View Full Version : Spybot takes 6+ hrs to run: Hijack log is pasted
mrsmarti
2009-03-12, 02:14
I installed Spybot on my friend’s computer 13 months ago. She has a Dell Dimension 4600 PC that is 5 years old with XP Home on it. Her computer has some complete Norton Internet Security. (I’ve asked her to change to AVG when it is renewal time). She empties cookies and Temp Internet files and runs CCleaner each week. She defragmented 2 days ago. Norton does NOT let her set a restore point.
For the last ½ year Spybot has been taking around 6+ hours to scan her computer. Prior to that I think she said it took 45-70 minutes to do the job.
On my computer scanning takes 10 minutes +/-.
I’m new to the forum and am NOT a computer wiz. My 60 yr. old friend has zip computer knowledge and relies on me- YIKES!
Today I installed HijackThis and ran this log. Is it of any benefit if Norton is not disabled? (At the moment I don’t know how to do that). Also, is there such a thing as malware being able to hide from HijackThis ( thus needing to rename it somehow)?
I need some 'help' ideas and then go to her house (I only go once a week) and try to resolve this?
THANKS so much. Mrs. Marti J.
Her machine has: Total Physical memory: 256.00MB & total Virtual Memory: 2.00 GB, if you need that for anything.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:54:54 PM, on 3/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Uninstall getPlus(R) for Adobe] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8908 bytes
Hello and Welcome to Safer Networking,
My name is peku006 and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.
Please observe these rules while we work:
If you don't know, stop and ask! Don't keep going on.
Please reply to this thread. Do not start a new topic.
Please continue to respond until I give you the "All Clear"
If you follow these instructions, everything should go smoothly.
1 - Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) and save it to your desktop.
alternate download link 1 (http://malwarebytes.gt500.org/mbam-setup.exe)
alternate download link 2 (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)
Double-click on Download_mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
If an update is found, the program will automatically update itself.
Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here (http://www.malwarebytes.org/mbam/database/mbam-rules.exe) and just double-click on mbam-rules.exe to install.
On the Scanner tab:
Make sure the "Perform full scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
2 - download and run RSIT
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)
3 - Status Check
Please reply with
1.the logs from RSIT (log.txt ,info.txt)
2. the Malwarebytes' Anti-Malware Log
description of any problems you are having with your PC
Thanks peku006
mrsmarti
2009-03-16, 13:43
Hi, Thanks SO much for responding. I'll be doing this tuesday 3/17 when I go to her house. I'll post after I do all the above stuff. THX again. :)
mrsmarti
2009-03-17, 15:40
Below are 2 logs. But there isn't one for MBAM. Does that mean this is now hopeless?
I sent the instructions to my friend and had her do these without me. She did fine, but had a problem with MBAM. I spoke to her on the phone and this is what happened to the MBAM log:
She ran MBAM for 2.75 hours. It noted 2 trojans. She followed the step by step directions you gave us. She opened the log and tried to select all by highlighting (starting at the bottom of the notepad log, running her mouse/cursor up the page). By the time she got to the top all the print disappeared. She tried copy and then paste onto a Word doc, but nothing happened, except a V was printed on the page. And yes, she was pressing Ctrl V and not shift V.
Instead, a 2nd copy of the log appeared in the MBAM log file. The first copy was blank. When she clicked on the 2nd copy, a 3rd copy was created. She wasn't able to print the log(access denied). So, she shut it down. It asked her if wanted to save the changes. She said yes, assuming it would keep all the copies of the log. It did not. When she opened it up again, the only thing there was the original blank log. I check her C drive, documents settings/ and every thing under that, but there was NO listing of MBAM and it's log.
I only wish I had waited and done this myself. Now, are things ruined?
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Aleda Tysver\Desktop\RSIT.exe
C:\Program Files\Common Files\Symantec Shared\COH\coh32.exe
C:\Program Files\trend micro\Aleda Tysver.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
*.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program
Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program
Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program
Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
-startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet
Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader
9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton
GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=K
M
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program
Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} -
C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation
Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - h
ttp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.mic
rosoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://we
bdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdown
load2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program
Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program
Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program
Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program
Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner -
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program
Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation -
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation -
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8708 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Aleda Tysver.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08 110652]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
[2007-08-24 316784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-01-14
116088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Common
Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 316784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17
51048]
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27
221184]
"ISUSScheduler"=C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2007-08-24
714608]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader
9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCMSMMSG]
C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullsEye Network]
C:\Program Files\BullsEye Network\bin\bargains.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\d3tw32.exe]
C:\WINDOWS\system32\d3tw32.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
C:\Program Files\Dell Support\DSAgnt.exe /startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dinst]
C:\WINDOWS\dinst.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDSentry]
C:\WINDOWS\System32\DSentry.exe [2002-08-14 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dvx]
C:\WINDOWS\System32\wsxsvc\wsxsvc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jawa32]
C:\WINDOWS\jawa32.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ligket]
c:\windows\system32\hyjmntj.exe r []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe files\mcafee.com\agent\mcagent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Access]
C:\Program Files\Media Access\MediaAccK.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\System32\NvCpl.dll [2003-03-14 4493312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PEwllaoU]
C:\documents and settings\tim mertz\local settings\temp\PEwllaoU.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pfvkjwm]
c:\windows\system32\oefclmj.exe r []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qkrf]
C:\PROGRA~1\COMMON~1\qkrf\qkrfm.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAHAgent]
C:\WINDOWS\System32\SahAgent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sf]
C:\Program Files\sf\sf.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /startintray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2003-07-13 151597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmss]
C:\WINDOWS\System32\vmss\vmss.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\w]
C:\documents and settings\tim mertz\local settings\temp\w.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebRebates0]
C:\Program Files\Web_Rebates\WebRebates0.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WildTangent CDA]
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe /startup C:\Program
Files\WildTangent\Apps\CDA\cdaEngine0500.dll []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winjo32.exe]
C:\WINDOWS\winjo32.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents
and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
C:\PROGRA~1\AMERIC~2.0\aoltray.exe -check []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Norton GoBack.lnk - C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli
cy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x
psp2res.dll,-22019"
"C:\Program Files\Common
Files\aol\1126361781\ee\AOLServiceHost.exe"="C:\Program Files\Common
Files\aol\1126361781\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\Common Files\aol\Loader\aolload.exe"="C:\Program
Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL
Instant Messenger"
"C:\Documents and Settings\TK\My Documents\kazaa.exe"="C:\Documents and
Settings\TK\My Documents\kazaa.exe:*:Enabled:Kazaa"
"C:\Program Files\Juno\bin\juno.exe"="C:\Program
Files\Juno\bin\juno.exe:*:Enabled:Juno"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network
Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program
Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program
Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America
Online 9.0\waol.exe:*:Enabled:America Online 9.0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli
cy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x
psp2res.dll,-22019"
"C:\Program Files\Common Files\aol\Loader\aolload.exe"="C:\Program
Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\Common
Files\aol\1126361781\ee\AOLServiceHost.exe"="C:\Program Files\Common
Files\aol\1126361781\ee\AOLServiceHost.exe:*:Enabled:AOL Services"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AOL
Instant Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network
Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America
Online 9.0\waol.exe:*:Enabled:America Online 9.0"
======File associations======
.bat - edit - C:\I386\NOTEPAD.EXE %1
.cmd - open -
.cmd - edit -
.inf - open - C:\I386\NOTEPAD.EXE %1
.ini - open - C:\I386\NOTEPAD.EXE %1
.js - edit - C:\I386\NOTEPAD.EXE %1
.reg - edit - C:\I386\NOTEPAD.EXE %1
.txt - open - C:\I386\NOTEPAD.EXE %1
.vbs - edit - C:\I386\NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2009-03-16 13:09:11 ----D---- C:\rsit
2009-03-16 09:27:08 ----D---- C:\Documents and Settings\Aleda Tysver\Application
Data\Malwarebytes
2009-03-16 09:26:54 ----D---- C:\Documents and Settings\All Users\Application
Data\Malwarebytes
2009-03-16 09:26:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-11 23:21:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 23:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 18:52:37 ----D---- C:\Program Files\Trend Micro
2009-03-11 17:51:44 ----D---- C:\Program Files\NOS
2009-03-11 17:51:44 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-03-11 15:51:30 ----D---- C:\Documents and Settings\Aleda Tysver\Application
Data\ZoomBrowser EX
2009-03-11 15:44:19 ----A---- C:\WINDOWS\system32\pscVSWIA.dll
2009-03-11 15:44:19 ----A---- C:\WINDOWS\system32\pscUD110.dll
2009-03-11 15:44:19 ----A---- C:\WINDOWS\system32\pscND110.exe
2009-03-11 15:44:18 ----A---- C:\WINDOWS\system32\PSCLU110.dll
2009-03-04 18:30:26 ----D---- C:\kpcms
2009-03-04 18:30:26 ----A---- C:\WINDOWS\system32\pcdlib32.dll
2009-03-04 18:30:26 ----A---- C:\WINDOWS\system32\MSVCRT10.DLL
2009-03-04 18:30:26 ----A---- C:\WINDOWS\sprof32.dll
2009-03-04 18:30:25 ----A---- C:\WINDOWS\pfpick.dll
2009-03-04 18:30:25 ----A---- C:\WINDOWS\kpsys32.dll
2009-03-04 18:30:25 ----A---- C:\WINDOWS\kpcp32.dll
2009-03-04 18:30:25 ----A---- C:\WINDOWS\KPCMS.INI
2009-03-04 18:30:25 ----A---- C:\WINDOWS\icccodes.dll
2009-03-04 18:30:16 ----D---- C:\WINDOWS\system32\COLOR
2009-03-04 17:03:51 ----D---- C:\Documents and Settings\All Users\Application
Data\ZoomBrowser
2009-03-04 16:29:53 ----D---- C:\Program Files\Common Files\Canon
2009-02-27 21:29:57 ----A---- C:\WINDOWS\OPPRIN~1.INI
2009-02-27 21:29:34 ----A---- C:\WINDOWS\system32\opapi11.dll
2009-02-27 21:28:36 ----D---- C:\Program Files\Canon
2009-02-24 14:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-19 13:03:34 ----A---- C:\WINDOWS\system32\SymNeti.dll
2009-02-19 13:03:26 ----A---- C:\WINDOWS\system32\SymRedir.dll
======List of files/folders modified in the last 1 months======
2009-03-16 13:33:42 ----D---- C:\WINDOWS\TEMP
2009-03-16 13:33:37 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-16 13:33:29 ----D---- C:\WINDOWS\Prefetch
2009-03-16 13:30:05 ----A---- C:\WINDOWS\JUNO.INI
2009-03-16 13:04:26 ----A---- C:\WINDOWS\WIN.INI
2009-03-16 13:04:22 ----D---- C:\Program Files\Juno
2009-03-16 11:40:08 ----D---- C:\WINDOWS
2009-03-16 11:40:05 ----A---- C:\WINDOWS\ModemLog_BCM V.92 56K Modem.txt
2009-03-16 11:39:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-16 11:37:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-16 11:36:53 ----D---- C:\WINDOWS\system32\DRIVERS
2009-03-16 11:34:12 ----AD---- C:\Program Files
2009-03-16 11:06:51 ----D---- C:\Documents and Settings\All Users\Application
Data\Symantec
2009-03-16 08:34:44 ----D---- C:\Program Files\Mozilla Firefox
2009-03-16 07:46:51 ----HD---- C:\WINDOWS\INF
2009-03-15 19:43:40 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-15 19:43:39 ----AD---- C:\WINDOWS\SYSTEM32
2009-03-15 19:23:54 ----SHD---- C:\WINDOWS\Installer
2009-03-15 19:23:52 ----D---- C:\Config.Msi
2009-03-15 19:01:51 ----D---- C:\WINDOWS\JAVA
2009-03-15 18:55:10 ----D---- C:\WINDOWS\system32\Macromed
2009-03-15 18:39:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-11 23:21:08 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2009-03-11 18:30:48 ----D---- C:\Program Files\Common Files
2009-03-11 18:21:16 ----D---- C:\Program Files\Adobe
