 3) Infected JS.Bofra.A

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 15 May 2004 23:13:55 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384792=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384792 Update failed

C:\RECYCLER\NPROTECT\00384796=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 22 Jul 2004 09:06:24 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384796=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 22 Jul 2004 09:06:24 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384796=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 22 Jul 2004 09:06:24 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384799=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 24 Jul 2004 03:06:16 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384799=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 24 Jul 2004 03:06:16 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384799=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 24 Jul 2004 03:06:16 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384801=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sun, 25 Jul 2004 16:06:13 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384801=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sun, 25 Jul 2004 16:06:13 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384801=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sun, 25 Jul 2004 16:06:13 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 1 Jun 2004 08:48:36 +0100]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384818=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384818 Update failed

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 25 May 2004 17:27:36 +0100]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384826=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384826 Update failed

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 8 May 2004 14:14:53 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384828=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384828 Update failed

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 4 Jun 2004 16:04:02 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384832=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384832 Update failed

C:\RECYCLER\NPROTECT\00384854=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 20 Jul 2004 04:35:33 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384854=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 20 Jul 2004 04:35:33 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384854=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 20 Jul 2004 04:35:33 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384855=>(Quarantine-2)=>[Subject: Re: Extended Mail System][Date: Sun, 9 May 2004 15:48:37 +0200]=>(MIME part)=>document.doc.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384855=>(Quarantine-2)=>[Subject: Re: Extended Mail System][Date: Sun, 9 May 2004 15:48:37 +0200]=>(MIME part)=>document.doc.scr Deleted

C:\RECYCLER\NPROTECT\00384855=>(Quarantine-2)=>[Subject: Re: Extended Mail System][Date: Sun, 9 May 2004 15:48:37 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384855=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384855 Update failed

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 11:40:07 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384861=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384861 Update failed

C:\RECYCLER\NPROTECT\00384863=>(Quarantine-2)=>[Subject: Re: Message][Date: Sat, 5 Jun 2004 14:14:52 +0200]=>(MIME part)=>message.zip Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384863=>(Quarantine-2)=>[Subject: Re: Message][Date: Sat, 5 Jun 2004 14:14:52 +0200]=>(MIME part)=>message.zip Deleted

C:\RECYCLER\NPROTECT\00384863=>(Quarantine-2)=>[Subject: Re: Message][Date: Sat, 5 Jun 2004 14:14:52 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384863=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384863 Update failed

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 5 Jun 2004 13:30:25 +0100]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384864=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384864 Update failed

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 7 Jun 2004 14:28:32 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384867=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384867 Update failed

C:\RECYCLER\NPROTECT\00384869=>(Quarantine-2)=>[Subject: I love you!][Date: Mon, 7 Jun 2004 18:12:11 +0200]=>(MIME part)=>photo.txt Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384869=>(Quarantine-2)=>[Subject: I love you!][Date: Mon, 7 Jun 2004 18:12:11 +0200]=>(MIME part)=>photo.txt Deleted

C:\RECYCLER\NPROTECT\00384869=>(Quarantine-2)=>[Subject: I love you!][Date: Mon, 7 Jun 2004 18:12:11 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384869=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384869 Update failed

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 3 Jun 2004 16:24:09 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384872=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384872 Update failed

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Tue, 8 Jun 2004 13:36:01 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384876=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384876 Update failed

C:\RECYCLER\NPROTECT\00384877=>(Quarantine-2)=>[Subject: product][Date: Tue, 8 Jun 2004 15:51:30 +0200]=>(MIME part)=>product.txt.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384877=>(Quarantine-2)=>[Subject: product][Date: Tue, 8 Jun 2004 15:51:30 +0200]=>(MIME part)=>product.txt.scr Deleted

C:\RECYCLER\NPROTECT\00384877=>(Quarantine-2)=>[Subject: product][Date: Tue, 8 Jun 2004 15:51:30 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384877=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384877 Update failed

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 9 Jun 2004 16:17:48 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384879=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384879 Update failed

