Help! Spyware problem ?

Anon-27e691cf14 · Sep 13, 2005

I have rarely used this site to post, but have picked up so much knowledge. This time I need your help please. Treat me gently, I am still a novice. I have Sygate and NAV2005 installed. When I try and access the online virus encyclopedia or reports I get sygate kicking in with the sites below. I have done a virus scan, nothing. Google indicates this might be a hijacking? Looks like its in the Symantec shared folder? Help please, what can I do? Thanks.

-------------------------------------------------------------------------
13/09/2005 20:43:06 Port Scan Minor Incoming TCP 207.33.111.36 02-00-20-00-02-00 81.79.239.16 00-00-02-00-00-00 Normal 2 13/09/2005 20:42:21 13/09/2005 20:42:41
13/09/2005 20:43:06 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.29] 02-00-20-00-02-00 81.79.239.16 00-00-02-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:42:37 13/09/2005 20:42:37
13/09/2005 20:30:54 Application Hijacking Critical Outgoing TCP img-cdn.mediaplex.com [84.53.143.22] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:29:50 13/09/2005 20:29:50
13/09/2005 20:25:00 Application Hijacking Critical Outgoing TCP img-cdn.mediaplex.com [84.53.143.22] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE-4 Normal 1 13/09/2005 20:23:57 13/09/2005 20:23:57
13/09/2005 20:24:14 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.24] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:23:10 13/09/2005 20:23:10
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.24] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:21:35 13/09/2005 20:21:35
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.24] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:21:33 13/09/2005 20:21:33
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.24] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:21:27 13/09/2005 20:21:27
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.29] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe Normal 1 13/09/2005 20:21:17 13/09/2005 20:21:17
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.29] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:21:09 13/09/2005 20:21:09
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.29] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE-4 Normal 1 13/09/2005 20:21:07 13/09/2005 20:21:07
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP img-cdn.mediaplex.com [84.53.143.22] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:20:54 13/09/2005 20:20:54
13/09/2005 20:21:45 Application Hijacking Critical Outgoing TCP img-cdn.mediaplex.com [84.53.143.22] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe Normal 1 13/09/2005 20:20:46 13/09/2005 20:20:46
13/09/2005 20:21:40 Application Hijacking Critical Outgoing TCP ff.connextra.com [84.53.143.21] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:20:35 13/09/2005 20:20:35
13/09/2005 20:19:46 Application Hijacking Critical Outgoing TCP img-cdn.mediaplex.com [84.53.143.22] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:19:05 13/09/2005 20:19:05
13/09/2005 20:13:48 Application Hijacking Critical Outgoing TCP a248.e.akamai.net [84.53.143.24] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:13:37 13/09/2005 20:13:37
13/09/2005 20:09:03 Application Hijacking Critical Outgoing TCP ff.connextra.com [84.53.143.21] 01-00-20-00-01-00 81.79.143.8 00-00-01-00-00-00 C:\Program Files\Common Files\Symantec Shared\NMain.exe THE- Normal 1 13/09/2005 20:08:51 13/09/2005 20:08:51

Shadow_Puter_Dude · Sep 14, 2005

[font=Arial, Helvetica, sans-serif]Process File:[/font] nmain.exe[font=Arial, Helvetica, sans-serif]
Process Name:[/font] Norton AntiVirus

[font=Arial, Helvetica, sans-serif]Description:[/font]nmain.exe is a process belonging to the Norton Antivirus Internet security product, a product which protects your computer from Internet-bound viruses. This program is important for the stable and secure running of your computer and should not be terminated.

If it is located in any folder other than C:\Program Files\Common Files\Symantec Shared\ then you are infected with the Bloodhound.VBS.Worm.

Log in or Sign up

Help! Spyware problem ?

Anon-27e691cf14 Anonymized

Shadow_Puter_Dude MG Authorized Malware Fighter