2009-03-11 18:19:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-11 18:19:53 ----D---- C:\Documents and Settings\Aleda Tysver\Application
Data\Adobe
2009-03-11 18:16:49 ----D---- C:\Program Files\Common Files\Adobe
2009-03-11 17:43:47 ----D---- C:\WINDOWS\WinSxS
2009-03-11 15:49:36 ----D---- C:\WINDOWS\TWAIN_32
2009-03-11 13:03:22 ----HD---- C:\WINDOWS\$hf_mig$
2009-03-09 11:09:20 ----D---- C:\WINDOWS\system32\FxsTmp
2009-03-08 11:05:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-07 16:24:45 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot
- Search & Destroy
2009-03-04 19:26:51 ----RSD---- C:\WINDOWS\assembly
2009-03-04 19:26:51 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-04 17:10:39 ----D---- C:\WINDOWS\system32\MUI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,
4=Disabled)======
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13
36352]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec
Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-12-01 43696]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment;
C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R2 BCMNTIO;BCMNTIO; \??\C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys []
R2 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\drivers\CO_Mon.sys []
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25
5376]
R2 MAPMEM;MAPMEM; \??\C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29
1101696]
R3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys []
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys
[2003-03-04 145408]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec
Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
[2008-04-17 15464]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090316.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090316.002\NAVEX15.SYS
[]
R3 NPDriver;Norton UnErase Protection Driver;
\??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS []
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-03-14 1223562]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-11-11 9856]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-12-01 279088]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2009-02-19 38576]
R3 SYMIDSCO;SYMIDSCO;
\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20090310.005\SymIDSCo.sys []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2009-02-19 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;
C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;
C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13
42752]
S2 GBFSHook;GBFSHook; C:\WINDOWS\system32\drivers\GBFSHook.sys [2005-11-14 15360]
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver;
C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-03 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-03 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys
[2001-08-17 16128]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2003-07-16 16509]
S3 SDdriver;SDdriver; \??\C:\WINDOWS\system32\Drivers\sddriver.sys []
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-12-01 317616]
S3 SymIM;Symantec Network Security Intermediate Filter Service;
C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-02-19 31280]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01
32000]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13
26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys []
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13
44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13
42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13
43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand,
4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile
Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program
Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe
[2008-08-29 238888]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe
[2007-01-31 96370]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common
Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 GBPoll;GoBack Polling Service; C:\Program Files\Norton SystemWorks\Norton
GoBack\GBPoll.exe [2005-11-14 595632]
R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec
Shared\ccSvcHst.exe [2008-10-17 149352]
R2 NProtectService;Norton UnErase Protection; C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
[2005-11-03 95832]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-03-14 65536]
R2 Speed Disk service;Speed Disk service;
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE [2005-11-03 176193]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec
Shared\CCPD-LC\symlcsvc.exe [2008-02-02 1251720]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-09-22
38912]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01
536872]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
[2007-08-22 55640]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07
76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
[2007-08-23 3192184]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe []
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-03-03
143360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source
Engine\OSE.EXE [2003-07-28 89136]
S4 NSCService;Norton Protection Center Service; C:\Program Files\Common Files\Symantec
Shared\Security Console\NSCSRVCE.EXE [2006-12-15 750720]
-----------------EOF-----------------info.txt logfile of random's system information tool
1.05 2009-03-16 13:34:56
======Uninstall list======
-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe
RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{45893FEB-30FD-4034-8661-3BA4238FE67A}\SETUP.EXE" -l0x9 -uninst -y -a
-f"b2003ce.isu"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{55BC7EFA-D832-4EE3-9DEA-49B0C07539D9}\setup.exe" -l0x9 -L0x9anything
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{DCDC8E79-4600-4C02-9824-CD3BB8971D4E}\Setup.exe" -l0x9 -L0x9anything
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132
C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe Atmosphere Player for Acrobat and Adobe Reader-->C:\WINDOWS\atmoUn.exe
Adobe Flash Player 10
ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop 5.0 Limited Edition-->C:\WINDOWS\UNINST.EXE -f"C:\Program
Files\Adobe\Photoshop 5.0 LE\DeIsL2.isu" -c"C:\Program Files\Adobe\Photoshop
5.0 LE\Uninst.dll"
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
BCM V.92 56K Modem-->C:\WINDOWS\BCMSMU.exe quiet
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Britannica Ready Reference-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{45893FEB-30FD-4034-8661-3BA4238FE67A}\SETUP.EXE" -l0x9 -uninst
Canon Camera Access Library-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CSCLIB\Uninst.ini"
Canon Digital Camera USB WIA Driver-->C:\WINDOWS\IsUninst.exe -f"C:\Program
Files\Canon\DC USB WIA\Uninst.isu" -c"C:\Program Files\Canon\DC USB
WIA\SetupWia.dll"
Canon PhotoRecord-->C:\WINDOWS\IsUninst.exe -f"C:\Program
Files\Canon\PhotoRecord\Uninst.isu" -c"C:\Program
Files\Canon\PhotoRecord\Program\uninstdll.dll"
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Program
Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program
Files\Common Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities MyCamera DC-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities RAW Image Converter-->C:\WINDOWS\IsUninst.exe -f"C:\Program
Files\Canon\RAW Image Converter\Uninst.isu"
Canon Utilities RemoteCapture DC-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\RemoteCaptureDC\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program
Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser
EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common
Files\Canon\UIW\1.5.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX
MCU\Uninst.ini"
ccCommon-->MsiExec.exe /I{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}
ccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CheckIt Diagnostics-->C:\PROGRA~1\CheckIt\DIAGNO~1\UNWISE.EXE
C:\PROGRA~1\CheckIt\DIAGNO~1\INSTALL.LOG
Compatibility Pack for the 2007 Office system-->MsiExec.exe
/X{90120000-0020-0409-0000-0000000FF1CE}
Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}
Connection Keep Alive-->MsiExec.exe /I{77364F85-6219-4CB8-AAA0-6D53368D683D}
DAO-->MsiExec.exe /I{64116298-93C5-401D-B06C-39D8E3338508}
Dell Picture Studio - Dell Image Expert-->MsiExec.exe
/I{151C555A-A9E7-4A2E-B6D7-165D04A3C956}
Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Demonstar Special Edition-->C:\TIMEDU~1\DEMONS~1\UNWISE.EXE
C:\TIMEDU~1\DEMONS~1\INSTALL.LOG
DVDSentry-->MsiExec.exe /I{98DF85D9-96C0-4F57-A92E-C3539477EF5E}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe"
/uninstall
Hotfix for Windows Internet Explorer 7
(KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows XP
(KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
Intel(R) PROSet-->MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
iPod for Windows 2005-09-23-->C:\Program Files\Common
Files\InstallShield\Driver\8\Intel 32\IDriver.exe
/M{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC} /l1033
iPod for Windows 2006-01-10-->C:\Program Files\Common
Files\InstallShield\Driver\8\Intel 32\IDriver.exe
/M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iPod Update 2004-04-28-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel
32\IDriver.exe /M{E6696A8C-C55A-405C-AFEB-F3880A8BAA45} /l1033
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Juno Connection Wizard-->"C:\Program Files\Connection Wizard\unInstall.exe"
Juno-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{11D696C6-0A0C-499A-B431-6190F9DC1904}\setup.exe" Uninstall
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x
{E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All
Users\Application Data\LuUninstall.LiveUpdate"
LiveUpdate (Symantec Corporation)-->MsiExec.exe
/X{E80F62FF-5D3C-4A19-8409-9721F2928206}
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe
/X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes'
Anti-Malware\unins000.exe"
Microsoft .NET Framework (English)
v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET
Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe
/X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix
(KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe"
; "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp&
quot;
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft
.NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation
APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe
"
Microsoft National Language Support Downlevel
APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.e
xe"
Microsoft Office Small Business Edition 2003-->MsiExec.exe
/I{91CA0409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe
/X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection
C:\WINDOWS\INF\msninst.inf,Uninstall
MSRedist-->MsiExec.exe /I{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}
MyDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup
"C:\Program Files\InstallShield Installation
Information\{5E835305-63BB-4E55-BBB7-EEBBE67774DB}\setup.exe" -l0x9 -L0x9 /SMAINT
Need2Find Bar-->rundll32 C:\PROGRA~1\NEED2F~1\bar\2.bin\Nd2fnBar.dll,O
Norton AntiVirus Help-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Norton Cleanup-->MsiExec.exe /I{CA31120D-2101-484D-9FF1-195DE96FE346}
Norton Confidential Core-->MsiExec.exe /I{55A6283C-638A-4EE0-B491-51118554BDA2}
Norton GoBack 4.1-->MsiExec.exe /I{1F76ACFA-22FE-49F6-BC05-F4EC835F48CC}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common
Files\Symantec
Shared\SymSetup\{C1C185CA-C531-49F5-A6FA-B838405A049D}_15_0_0_60\Setup.exe" /X
Norton Internet Security-->C:\Program
Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.0.0.125\InstS
tub.exe /X
Norton Internet Security-->MsiExec.exe /I{C1C185CA-C531-49F5-A6FA-B838405A049D}
Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}
Norton Protection Center-->MsiExec.exe /I{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}
Norton SystemWorks 2006 Basic Edition (Symantec Corporation)-->"C:\Program
Files\Common Files\Symantec
Shared\SymSetup\{707D28BF-E145-4a9b-B97E-94FA586D05F3}.exe" /X
Norton SystemWorks 2006 Basic Edition-->MsiExec.exe
/I{707D28BF-E145-4a9b-B97E-94FA586D05F3}
Norton SystemWorks-->MsiExec.exe /I{9E23C48E-5483-4971-BA50-089F2FABCD66}
Norton Utilities-->MsiExec.exe /I{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}
NSW_DRM_COLLECTION-->MsiExec.exe /I{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}
NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe
C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvdd.inf
Paint Shop Pro 7-->MsiExec.exe /I{D6DE02C7-1F47-11D4-9515-00105AE4B89A}
Palm Desktop-->MsiExec.exe /X{870842F7-18BB-479D-A7B1-FE17E81AFF1A}
PowerDVD-->RunDll32
C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program
Files\InstallShield Installation
Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe
RealNetworks|RealPlayer|6.0
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Security Update for Step By Step Interactive Training
(KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training
(KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7
(KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player
(KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10
(KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10
(KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP
(KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE
C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
SlideShow 1.20-->"C:\Program Files\SlideShow\unins000.exe"
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search &
Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search &
Destroy\unins001.exe"
Symantec KB-DocID:2003093015493306-->MsiExec.exe
/I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}
Update for Windows XP
(KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP
(KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP
(KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP
(KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe
/I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format Runtime-->"C:\Program Files\Windows Media
Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media
Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack
3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WordPerfect Office 11-->MsiExec.exe /I{54F90B55-BEB3-4F0D-8802-228822FA5921}
Worms Armageddon-->C:\WINDOWS\IsUninst.exe -f"c:\documents and settings\tim
mertz\my documents\Uninst.isu"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security
System event log
Computer Name: DELILAH
Event Code: 7035
Message: The Terminal Services service was successfully sent a start control.