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 16 Jun 2004 21:02:07 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384884=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384884 Update failed

C:\RECYCLER\NPROTECT\00384887=>(Quarantine-2)=>kxvvnw.exe Infected Win32.Bagle.H@mm

C:\RECYCLER\NPROTECT\00384887=>(Quarantine-2)=>kxvvnw.exe Deleted

C:\RECYCLER\NPROTECT\00384887=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384887 Update failed

C:\RECYCLER\NPROTECT\00384890=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 29 Jul 2004 02:57:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384890=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 29 Jul 2004 02:57:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384890=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Thu, 29 Jul 2004 02:57:41 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384895=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 30 Jul 2004 01:25:28 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384895=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 30 Jul 2004 01:25:28 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384895=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 30 Jul 2004 01:25:28 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 05 May 2004 21:10:50 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384898=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384898 Update failed

C:\RECYCLER\NPROTECT\00384899=>(Quarantine-2)=>[Subject: Re: Sex pictures][Date: Wed, 5 May 2004 21:28:13 +0200]=>(MIME part)=>www.myx4free.doc Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384899=>(Quarantine-2)=>[Subject: Re: Sex pictures][Date: Wed, 5 May 2004 21:28:13 +0200]=>(MIME part)=>www.myx4free.doc Deleted

C:\RECYCLER\NPROTECT\00384899=>(Quarantine-2)=>[Subject: Re: Sex pictures][Date: Wed, 5 May 2004 21:28:13 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384899=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384899 Update failed

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 12 Jun 2004 12:05:34 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384902=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384902 Update failed

C:\RECYCLER\NPROTECT\00384908=>(Quarantine-2)=>[Subject: Re: Test][Date: Wed, 2 Jun 2004 20:10:02 +0100]=>(MIME part)=>details_pablogijon.zip Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384908=>(Quarantine-2)=>[Subject: Re: Test][Date: Wed, 2 Jun 2004 20:10:02 +0100]=>(MIME part)=>details_pablogijon.zip Deleted

C:\RECYCLER\NPROTECT\00384908=>(Quarantine-2)=>[Subject: Re: Test][Date: Wed, 2 Jun 2004 20:10:02 +0100]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384908=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384908 Update failed

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 18 Jun 2004 22:48:36 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384909=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384909 Update failed

C:\RECYCLER\NPROTECT\00384916=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 9 Jul 2004 11:52:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384916=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 9 Jul 2004 11:52:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384916=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 9 Jul 2004 11:52:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384923=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 26 Jun 2004 13:42:12 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384923=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 26 Jun 2004 13:42:12 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384923=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 26 Jun 2004 13:42:12 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384929=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 28 Jun 2004 15:22:44 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384929=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 28 Jun 2004 15:22:44 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384929=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 28 Jun 2004 15:22:44 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part)=>message.scr Infected Win32.Netsky.P@mm

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part)=>message.scr Deleted

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Fri, 14 May 2004 20:25:32 +0200]=>(MIME part) Update

C:\RECYCLER\NPROTECT\00384932=>(Quarantine-2) Update

C:\RECYCLER\NPROTECT\00384932 Update failed

C:\RECYCLER\NPROTECT\00384945=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 14 Jul 2004 19:10:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384945=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 14 Jul 2004 19:10:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384945=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Wed, 14 Jul 2004 19:10:36 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384952=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 17 Jul 2004 08:49:25 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384952=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 17 Jul 2004 08:49:25 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384952=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Sat, 17 Jul 2004 08:49:25 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\NPROTECT\00384957=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 19 Jul 2004 08:20:03 +0200]=>(MIME part)=>(MIME part)=>(message body) Suspect Exploit.Iframe.Vulnerability

C:\RECYCLER\NPROTECT\00384957=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 19 Jul 2004 08:20:03 +0200]=>(MIME part)=>(MIME part)=>(message body) Disinfection failed