Record Number: 67186
Source Name: Service Control Manager
Time Written: 20090207142222.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELILAH
Event Code: 7035
Message: The SRTSP service was successfully sent a start control.
Record Number: 67185
Source Name: Service Control Manager
Time Written: 20090207142222.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELILAH
Event Code: 2003
Message: Symantec Antivirus minifilter successfully loaded.
Record Number: 67184
Source Name: SRTSP
Time Written: 20090207142222.000000-360
Event Type: information
User:
Computer Name: DELILAH
Event Code: 7036
Message: The Fax service entered the stopped state.
Record Number: 67183
Source Name: Service Control Manager
Time Written: 20090207142138.000000-360
Event Type: information
User:
Computer Name: DELILAH
Event Code: 7035
Message: The Fax service was successfully sent a stop control.
Record Number: 67182
Source Name: Service Control Manager
Time Written: 20090207142138.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM
Application event log
Computer Name: DELILAH
Event Code: 101
Message: Information Level: success Automatic LiveUpdate has terminated.
Record Number: 41399
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090211125847.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELILAH
Event Code: 101
Message: Information Level: success Scheduler launched Automatic LiveUpdate.
Record Number: 41398
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090211125449.000000-360
Event Type: information
User: NT AUTHORITY\SYSTEM
Computer Name: DELILAH
Event Code: 35
Message: The 'ccAppPlgMgr_3984' service has started.
Record Number: 41397
Source Name: ccSvcHst
Time Written: 20090211122108.000000-360
Event Type: information
User: DELILAH\Aleda Tysver
Computer Name: DELILAH
Event Code: 35
Message: The 'Seshlp_3984' service has started.
Record Number: 41396
Source Name: ccSvcHst
Time Written: 20090211122041.000000-360
Event Type: information
User: DELILAH\Aleda Tysver
Computer Name: DELILAH
Event Code: 34
Message: The 'Seshlp_3984' service is starting.
Record Number: 41395
Source Name: ccSvcHst
Time Written: 20090211122039.000000-360
Event Type: information
User: DELILAH\Aleda Tysver
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program
Files\Sonic\MyDVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF----------------
Hi mrsmarti
don't worry about MBAM ,we can use other tools
Please download OTScanIt2 from Geeks to Go (http://oldtimer.geekstogo.com/OTScanIt2.exe) or Bleeping Computer (http://download.bleepingcomputer.com/oldtimer/OTScanIt2.exe). Save it to your desktop.
Double click on OTScanIt2.exe to run it.
Click on Extract. Once done, you will be prompted. Click OK and click Close.
Double click on the OTScanIt2 folder. Double click on OTScanIt2.exe to run it.
Under Rookit Search, select Yes.
Click on Run Scan at the top left hand corner.
When done, Notepad will open. Please post this log in your next reply.
Thanks peku006
mrsmarti
2009-03-18, 00:38
[code]
OTScanIt2 logfile created on: 3/17/2009 3:46:26 PM - Run 1
OTScanIt2 by OldTimer - Version 1.0.8.0 Folder = C:\Documents and Settings\Aleda Tysver\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
255.00 Mb Total Physical Memory | 87.79 Mb Available Physical Memory | 34.43% Memory free
625.82 Mb Paging File | 259.21 Mb Available in Paging File | 41.42% Paging File free
Paging file location(s): C:\pagefile.sys 384 768;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.25 Gb Total Space | 22.12 Gb Free Space | 57.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DELILAH
Current User Name: Aleda Tysver
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[Processes - Safe List]
aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2007/08/31 12:49:50 | 00,243,064 | ---- | M] (Symantec Corporation)
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.)
bcmsmmsg.exe -> %SystemRoot%\BCMSMMSG.exe -> [2003/08/29 05:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation)
calmain.exe -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.)
ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
dlactrlw.exe -> %SystemRoot%\System32\DLA\DLACTRLW.EXE -> [2005/09/08 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
gbpoll.exe -> %ProgramFiles%\Norton SystemWorks\Norton GoBack\GBPoll.exe -> [2005/11/14 08:24:04 | 00,595,632 | R--- | M] (Symantec Corporation)
gbtray.exe -> %ProgramFiles%\Norton SystemWorks\Norton GoBack\GBTray.exe -> [2005/11/14 08:24:04 | 00,861,872 | R--- | M] (Symantec Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/12/19 00:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation)
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.)
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2008/10/01 18:57:12 | 00,289,576 | ---- | M] (Apple Inc.)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
nopdb.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> [2005/11/03 16:44:58 | 00,176,193 | ---- | M] (Symantec Corporation)
nprotect.exe -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> [2005/11/03 17:08:01 | 00,095,832 | ---- | M] (Symantec Corporation)
nvsvc32.exe -> %SystemRoot%\System32\nvsvc32.exe -> [2003/03/14 14:59:00 | 00,065,536 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/02/19 11:15:40 | 00,489,984 | ---- | M] (OldTimer Tools)
qttask.exe -> %ProgramFiles%\QuickTime\QTTask.exe -> [2008/09/06 15:09:14 | 00,413,696 | ---- | M] (Apple Inc.)
symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/02/02 00:05:36 | 01,251,720 | ---- | M] ()
wdfmgr.exe -> %SystemRoot%\system32\wdfmgr.exe -> [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation)
winword.exe -> %ProgramFiles%\Microsoft Office\OFFICE11\WINWORD.EXE -> [2003/08/06 14:24:20 | 12,037,688 | ---- | M] (Microsoft Corporation)
[Win32 Services - Safe List]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2005/09/23 08:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation)
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2007/08/31 12:49:50 | 00,243,064 | ---- | M] (Symantec Corporation)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
(CCALib8) Canon Camera Access Library 8 [Win32_Own | Auto | Running] -> %ProgramFiles%\Canon\CAL\CALMAIN.exe -> [2007/01/31 15:55:42 | 00,096,370 | ---- | M] (Canon Inc.)
(ccEvtMgr) Symantec Event Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
(ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2005/09/23 08:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation)
(CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
(comHost) COM Host [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\VAScanner\comHost.exe -> [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation)
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [2007/03/07 15:47:46 | 00,076,848 | ---- | M] ()
(GBPoll) GoBack Polling Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton GoBack\GBPoll.exe -> [2005/11/14 08:24:04 | 00,595,632 | R--- | M] (Symantec Corporation)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.)
(LiveUpdate) LiveUpdate [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_4.EXE -> [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation)
(LiveUpdate Notice) LiveUpdate Notice [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2008/10/17 16:52:10 | 00,149,352 | ---- | M] (Symantec Corporation)
(mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | On_Demand | Stopped] -> -> File not found
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\NCS\Sync\NetSvc.exe -> [2003/03/03 13:33:40 | 00,143,360 | ---- | M] (Intel(R) Corporation)
(NProtectService) Norton UnErase Protection [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> [2005/11/03 17:08:01 | 00,095,832 | ---- | M] (Symantec Corporation)
(NSCService) Norton Protection Center Service [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\Security Console\NSCSRVCE.EXE -> [2006/12/15 14:36:28 | 00,750,720 | ---- | M] (Symantec Corporation)
(NVSvc) NVIDIA Driver Helper Service [Win32_Own | Auto | Running] -> %SystemRoot%\System32\nvsvc32.exe -> [2003/03/14 14:59:00 | 00,065,536 | ---- | M] (NVIDIA Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(Speed Disk service) Speed Disk service [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -> [2005/11/03 16:44:58 | 00,176,193 | ---- | M] (Symantec Corporation)
(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2008/02/02 00:05:36 | 01,251,720 | ---- | M] ()
(UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wdfmgr.exe -> [2004/09/22 18:46:10 | 00,038,912 | ---- | M] (Microsoft Corporation)
[Driver Services - Safe List]
(aeaudio) aeaudio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\aeaudio.sys -> [2002/04/01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\aliide.sys -> [2001/08/17 13:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\amdagp.sys -> [2008/04/13 13:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\asc.sys -> [2001/08/17 13:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\asc3550.sys -> [2001/08/17 13:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(BCMModem) BCM V.92 56K Modem [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\BCMSM.sys -> [2003/08/29 05:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation)
(BCMNTIO) BCMNTIO [Kernel | Auto | Running] -> %ProgramFiles%\CheckIt\Diagnostics\BCMNTIO.SYS -> [2004/03/05 17:09:00 | 00,003,744 | ---- | M] ()
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\cmdide.sys -> [2001/08/17 13:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(COH_Mon) COH_Mon [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\Drivers\COH_Mon.sys -> [2008/07/30 18:42:12 | 00,023,888 | ---- | M] (Symantec Corporation)
(CO_Mon) CO_Mon [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\CO_Mon.sys -> [2007/08/08 18:39:56 | 00,036,056 | ---- | M] (Symantec Corporation)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\dac2w2k.sys -> [2001/08/17 13:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(DLABOIOM) DLABOIOM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLABOIOM.SYS -> [2005/09/08 05:20:00 | 00,025,628 | ---- | M] (Sonic Solutions)
(DLACDBHM) DLACDBHM [File_System | System | Running] -> %SystemRoot%\System32\Drivers\DLACDBHM.SYS -> [2005/08/25 12:16:52 | 00,005,628 | ---- | M] (Sonic Solutions)
(DLADResN) DLADResN [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLADResN.SYS -> [2005/09/08 05:20:00 | 00,002,496 | ---- | M] (Sonic Solutions)
(DLAIFS_M) DLAIFS_M [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAIFS_M.SYS -> [2005/09/08 05:20:00 | 00,086,524 | ---- | M] (Sonic Solutions)
(DLAOPIOM) DLAOPIOM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAOPIOM.SYS -> [2005/09/08 05:20:00 | 00,014,684 | ---- | M] (Sonic Solutions)
(DLAPoolM) DLAPoolM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAPoolM.SYS -> [2005/09/08 05:20:00 | 00,006,364 | ---- | M] (Sonic Solutions)
(DLARTL_N) DLARTL_N [File_System | System | Running] -> %SystemRoot%\System32\Drivers\DLARTL_N.SYS -> [2005/08/25 12:16:16 | 00,022,684 | ---- | M] (Sonic Solutions)
(DLAUDFAM) DLAUDFAM [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAUDFAM.SYS -> [2005/09/08 05:20:00 | 00,094,332 | ---- | M] (Sonic Solutions)
(DLAUDF_M) DLAUDF_M [File_System | Auto | Running] -> %SystemRoot%\System32\DLA\DLAUDF_M.SYS -> [2005/09/08 05:20:00 | 00,087,036 | ---- | M] (Sonic Solutions)
(DRVMCDB) DRVMCDB [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\DRVMCDB.SYS -> [2005/09/12 03:30:00 | 00,089,264 | ---- | M] (Sonic Solutions)
(DRVNDDM) DRVNDDM [File_System | Auto | Running] -> %SystemRoot%\System32\Drivers\DRVNDDM.SYS -> [2005/08/12 05:20:00 | 00,040,544 | ---- | M] (Sonic Solutions)
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 16:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\dsunidrv.sys -> [2007/02/25 12:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.)
(E100B) Intel(R) PRO Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\e100b325.sys -> [2003/03/04 11:56:26 | 00,145,408 | ---- | M] (Intel Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2009/02/25 04:00:00 | 00,371,248 | ---- | M] (Symantec Corporation)
(EL90XBC) 3Com EtherLink XL 90XB/C Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\el90xbc5.sys -> [2001/08/17 12:11:06 | 00,066,591 | ---- | M] (3Com Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/02/25 04:00:00 | 00,101,936 | ---- | M] (Symantec Corporation)
(GBDevice) GBDevice [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\GBDevice.sys -> [2005/11/14 08:24:04 | 00,005,632 | R--- | M] (Symantec Corporation)
(GBFSHook) GBFSHook [File_System | Auto | Stopped] -> %SystemRoot%\System32\drivers\GBFSHook.sys -> [2005/11/14 08:24:04 | 00,015,360 | R--- | M] (Symantec Corporation)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\SYSTEM32\DRIVERS\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(GoBack2K) GoBack2K [Kernel | Boot | Running] -> %SystemRoot%\System32\drivers\GoBack2k.sys -> [2005/11/14 08:24:04 | 00,117,760 | R--- | M] (Symantec Corporation)
(i81x) i81x [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\i81xnt5.sys -> [2004/08/03 22:29:38 | 00,161,020 | ---- | M] (Intel(R) Corporation)
(iAimFP0) iAimFP0 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wADV01nt.sys -> [2004/08/03 22:29:38 | 00,012,415 | ---- | M] (Intel(R) Corporation)
(iAimFP1) iAimFP1 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wADV02NT.sys -> [2004/08/03 22:29:38 | 00,012,127 | ---- | M] (Intel(R) Corporation)
(iAimFP2) iAimFP2 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wADV05NT.sys -> [2004/08/03 22:29:38 | 00,011,775 | ---- | M] (Intel(R) Corporation)
(iAimFP3) iAimFP3 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wSiINTxx.sys -> [2004/08/03 22:29:48 | 00,012,063 | ---- | M] (Intel(R) Corporation)
(iAimFP4) iAimFP4 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wVchNTxx.sys -> [2004/08/03 22:29:50 | 00,019,455 | ---- | M] (Intel(R) Corporation)
(iAimTV0) iAimTV0 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wATV01nt.sys -> [2004/08/03 22:29:42 | 00,029,311 | ---- | M] (Intel(R) Corporation)
(iAimTV1) iAimTV1 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wATV02NT.sys -> [2004/08/03 22:29:44 | 00,019,551 | ---- | M] (Intel(R) Corporation)
(iAimTV3) iAimTV3 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wATV04nt.sys -> [2004/08/03 22:29:44 | 00,033,599 | ---- | M] (Intel(R) Corporation)
(iAimTV4) iAimTV4 [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\wCh7xxNT.sys -> [2004/08/03 22:29:46 | 00,023,615 | ---- | M] (Intel(R) Corporation)
(MAPMEM) MAPMEM [Kernel | Auto | Running] -> %ProgramFiles%\CheckIt\Diagnostics\MAPMEM.SYS -> [2004/03/05 17:09:02 | 00,003,904 | ---- | M] ()
(MODEMCSA) Unimodem Streaming Filter Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MODEMCSA.sys -> [2001/08/17 13:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\mraid35x.sys -> [2001/08/17 13:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20090316.054\NAVENG.SYS -> [2009/02/19 04:00:00 | 00,089,104 | ---- | M] (Symantec Corporation)
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20090316.054\NAVEX15.SYS -> [2009/02/19 04:00:00 | 00,876,144 | ---- | M] (Symantec Corporation)
(NPDriver) Norton UnErase Protection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\Drivers\NPDRIVER.SYS -> [2005/11/03 16:56:04 | 00,081,748 | ---- | M] (Symantec Corporation)
(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\nv4_mini.sys -> [2003/03/14 14:59:00 | 01,223,562 | ---- | M] (NVIDIA Corporation)
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\System32\DRIVERS\omci.sys -> [2002/11/08 13:45:06 | 00,017,217 | ---- | M] (Dell Computer Corporation)
(PalmUSBD) PalmUSBD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PalmUSBD.sys -> [2003/07/16 20:37:44 | 00,016,509 | ---- | M] (Palm, Inc.)
(pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> [2002/11/11 16:52:58 | 00,009,856 | ---- | M] (Padus, Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\DRIVERS\ptilink.sys -> [2002/08/29 05:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\System32\Drivers\PxHelp20.sys -> [2005/01/26 02:03:00 | 00,020,576 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\ql1080.sys -> [2001/08/17 13:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\ql12160.sys -> [2001/08/17 13:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\ql1280.sys -> [2001/08/17 13:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(SDdriver) SDdriver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\Drivers\sddriver.sys -> [2005/11/03 16:43:42 | 00,090,272 | ---- | M] (Symantec Corporation)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\DRIVERS\secdrv.sys -> [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\sisagp.sys -> [2008/04/13 13:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(smwdm) smwdm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\smwdm.sys -> [2003/02/28 09:17:18 | 00,545,024 | ---- | M] (Analog Devices, Inc.)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\sparrow.sys -> [2001/08/17 14:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> [2008/09/05 15:31:42 | 00,447,024 | ---- | M] (Symantec Corporation)
(SRTSP) SRTSP [File_System | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SRTSP.SYS -> [2007/12/01 00:57:12 | 00,279,088 | ---- | M] (Symantec Corporation)
(SRTSPL) SRTSPL [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\SRTSPL.SYS -> [2007/12/01 00:57:12 | 00,317,616 | ---- | M] (Symantec Corporation)
(SRTSPX) SRTSPX [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\SRTSPX.SYS -> [2007/12/01 00:57:12 | 00,043,696 | ---- | M] (Symantec Corporation)
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\symc810.sys -> [2001/08/17 14:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\symc8xx.sys -> [2001/08/17 14:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SYMDNS.SYS -> [2009/02/19 12:31:16 | 00,013,616 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\Drivers\SYMEVENT.SYS -> [2009/01/20 01:10:11 | 00,124,464 | ---- | M] (Symantec Corporation)
(SYMFW) SYMFW [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SYMFW.SYS -> [2009/02/19 12:31:16 | 00,096,560 | ---- | M] (Symantec Corporation)
(SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SYMIDS.SYS -> [2009/02/19 12:31:16 | 00,038,576 | ---- | M] (Symantec Corporation)
(SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\SymcData\ipsdefs\20090310.005\SymIDSCo.sys -> [2009/01/02 22:53:44 | 00,250,224 | ---- | M] (Symantec Corporation)
(SymIM) Symantec Network Security Intermediate Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\SymIM.sys -> [2009/02/19 12:31:42 | 00,031,280 | ---- | M] (Symantec Corporation)
(SymIMMP) SymIMMP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\SymIM.sys -> [2009/02/19 12:31:42 | 00,031,280 | ---- | M] (Symantec Corporation)
(symlcbrd) symlcbrd [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\symlcbrd.sys -> [2006/09/01 12:11:48 | 00,010,344 | ---- | M] (Symantec Corporation)
(SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SYMNDIS.SYS -> [2009/02/19 12:31:16 | 00,037,424 | ---- | M] (Symantec Corporation)
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\SYMREDRV.SYS -> [2009/02/19 12:31:16 | 00,022,320 | ---- | M] (Symantec Corporation)
(SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\System32\Drivers\SYMTDI.SYS -> [2009/02/19 12:31:16 | 00,184,496 | ---- | M] (Symantec Corporation)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\sym_hi.sys -> [2001/08/17 14:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\sym_u3.sys -> [2001/08/17 14:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\System32\DRIVERS\ultra.sys -> [2001/08/17 13:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\System32\Drivers\usbaapl.sys -> [2008/10/01 13:01:28 | 00,032,000 | ---- | M] (Apple, Inc.)