C:\RECYCLER\NPROTECT\00384957=>(Quarantine-2)=>[Subject: Mail Delivery (failure pablogijon@terr][Date: Mon, 19 Jul 2004 08:20:03 +0200]=>(MIME part)=>(MIME part)=>(message body) Move failed

C:\RECYCLER\S-1-5-21-57989841-854245398-1343024091-500\Dc62.html Infected VBS.Redlof.E

C:\RECYCLER\S-1-5-21-57989841-854245398-1343024091-500\Dc62.html Disinfection failed

C:\RECYCLER\S-1-5-21-57989841-854245398-1343024091-500\Dc62.html Moved

Scanned files









Logfile of HijackThis v1.99.1

Scan saved at 17:52:03, on 28/04/2005

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)



Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\csrss.exe

C:\WINNT\SYSTEM32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\System32\cisvc.exe

C:\WINNT\System32\svchost.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\pavsrv50.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\Explorer.EXE

C:\WINNT\SOUNDMAN.EXE

C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\KMaestro\KMaestro.exe

C:\MMaestro\BWheel35.exe

C:\WINNT\system32\carpserv.exe

C:\Archivos de programa\Winamp\Winampa.exe

C:\Archivos de programa\Real\RealPlayer\RealPlay.exe

C:\Archivos de programa\QuickTime\qttask.exe

C:\WINNT\system32\spool\DRIVERS\W32X86\2\printray.exe

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE

C:\WINNT\system32\internat.exe

C:\Archivos de programa\Samsung\Digimax Viewer 2.1\STImgBrowser.exe

C:\Archivos de programa\FotoStation Easy\FotoStation Easy AutoLaunch.exe

C:\Archivos de programa\Nikon\PictureProject\NkbMonitor.exe

C:\Archivos de programa\WinZip\WZQKPICK.EXE

C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe

C:\Archivos de programa\eMule\emule.exe

C:\WINNT\System32\cidaemon.exe

C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe

c:\archivos de programa\softwin\bitdefender free edition\bdmcon.exe

c:\archivos de programa\softwin\bitdefender free edition\bdlite.exe

C:\Archivos de programa\Internet Explorer\iexplore.exe

C:\ARCHIV~1\WINZIP\winzip32.exe

C:\unzipped\hijackthis\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eresmas.com/i2r/login2?to=www.wanadoo.es&nack=www.wanadoo.es

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos

R3 - Default URLSearchHook is missing

F2 - REG:system.ini: UserInit=C:\WINNT\regedit /s C:\pav.reg,C:\WINNT\system32\pavdr.exe,C:\WINNT\system32\userinit.exe,

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\ARCHIV~1\SPYWAR~1\tools\iesdsg.dll (file missing)

O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Archivos de programa\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [KeyMaestro] C:\KMaestro\KMaestro.exe

O4 - HKLM\..\Run: [LWBMOUSE] C:\MMaestro\BWheel35.exe

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [LoadQM] loadqm.exe

O4 - HKLM\..\Run: [WinampAgent] "C:\Archivos de programa\Winamp\Winampa.exe"

O4 - HKLM\..\Run: [RealTray] C:\Archivos de programa\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [AcctMgr] C:\Archivos de programa\Norton SystemWorks\Password Manager\AcctMgr.exe /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PrinTray] C:\WINNT\system32\spool\DRIVERS\W32X86\2\printray.exe

O4 - HKLM\..\Run: [BDMCon] C:\Archivos de programa\Softwin\BitDefender Free Edition\\bdmcon.exe

O4 - HKLM\..\Run: [BDNewsAgent] C:\Archivos de programa\Softwin\BitDefender Free Edition\\bdnagent.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [Spyware Doctor] "C:\Archivos de programa\Spyware Doctor\swdoctor.exe" /Q

O4 - Startup: Escritorio.lnk = ?