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> about:blank ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Page_Transitions" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> about:blank ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://chaska.net/ ->
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie ->
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s ->
HKEY_CURRENT_USER\: SearchURL\Google\\"" -> www.google.com/search?q=%s ->
HKEY_CURRENT_USER\: SearchURL\MSN\\"" -> search.msn.com/results.asp?q=%s ->
HKEY_CURRENT_USER\: SearchURL\Yahoo\\"" -> search.yahoo.com/search?p=%s ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> *.local ->
< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Aleda Tysver\Application Data\Mozilla\FireFox\Profiles\jhx034na.default\prefs.js ->
browser.startup.homepage -> "www.chaska.net" ->
browser.startup.homepage_override.mstone -> "rv:1.9.0.7" ->
extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.7 ->
< HOSTS File > (227866 bytes and 8044 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
First 25 entries...
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 www.139mm.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe PDF Link Helper] -> [2009/02/27 12:07:26 | 00,075,128 | ---- | M] (Adobe Systems Incorporated)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 15:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %SystemRoot%\System32\DLA\DLASHX_W.DLL [DriveLetterAccess] -> [2005/09/08 05:20:00 | 00,110,652 | ---- | M] (Sonic Solutions)
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [Reg Error: Value error.] -> [2007/08/24 22:51:56 | 00,316,784 | ---- | M] (Symantec Corporation)
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> %CommonProgramFiles%\Symantec Shared\IDS\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/01/14 16:45:19 | 00,116,088 | ---- | M] (Symantec Corporation)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [Show Norton Toolbar] -> [2007/08/24 22:51:56 | 00,316,784 | ---- | M] (Symantec Corporation)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %CommonProgramFiles%\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [Show Norton Toolbar] -> [2007/08/24 22:51:56 | 00,316,784 | ---- | M] (Symantec Corporation)
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 9.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"] -> [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated)
"BCMSMMSG" -> %SystemRoot%\BCMSMMSG.exe [BCMSMMSG.exe] -> [2003/08/29 05:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation)
"ccApp" -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2008/10/17 16:52:10 | 00,051,048 | ---- | M] (Symantec Corporation)
"DLA" -> %SystemRoot%\System32\DLA\DLACTRLW.EXE [C:\WINDOWS\System32\DLA\DLACTRLW.EXE] -> [2005/09/08 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions)
"ISUSPM Startup" -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2004/07/27 16:50:42 | 00,221,184 | ---- | M] (InstallShield Software Corporation)
"ISUSScheduler" -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2008/10/01 18:57:12 | 00,289,576 | ---- | M] (Apple Inc.)
"osCheck" -> %ProgramFiles%\Norton Internet Security\osCheck.exe ["C:\Program Files\Norton Internet Security\osCheck.exe"] -> [2007/08/24 23:53:28 | 00,714,608 | ---- | M] (Symantec Corporation)
"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2008/09/06 15:09:14 | 00,413,696 | ---- | M] (Apple Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"MSMSGS" -> %ProgramFiles%\Messenger\msmsgs.exe ["C:\Program Files\Messenger\msmsgs.exe" /background] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\ypager.exe [C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet] -> File not found
< Aleda Tysver Startup Folder > -> C:\Documents and Settings\Aleda Tysver\Start Menu\Programs\Startup ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersProfile%\Start Menu\Programs\Startup\Norton GoBack.lnk -> %ProgramFiles%\Norton SystemWorks\Norton GoBack\GBTray.exe -> [2005/11/14 08:24:04 | 00,861,872 | R--- | M] (Symantec Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoCDBurning" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"NoSaveSettings" -> [0] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
&Search -> [http://km.bar.need2find.com/KM/menusearch.html?p=KM] -> File not found
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> [2003/08/13 03:34:38 | 10,073,144 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{5E638779-1818-4754-A595-EF1C63B87A56}:Exec [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton Cleanup\WCQuick.lnk [Button: Express Cleanup] -> [2006/08/16 23:58:08 | 00,000,762 | ---- | M] ()
{5E638779-1818-4754-A595-EF1C63B87A56}:Exec [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton Cleanup\WCQuick.lnk [Menu: Express Cleanup] -> [2006/08/16 23:58:08 | 00,000,762 | ---- | M] ()
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2003/07/14 23:57:08 | 00,040,512 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 15:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\Network Diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{4528BBE0-4E08-11D5-AD55-00010333D0AD}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{5E638779-1818-4754-A595-EF1C63B87A56}" [HKLM] -> %ProgramFiles%\Norton SystemWorks\Norton Cleanup\WCQuick.lnk [Express Cleanup] -> [2006/08/16 23:58:08 | 00,000,762 | ---- | M] ()
CmdMapping\\"{669695BC-A811-4A9D-8CDF-BA8C795F261C}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4235 domain(s) found. ->
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4236 domain(s) found. ->
.[msn] -> My Computer ->
objects_aol.com -> Out of zone range - ( 5 ) ->
32 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> http://go.microsoft.com/fwlink/?linkid=39204 [Windows Genuine Advantage Validation Tool] ->
{215B8138-A3CF-44C5-803F-8226143CFC0A} [HKLM] -> http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab [Trend Micro ActiveX Scan Agent 6.6] ->
{30528230-99F7-4BB4-88D8-FA1D4F56A2AB} [HKLM] -> http://download.yahoo.com/dl/installs/yinst0401.cab [YInstStarter Class] ->
{33564D57-9980-0010-8000-00AA00389B71} [HKLM] -> http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab [Reg Error: Key error.] ->
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140 [WUWebControl Class] ->
{6A344D34-5231-452A-8A57-D064AC9B7862} [HKLM] -> https://webdl.symantec.com/activex/symdlmgr.cab [Symantec Download Manager] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F} [HKLM] -> http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37987.7580555556 [Reg Error: Key error.] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] ->
DirectAnimation Java Classes [HKLM] -> file://C:\WINDOWS\Java\classes\dajava.cab [Reg Error: Key error.] ->
Microsoft XML Parser for Java [HKLM] -> file://C:\WINDOWS\Java\classes\xmldso.cab [Reg Error: Key error.] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{11730811-3F86-4A27-9550-BAB348D3223B} -> (Intel(R) PRO/100 VE Network Connection) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/04/13 19:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> [2005/08/05 15:08:26 | 00,067,160 | ---- | M] (America Online, Inc.)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe" -> C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe [C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> File not found
"C:\Program Files\Common Files\aol\Loader\aolload.exe" -> C:\Program Files\Common Files\aol\Loader\aolload.exe [C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2005/04/13 15:51:28 | 00,011,864 | ---- | M] (America Online, Inc.)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\Network Diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Documents and Settings\TK\My Documents\kazaa.exe" -> C:\Documents and Settings\TK\My Documents\kazaa.exe [C:\Documents and Settings\TK\My Documents\kazaa.exe:*:Enabled:Kazaa] -> File not found
"C:\Program Files\AIM\aim.exe" -> C:\Program Files\AIM\aim.exe [C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger] -> [2005/08/05 15:08:26 | 00,067,160 | ---- | M] (America Online, Inc.)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe" -> C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe [C:\Program Files\Common Files\aol\1126361781\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> File not found
"C:\Program Files\Common Files\aol\Loader\aolload.exe" -> C:\Program Files\Common Files\aol\Loader\aolload.exe [C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2005/04/13 15:51:28 | 00,011,864 | ---- | M] (America Online, Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/10/01 18:57:04 | 14,258,472 | ---- | M] (Apple Inc.)
"C:\Program Files\Juno\bin\juno.exe" -> C:\Program Files\Juno\bin\juno.exe [C:\Program Files\Juno\bin\juno.exe:*:Enabled:Juno] -> [2006/08/10 15:27:44 | 00,565,520 | ---- | M] (Juno Online Services, Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\System32\DRIVERS\cdrom.sys [System32\DRIVERS\cdrom.sys] -> [2008/04/13 13:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
[Files/Folders - Created Within 30 Days]
2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/03/17 15:44:27 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/17 15:41:38 | 00,661,370 | ---- | C] ()
LastGood -> %SystemRoot%\LastGood -> [2009/03/17 13:15:22 | 00,000,000 | ---D | C]
RSIT.exe -> %UserProfile%\Desktop\RSIT.exe -> [2009/03/16 13:32:25 | 00,781,851 | ---- | C] ()
Recent -> %UserProfile%\Recent -> [2009/03/16 13:30:02 | 00,000,000 | RH-D | C]
rsit -> %SystemDrive%\rsit -> [2009/03/16 13:09:11 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2009/03/16 09:27:08 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/03/16 09:27:00 | 00,000,707 | ---- | C] ()
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/03/16 09:26:59 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/03/16 09:26:56 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2009/03/16 09:26:54 | 00,000,000 | ---D | C]
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/03/16 09:26:53 | 00,000,000 | ---D | C]
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2009/03/16 09:21:35 | 02,876,728 | ---- | C] (Malwarebytes Corporation )
cc_20090315_131028.reg -> %UserProfile%\My Documents\cc_20090315_131028.reg -> [2009/03/15 13:10:39 | 00,001,790 | ---- | C] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/11 18:52:39 | 00,001,745 | ---- | C] ()
Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/03/11 18:52:37 | 00,000,000 | ---D | C]
Adobe Reader 9.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 9.lnk -> [2009/03/11 18:17:00 | 00,001,740 | ---- | C] ()
NOS -> %ProgramFiles%\NOS -> [2009/03/11 17:51:44 | 00,000,000 | ---D | C]
NOS -> %AllUsersProfile%\Application Data\NOS -> [2009/03/11 17:51:44 | 00,000,000 | ---D | C]
New Folder -> %UserProfile%\My Documents\New Folder -> [2009/03/11 16:08:34 | 00,000,000 | ---D | C]
ZoomBrowser EX -> %AppData%\ZoomBrowser EX -> [2009/03/11 15:51:30 | 00,000,000 | ---D | C]
usbscan.sys -> %SystemRoot%\System32\drivers\usbscan.sys -> [2009/03/11 15:49:33 | 00,015,104 | ---- | C] (Microsoft Corporation)
usbscan.sys -> %SystemRoot%\System32\dllcache\usbscan.sys -> [2009/03/11 15:49:33 | 00,015,104 | ---- | C] (Microsoft Corporation)
pscUD110.dll -> %SystemRoot%\System32\pscUD110.dll -> [2009/03/11 15:44:19 | 00,339,968 | ---- | C] (Canon, Inc.)
PSCLU110.dll -> %SystemRoot%\System32\PSCLU110.dll -> [2009/03/11 15:44:18 | 00,094,208 | ---- | C] (Canon. Inc)
client information-feline diabetes.pdf -> %UserProfile%\My Documents\client information-feline diabetes.pdf -> [2009/03/11 09:12:09 | 00,109,870 | ---- | C] ()
cc_20090309_201213.reg -> %UserProfile%\My Documents\cc_20090309_201213.reg -> [2009/03/09 20:12:18 | 00,004,296 | ---- | C] ()
Adobe Photoshop 5.0 Limited Edition.lnk -> %UserProfile%\Desktop\Adobe Photoshop 5.0 Limited Edition.lnk -> [2009/03/04 18:30:31 | 00,000,855 | ---- | C] ()
pcdlib32.dll -> %SystemRoot%\System32\pcdlib32.dll -> [2009/03/04 18:30:26 | 00,212,480 | ---- | C] (Eastman Kodak)
MSVCRT10.DLL -> %SystemRoot%\System32\MSVCRT10.DLL -> [2009/03/04 18:30:26 | 00,210,944 | ---- | C] ()
sprof32.dll -> %SystemRoot%\sprof32.dll -> [2009/03/04 18:30:26 | 00,133,120 | ---- | C] (Eastman Kodak Company)
iccsigs.dat -> %SystemRoot%\iccsigs.dat -> [2009/03/04 18:30:26 | 00,040,129 | ---- | C] ()
kpcms -> %SystemDrive%\kpcms -> [2009/03/04 18:30:26 | 00,000,000 | ---D | C]
kpcp32.dll -> %SystemRoot%\kpcp32.dll -> [2009/03/04 18:30:25 | 00,197,120 | ---- | C] (Eastman Kodak Company)
pfpick.dll -> %SystemRoot%\pfpick.dll -> [2009/03/04 18:30:25 | 00,058,368 | ---- | C] (Eastman Kodak Company)
kpsys32.dll -> %SystemRoot%\kpsys32.dll -> [2009/03/04 18:30:25 | 00,037,376 | ---- | C] (Eastman Kodak Company)
icccodes.dll -> %SystemRoot%\icccodes.dll -> [2009/03/04 18:30:25 | 00,020,992 | ---- | C] (Eastman Kodak Company)
KPCMS.INI -> %SystemRoot%\KPCMS.INI -> [2009/03/04 18:30:25 | 00,000,117 | ---- | C] ()
COLOR -> %SystemRoot%\System32\COLOR -> [2009/03/04 18:30:16 | 00,000,000 | ---D | C]
G2S40S30WI390EN -> %UserProfile%\Desktop\G2S40S30WI390EN -> [2009/03/04 18:07:25 | 00,000,000 | ---D | C]
ZoomBrowser EX.lnk -> %AllUsersProfile%\Desktop\ZoomBrowser EX.lnk -> [2009/03/04 17:03:51 | 00,000,934 | ---- | C] ()
ZoomBrowser -> %AllUsersProfile%\Application Data\ZoomBrowser -> [2009/03/04 17:03:51 | 00,000,000 | ---D | C]
Canon -> %CommonProgramFiles%\Canon -> [2009/03/04 16:29:53 | 00,000,000 | ---D | C]
user_shopper.asp_files -> %UserProfile%\My Documents\user_shopper.asp_files -> [2009/03/04 14:39:48 | 00,000,000 | ---D | C]
user_shopper.asp.htm -> %UserProfile%\My Documents\user_shopper.asp.htm -> [2009/03/04 14:39:35 | 00,037,587 | ---- | C] ()
OPPRIN~1.INI -> %SystemRoot%\OPPRIN~1.INI -> [2009/02/27 21:29:57 | 00,000,000 | ---- | C] ()
openpage.msg -> %SystemRoot%\System32\openpage.msg -> [2009/02/27 21:29:35 | 00,074,665 | ---- | C] ()
opapi11.dll -> %SystemRoot%\System32\opapi11.dll -> [2009/02/27 21:29:34 | 02,641,973 | ---- | C] (CISRA)
Canon -> %ProgramFiles%\Canon -> [2009/02/27 21:28:36 | 00,000,000 | ---D | C]
AUTOEXEC.NT -> %SystemRoot%\System32\AUTOEXEC.NT -> [2009/02/27 21:16:42 | 00,001,688 | ---- | C] ()
SymNeti.dll -> %SystemRoot%\System32\SymNeti.dll -> [2009/02/19 13:03:34 | 00,579,464 | ---- | C] (Symantec Corporation)
SymRedir.dll -> %SystemRoot%\System32\SymRedir.dll -> [2009/02/19 13:03:26 | 00,207,240 | ---- | C] (Symantec Corporation)
SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> [2009/02/19 12:31:42 | 00,031,280 | ---- | C] (Symantec Corporation)
SymRedir.cat -> %SystemRoot%\System32\drivers\SymRedir.cat -> [2009/02/19 12:31:42 | 00,009,844 | ---- | C] ()
SymRedir.inf -> %SystemRoot%\System32\drivers\SymRedir.inf -> [2009/02/19 12:31:42 | 00,001,611 | ---- | C] ()
symndisv.sys -> %SystemRoot%\System32\drivers\symndisv.sys -> [2009/02/19 12:31:18 | 00,041,008 | ---- | C] (Symantec Corporation)
symtdi.sys -> %SystemRoot%\System32\drivers\symtdi.sys -> [2009/02/19 12:31:16 | 00,184,496 | ---- | C] (Symantec Corporation)
symfw.sys -> %SystemRoot%\System32\drivers\symfw.sys -> [2009/02/19 12:31:16 | 00,096,560 | ---- | C] (Symantec Corporation)
symids.sys -> %SystemRoot%\System32\drivers\symids.sys -> [2009/02/19 12:31:16 | 00,038,576 | ---- | C] (Symantec Corporation)
symndis.sys -> %SystemRoot%\System32\drivers\symndis.sys -> [2009/02/19 12:31:16 | 00,037,424 | ---- | C] (Symantec Corporation)
symredrv.sys -> %SystemRoot%\System32\drivers\symredrv.sys -> [2009/02/19 12:31:16 | 00,022,320 | ---- | C] (Symantec Corporation)
symdns.sys -> %SystemRoot%\System32\drivers\symdns.sys -> [2009/02/19 12:31:16 | 00,013,616 | ---- | C] (Symantec Corporation)
[Files/Folders - Modified Within 30 Days]
2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
5 C:\Documents and Settings\Aleda Tysver\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Aleda Tysver\Local Settings\Temp\*.tmp ->
7 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp ->
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/03/17 15:41:38 | 00,661,370 | ---- | M] ()
Word 2003.lnk -> %UserProfile%\Desktop\Word 2003.lnk -> [2009/03/17 13:59:45 | 00,002,497 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/03/17 13:15:10 | 00,004,646 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/03/17 13:15:10 | 00,004,232 | ---- | M] ()
WPA.DBL -> %SystemRoot%\System32\WPA.DBL -> [2009/03/17 13:14:09 | 00,001,170 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/03/17 13:10:49 | 00,000,006 | -H-- | M] ()
BOOTSTAT.DAT -> %SystemRoot%\BOOTSTAT.DAT -> [2009/03/17 13:10:31 | 00,002,048 | ---- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/03/17 13:10:25 | 26,745,6512 | -HS- | M] ()
ntuser.dat -> %UserProfile%\ntuser.dat -> [2009/03/17 07:33:23 | 04,718,592 | ---- | M] ()
NTUSER.INI -> %UserProfile%\NTUSER.INI -> [2009/03/17 07:33:23 | 00,000,178 | -HS- | M] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/03/17 07:32:50 | 06,455,778 | -H-- | M] ()
Norton Internet Security - Run Full System Scan - Aleda Tysver.job -> %SystemRoot%\tasks\Norton Internet Security - Run Full System Scan - Aleda Tysver.job -> [2009/03/16 20:00:00 | 00,000,636 | ---- | M] ()
RSIT.exe -> %UserProfile%\Desktop\RSIT.exe -> [2009/03/16 13:32:27 | 00,781,851 | ---- | M] ()
JUNO.INI -> %SystemRoot%\JUNO.INI -> [2009/03/16 13:30:05 | 00,001,008 | ---- | M] ()
WIN.INI -> %SystemRoot%\WIN.INI -> [2009/03/16 13:04:26 | 00,001,039 | ---- | M] ()
Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/03/16 09:27:00 | 00,000,707 | ---- | M] ()
mbam-setup.exe -> %UserProfile%\Desktop\mbam-setup.exe -> [2009/03/16 09:21:35 | 02,876,728 | ---- | M] (Malwarebytes Corporation )
cc_20090315_131028.reg -> %UserProfile%\My Documents\cc_20090315_131028.reg -> [2009/03/15 13:10:50 | 00,001,790 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/03/12 08:23:40 | 00,256,656 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/11 18:52:39 | 00,001,745 | ---- | M] ()
Adobe Reader 9.lnk -> %AllUsersProfile%\Desktop\Adobe Reader 9.lnk -> [2009/03/11 18:17:02 | 00,001,740 | ---- | M] ()
client information-feline diabetes.pdf -> %UserProfile%\My Documents\client information-feline diabetes.pdf -> [2009/03/11 09:12:13 | 00,109,870 | ---- | M] ()
cc_20090309_201213.reg -> %UserProfile%\My Documents\cc_20090309_201213.reg -> [2009/03/09 20:12:22 | 00,004,296 | ---- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/03/09 10:42:44 | 00,072,760 | ---- | M] ()
PERFH009.DAT -> %SystemRoot%\System32\PERFH009.DAT -> [2009/03/08 11:05:46 | 00,394,078 | ---- | M] ()
PERFC009.DAT -> %SystemRoot%\System32\PERFC009.DAT -> [2009/03/08 11:05:46 | 00,059,326 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/03/08 11:05:45 | 00,460,912 | ---- | M] ()
Adobe Photoshop 5.0 Limited Edition.lnk -> %UserProfile%\Desktop\Adobe Photoshop 5.0 Limited Edition.lnk -> [2009/03/04 18:30:31 | 00,000,855 | ---- | M] ()
KPCMS.INI -> %SystemRoot%\KPCMS.INI -> [2009/03/04 18:30:25 | 00,000,117 | ---- | M] ()
ZoomBrowser EX.lnk -> %AllUsersProfile%\Desktop\ZoomBrowser EX.lnk -> [2009/03/04 17:03:51 | 00,000,934 | ---- | M] ()
user_shopper.asp.htm -> %UserProfile%\My Documents\user_shopper.asp.htm -> [2009/03/04 14:39:55 | 00,037,587 | ---- | M] ()
OPPRIN~1.INI -> %SystemRoot%\OPPRIN~1.INI -> [2009/02/27 21:29:57 | 00,000,000 | ---- | M] ()
SymNeti.dll -> %SystemRoot%\System32\SymNeti.dll -> [2009/02/19 13:03:34 | 00,579,464 | ---- | M] (Symantec Corporation)
SymRedir.dll -> %SystemRoot%\System32\SymRedir.dll -> [2009/02/19 13:03:26 | 00,207,240 | ---- | M] (Symantec Corporation)