O4 - Global Startup: Digimax Viewer 2.1.lnk = C:\Archivos de programa\Samsung\Digimax Viewer 2.1\STImgBrowser.exe

O4 - Global Startup: FotoStation Easy AutoLaunch.lnk = C:\Archivos de programa\FotoStation Easy\FotoStation Easy AutoLaunch.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = C:\Archivos de programa\Nikon\PictureProject\NkbMonitor.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Archivos de programa\WinZip\WZQKPICK.EXE

O9 - Extra button: Coches - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\cpc-libremp3-uk\index.html (file missing)

O15 - Trusted Zone: http://caja.caja-granada.es

O15 - Trusted Zone: http://www.caja-granada.es

O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {2DBEFB64-B6C4-4A2C-BE6A-16FF065B99C6} - http://www.dialerzona.com/cuadruple.cab

O16 - DPF: {3B02AAA2-327C-40ED-A849-4BE819AE5385} (ImgSizer Control) - file://C:\Documents and Settings\Administrador\Configuración local\Temp\~DlfnTmp0\imgSizer.ocx

O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} - http://www.juegos-flash.com/ruboskizo2.cab

O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} - http://212.145.159.194/251065/dialercab/WebRecomendada.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://213.227.2.200/activex/AxisCamControl.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {C4660846-8760-4852-8154-82438E33E383} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/es/filesharingctrl.cab

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe

O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe

O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\pavsrv50.exe

O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Archivos de programa\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe

O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Archivos de programa\Archivos comunes\Softwin\BitDefender Communicator\xcommsvr.exe
Arriba
maura63
Mensajes: 6865
Registrado: 09 Mar 2004, 20:42
Ubicación: Cádiz, ESPAÑA
Contactar:
Contactar maura63

Mensaje por maura63 » 28 Abr 2005, 18:15

Prueba a descargar esta utilidad



ELITRIIP:

http://www.zonavirus.com/descargas/elitriip.asp





Puede que de momento no te permita bajarla, estamos en cambios a la V3.



Prueba de pasar tu antivirus actualizado arrancando en modo seguro, vacia la papelera, elimina archivos temporales y archivos sin conexion.



Saludos

maura63
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online

Quien hace una pregunta,teme parecer ignorante durante cinco minutos.Quien no pregunta se mantiene ignorante toda la vida. (Ortega y Gasset)
Arriba
psinatra
Mensajes: 3
Registrado: 26 Abr 2005, 03:10

Pues si

Mensaje por psinatra » 29 Abr 2005, 02:21

No me lo puedo descargar, aunque gracias. No sé lo que es el V3. He podido bajar algunas cosas del foro pinchando el enlace que descargaba directamente , sin pasar por web; aunque casi siempre hay fallos. Crees que tendré que formatear el disoc duro?



Gracias
Arriba
maura63
Mensajes: 6865
Registrado: 09 Mar 2004, 20:42
Ubicación: Cádiz, ESPAÑA
Contactar:
Contactar maura63

Mensaje por maura63 » 29 Abr 2005, 09:42

V3 es la nueva version del foro. No tendras que formatear, paso nota del problema de descarga.



Vuelve a intentarlo mas tarde.



Saludos

maura63
Antes de preguntar - Normas Basicas - Mensajes Privados - Repetir Temas - Continuar Temas - Titulos del Tema - Antivirus Online

Quien hace una pregunta,teme parecer ignorante durante cinco minutos.Quien no pregunta se mantiene ignorante toda la vida. (Ortega y Gasset)
Arriba
Avatar de Usuario
msc hotline sat
Mensajes: 93500
Registrado: 09 Mar 2004, 20:39
Ubicación: BARCELONA (ESPAÑA)
Contactar:
Contactar msc hotline sat

Mensaje por msc hotline sat » 29 Abr 2005, 12:12

Puede que no tengas ningun virus !!! Me parece que todas las detecciones son de la papelera (C:/RECYCLER). Parece que no la has vaciado nunca ! Vaciala como te indica Maura63, y pasa de nuevo tu antivirus, a ver si tienes algo de verdad.



saludos



ms, 29-04-2005
Arriba
Responder

Volver a “Foro Virus - Cuentanos tu problema”