SymIM.sys -> %SystemRoot%\System32\drivers\SymIM.sys -> [2009/02/19 12:31:42 | 00,031,280 | ---- | M] (Symantec Corporation)
SymRedir.cat -> %SystemRoot%\System32\drivers\SymRedir.cat -> [2009/02/19 12:31:42 | 00,009,844 | ---- | M] ()
SymRedir.inf -> %SystemRoot%\System32\drivers\SymRedir.inf -> [2009/02/19 12:31:42 | 00,001,611 | ---- | M] ()
symndisv.sys -> %SystemRoot%\System32\drivers\symndisv.sys -> [2009/02/19 12:31:18 | 00,041,008 | ---- | M] (Symantec Corporation)
symtdi.sys -> %SystemRoot%\System32\drivers\symtdi.sys -> [2009/02/19 12:31:16 | 00,184,496 | ---- | M] (Symantec Corporation)
symfw.sys -> %SystemRoot%\System32\drivers\symfw.sys -> [2009/02/19 12:31:16 | 00,096,560 | ---- | M] (Symantec Corporation)
symids.sys -> %SystemRoot%\System32\drivers\symids.sys -> [2009/02/19 12:31:16 | 00,038,576 | ---- | M] (Symantec Corporation)
symndis.sys -> %SystemRoot%\System32\drivers\symndis.sys -> [2009/02/19 12:31:16 | 00,037,424 | ---- | M] (Symantec Corporation)
symredrv.sys -> %SystemRoot%\System32\drivers\symredrv.sys -> [2009/02/19 12:31:16 | 00,022,320 | ---- | M] (Symantec Corporation)
symdns.sys -> %SystemRoot%\System32\drivers\symdns.sys -> [2009/02/19 12:31:16 | 00,013,616 | ---- | M] (Symantec Corporation)
setupprop.dat -> %UserProfile%\Local Settings\Temp\setupprop.dat -> [2009/01/14 15:44:36 | 00,000,076 | ---- | M] ()
DefInstAction.dat -> %UserProfile%\Local Settings\Temp\DefInstAction.dat -> [2009/01/14 15:38:41 | 00,000,124 | ---- | M] ()
CF_Register_Action.dat -> %UserProfile%\Local Settings\Temp\CF_Register_Action.dat -> [2009/01/14 15:38:39 | 00,000,172 | ---- | M] ()
AppCoreInst.dat -> %UserProfile%\Local Settings\Temp\AppCoreInst.dat -> [2009/01/14 15:38:39 | 00,000,124 | ---- | M] ()
FW_Register_Plugin_Action.dat -> %UserProfile%\Local Settings\Temp\FW_Register_Plugin_Action.dat -> [2009/01/14 15:34:17 | 00,000,172 | ---- | M] ()
Perflib_Perfdata_bc8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_bc8.dat -> [2009/01/12 23:02:25 | 00,016,384 | ---- | M] ()
AVRES_OPTRF_LiveUpdate.dat -> %UserProfile%\Local Settings\Temp\AVRES_OPTRF_LiveUpdate.dat -> [2009/01/12 22:31:14 | 00,000,124 | ---- | M] ()
VIRSCAN7.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN7.DAT -> [2009/01/10 04:00:00 | 32,324,233 | ---- | M] ()
VIRSCAN5.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN5.DAT -> [2009/01/10 04:00:00 | 10,442,656 | ---- | M] ()
TCSCAN7.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TCSCAN7.DAT -> [2009/01/10 04:00:00 | 08,921,823 | ---- | M] ()
VIRSCAN9.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN9.DAT -> [2009/01/10 04:00:00 | 03,615,227 | ---- | M] ()
VIRSCAN8.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN8.DAT -> [2009/01/10 04:00:00 | 01,059,063 | ---- | M] ()
VIRSCAN1.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN1.DAT -> [2009/01/10 04:00:00 | 01,013,598 | ---- | M] ()
VIRSCAN2.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN2.DAT -> [2009/01/10 04:00:00 | 00,571,890 | ---- | M] ()
TCDEFS.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TCDEFS.DAT -> [2009/01/10 04:00:00 | 00,487,773 | ---- | M] ()
TCSCAN9.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TCSCAN9.DAT -> [2009/01/10 04:00:00 | 00,482,642 | ---- | M] ()
VIRSCAN6.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN6.DAT -> [2009/01/10 04:00:00 | 00,395,409 | ---- | M] ()
VIRSCAN4.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN4.DAT -> [2009/01/10 04:00:00 | 00,320,259 | ---- | M] ()
TCSCAN8.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TCSCAN8.DAT -> [2009/01/10 04:00:00 | 00,171,019 | ---- | M] ()
VIRSCAN3.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCAN3.DAT -> [2009/01/10 04:00:00 | 00,153,092 | ---- | M] ()
TSCAN1.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TSCAN1.DAT -> [2009/01/10 04:00:00 | 00,072,567 | ---- | M] ()
TINFL.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TINFL.DAT -> [2009/01/10 04:00:00 | 00,001,957 | ---- | M] ()
TINF.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TINF.DAT -> [2009/01/10 04:00:00 | 00,000,453 | ---- | M] ()
VIRSCANT.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\VIRSCANT.DAT -> [2009/01/10 03:03:28 | 00,000,032 | ---- | M] ()
CCERASER.DLL -> %SystemRoot%\Temp\slu6cb6.tmp\CCERASER.DLL -> [2008/11/20 04:00:00 | 02,393,648 | ---- | M] (Symantec Corporation)
NAVEX32A.DLL -> %SystemRoot%\Temp\slu6cb6.tmp\NAVEX32A.DLL -> [2008/11/11 04:00:00 | 01,181,040 | ---- | M] (Symantec Corporation)
ECMSVR32.DLL -> %SystemRoot%\Temp\slu6cb6.tmp\ECMSVR32.DLL -> [2008/11/11 04:00:00 | 00,259,368 | ---- | M] (Symantec Corporation)
NAVENG32.DLL -> %SystemRoot%\Temp\slu6cb6.tmp\NAVENG32.DLL -> [2008/11/11 04:00:00 | 00,177,520 | ---- | M] (Symantec Corporation)
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2008/11/07 21:27:59 | 00,011,064 | ---- | M] ()
TSCAN1HD.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TSCAN1HD.DAT -> [2008/02/13 04:00:00 | 00,003,760 | ---- | M] ()
SCRAUTH.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\SCRAUTH.DAT -> [2007/11/14 15:11:46 | 00,097,776 | ---- | M] ()
CATALOG.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\CATALOG.DAT -> [2007/11/14 15:11:46 | 00,003,432 | ---- | M] ()
ZDONE.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\ZDONE.DAT -> [2007/11/14 15:11:46 | 00,000,224 | ---- | M] ()
TINFIDX.DAT -> %SystemRoot%\Temp\slu6cb6.tmp\TINFIDX.DAT -> [2007/11/14 15:11:46 | 00,000,148 | ---- | M] ()
instopts.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\instopts.dat -> [2007/08/28 03:28:16 | 00,005,900 | ---- | M] ()
instopts.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\instopts.dat -> [2007/08/28 03:28:16 | 00,005,900 | ---- | M] ()
Stub.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Stub.dat -> [2007/08/28 03:28:14 | 00,000,572 | ---- | M] ()
cltBTPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltBTPlg.dll -> [2007/08/27 23:13:16 | 00,430,984 | ---- | M] (Symantec Corporation)
NISLUCBK.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\NISLUCBK.DLL -> [2007/08/26 21:55:24 | 00,267,128 | ---- | M] (Symantec Corporation)
CLTVault.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\Dist\CLTVault.dll -> [2007/08/26 21:55:16 | 00,783,736 | ---- | M] (Symantec Corporation)
CLTVault.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\CLTVault.dll -> [2007/08/26 21:55:16 | 00,783,736 | ---- | M] (Symantec Corporation)
VAUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\VAUI.dll -> [2007/08/26 21:55:12 | 01,435,000 | ---- | M] (Symantec Corporation)
VAUIOpt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\VAUIOpt.dll -> [2007/08/26 21:55:12 | 00,087,416 | ---- | M] (Symantec Corporation)
Setup.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup.exe -> [2007/08/26 21:55:10 | 02,551,672 | ---- | M] (Symantec Corporation)
SNLog.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\SNLog.dll -> [2007/08/26 21:55:10 | 00,159,096 | ---- | M] (Symantec Corporation)
NisTray.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\NisTray.dll -> [2007/08/26 21:55:08 | 00,263,032 | ---- | M] (Symantec Corporation)
NisLVPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\NisLVPlg.dll -> [2007/08/26 21:55:06 | 00,072,568 | ---- | M] (Symantec Corporation)
NISLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\NISLUReg.dll -> [2007/08/26 21:55:06 | 00,010,104 | ---- | M] (Symantec Corporation)
ISRlRstr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\NISTools\ISRlRstr.exe -> [2007/08/26 21:55:04 | 00,074,616 | ---- | M] (Symantec Corporation)
CDStart.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\CDStart.exe -> [2007/08/26 21:55:02 | 00,229,240 | ---- | M] (Symantec Corporation)
PtchInst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\PtchInst.dll -> [2007/08/26 21:55:02 | 00,033,656 | ---- | M] (Symantec Corporation)
NISVER.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\NISVER.dat -> [2007/08/26 21:47:54 | 00,000,064 | ---- | M] ()
NISVER.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\NISVER.dat -> [2007/08/26 21:47:54 | 00,000,064 | ---- | M] ()
mrsmarti
2009-03-18, 00:46
Note this is post 2 and there is a 3rd one. It was way over the character limit!!
cfgwiz.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\cfgwiz.dat -> [2007/08/26 20:36:36 | 00,000,604 | ---- | M] ()
NAVLUCBK.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NAVLUCBK.dll -> [2007/08/26 20:19:06 | 00,566,120 | ---- | M] (Symantec Corporation)
OfficeAV.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\OfficeAV.dll -> [2007/08/26 20:19:04 | 00,107,368 | ---- | M] (Symantec Corporation)
PtchInst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\PtchInst.dll -> [2007/08/26 20:19:04 | 00,048,488 | ---- | M] (Symantec Corporation)
Navw32.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\Navw32.exe -> [2007/08/26 20:19:02 | 00,245,608 | ---- | M] (Symantec Corporation)
Navwnt.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\Navwnt.exe -> [2007/08/26 20:19:02 | 00,061,288 | ---- | M] (Symantec Corporation)
NAVTskWz.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NAVTskWz.dll -> [2007/08/26 20:19:00 | 00,102,248 | ---- | M] (Symantec Corporation)
NavShExt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NavShExt.dll -> [2007/08/26 20:18:58 | 00,138,600 | ---- | M] (Symantec Corporation)
NavShcPS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NavShcPS.dll -> [2007/08/26 20:18:58 | 00,017,256 | ---- | M] (Symantec Corporation)
NavShcom.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NavShcom.exe -> [2007/08/26 20:18:56 | 00,128,360 | ---- | M] (Symantec Corporation)
NAVLU64.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NAVLU64.dll -> [2007/08/26 20:18:54 | 00,010,088 | ---- | M] (Symantec Corporation)
NAVLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NAVLUReg.dll -> [2007/08/26 20:18:52 | 00,010,088 | ---- | M] (Symantec Corporation)
NAVLogV.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NAVLogV.dll -> [2007/08/26 20:18:50 | 00,764,776 | ---- | M] (Symantec Corporation)
NAVEvent.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\NAVEvent.dll -> [2007/08/26 20:18:48 | 00,180,072 | ---- | M] (Symantec Corporation)
AVSubmit.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\AVSubmit.dll -> [2007/08/26 20:18:40 | 00,303,976 | ---- | M] (Symantec Corporation)
avScnTsk.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\avScnTsk.dll -> [2007/08/26 20:18:40 | 00,180,584 | ---- | M] (Symantec Corporation)
avScanUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\avScanUI.dll -> [2007/08/26 20:18:38 | 00,568,680 | ---- | M] (Symantec Corporation)
AVPSVC32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\AVPSVC32.dll -> [2007/08/26 20:18:36 | 00,302,952 | ---- | M] (Symantec Corporation)
AvPreScn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\PreScan\AvPreScn.dll -> [2007/08/26 20:18:33 | 00,451,432 | ---- | M] (Symantec Corporation)
AVPAPP32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\AVPAPP32.dll -> [2007/08/26 20:18:32 | 00,422,248 | ---- | M] (Symantec Corporation)
VERSION.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\VERSION.DAT -> [2007/08/26 19:57:52 | 00,000,112 | ---- | M] ()
version.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\version.dat -> [2007/08/26 19:57:51 | 00,000,112 | ---- | M] ()
Remover.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\Remover\Remover.exe -> [2007/08/26 19:04:25 | 00,142,192 | ---- | M] (Symantec Corporation)
Stub.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Stub.exe -> [2007/08/26 19:04:20 | 00,778,080 | ---- | M] (Symantec Corporation)
Reporter.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\Reporter\Reporter.exe -> [2007/08/26 19:04:18 | 00,985,448 | ---- | M] (Symantec Corporation)
SymLnch.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymLnch\SymLnch.exe -> [2007/08/26 19:04:18 | 00,687,976 | ---- | M] (Symantec Corporation)
InteScan.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\PreScan\InteScan.dll -> [2007/08/26 19:04:14 | 00,207,744 | ---- | M] (Symantec Corporation)
ccL70U.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccL70U.dll -> [2007/08/25 00:14:50 | 00,840,552 | ---- | M] (Symantec Corporation)
ccL70U.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccL70U.dll -> [2007/08/25 00:14:32 | 00,616,808 | ---- | M] (Symantec Corporation)
ccL70.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccL70.dll -> [2007/08/25 00:14:24 | 00,498,536 | ---- | M] (Symantec Corporation)
ccIPC.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccIPC.dll -> [2007/08/25 00:08:22 | 00,209,256 | ---- | M] (Symantec Corporation)
ccVrTrst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccVrTrst.dll -> [2007/08/25 00:08:20 | 00,259,432 | ---- | M] (Symantec Corporation)
ccSvc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccSvc.dll -> [2007/08/25 00:08:20 | 00,233,320 | ---- | M] (Symantec Corporation)
ccSet.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccSet.dll -> [2007/08/25 00:08:18 | 00,355,176 | ---- | M] (Symantec Corporation)
ccInst64.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\ccCommon\ccCmn64\ccInst64.dll -> [2007/08/25 00:08:18 | 00,099,176 | ---- | M] (Symantec Corporation)
ccSEDLuM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSEDLuM.dll -> [2007/08/25 00:07:44 | 00,009,576 | ---- | M] (Symantec Corporation)
ccResLuM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccResLuM.dll -> [2007/08/25 00:07:44 | 00,009,576 | ---- | M] (Symantec Corporation)
ccMSLLuM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccMSLLuM.dll -> [2007/08/25 00:07:44 | 00,009,576 | ---- | M] (Symantec Corporation)
ccRtkLuM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccRtkLuM.dll -> [2007/08/25 00:07:42 | 00,009,576 | ---- | M] (Symantec Corporation)
msl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\msl.dll -> [2007/08/25 00:07:40 | 00,324,968 | ---- | M] (Symantec Corporation)
ccCmnLuM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccCmnLuM.dll -> [2007/08/25 00:07:40 | 00,009,576 | ---- | M] (Symantec Corporation)
ccSEUPDT.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSEUPDT.exe -> [2007/08/25 00:07:38 | 00,875,880 | ---- | M] (Symantec Corporation)
ccIPC.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccIPC.dll -> [2007/08/25 00:07:38 | 00,153,960 | ---- | M] (Symantec Corporation)
ccSubEng.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSubEng.dll -> [2007/08/25 00:07:36 | 00,342,376 | ---- | M] (Symantec Corporation)
ccSEBind.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSEBind.dll -> [2007/08/25 00:07:34 | 00,631,144 | ---- | M] (Symantec Corporation)
ccAppPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccAppPlg.dll -> [2007/08/25 00:07:34 | 00,070,504 | ---- | M] (Symantec Corporation)
rcSvcHst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcSvcHst.dll -> [2007/08/25 00:07:32 | 00,009,064 | ---- | M] (Symantec Corporation)
rcLgView.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcLgView.dll -> [2007/08/25 00:07:30 | 00,015,208 | ---- | M] (Symantec Corporation)
rcEmlPxy.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcEmlPxy.dll -> [2007/08/25 00:07:30 | 00,013,160 | ---- | M] (Symantec Corporation)
rcAlert.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcAlert.dll -> [2007/08/25 00:07:28 | 00,053,096 | ---- | M] (Symantec Corporation)
rcErrDsp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcErrDsp.dll -> [2007/08/25 00:07:28 | 00,022,888 | ---- | M] (Symantec Corporation)
rcApp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\0901\rcApp.dll -> [2007/08/25 00:07:28 | 00,008,552 | ---- | M] (Symantec Corporation)
ccEvtPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccEvtPlg.dll -> [2007/08/25 00:07:26 | 00,266,600 | ---- | M] (Symantec Corporation)
ccEvtCli.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccEvtCli.dll -> [2007/08/25 00:07:24 | 00,188,264 | ---- | M] (Symantec Corporation)
ccEvtMgr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccEvtMgr.exe -> [2007/08/25 00:07:24 | 00,056,168 | ---- | M] (Symantec Corporation)
ccApp.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccApp.exe -> [2007/08/25 00:07:24 | 00,051,048 | ---- | M] (Symantec Corporation)
OEHeur.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\OEHeur.dll -> [2007/08/25 00:07:16 | 00,037,224 | ---- | M] (Symantec Corporation)
ccWebWnd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccWebWnd.dll -> [2007/08/25 00:07:12 | 00,256,872 | ---- | M] (Symantec Corporation)
ccVrTrst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccVrTrst.dll -> [2007/08/25 00:07:10 | 00,120,680 | ---- | M] (Symantec Corporation)
ccSvc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSvc.dll -> [2007/08/25 00:07:08 | 00,166,248 | ---- | M] (Symantec Corporation)
ccSvcHst.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSvcHst.exe -> [2007/08/25 00:07:08 | 00,149,864 | ---- | M] (Symantec Corporation)
ccSetPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSetPlg.dll -> [2007/08/25 00:07:06 | 00,204,136 | ---- | M] (Symantec Corporation)
ccSetEvt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSetEvt.dll -> [2007/08/25 00:07:06 | 00,058,216 | ---- | M] (Symantec Corporation)
ccSetMgr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSetMgr.exe -> [2007/08/25 00:07:06 | 00,046,440 | ---- | M] (Symantec Corporation)
ccRkSn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccRkSn.dll -> [2007/08/25 00:07:04 | 00,414,568 | ---- | M] (Symantec Corporation)
ccScanW.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccScanW.dll -> [2007/08/25 00:07:04 | 00,369,512 | ---- | M] (Symantec Corporation)
ccSet.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccSet.dll -> [2007/08/25 00:07:04 | 00,121,192 | ---- | M] (Symantec Corporation)
ccLgView.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccLgView.exe -> [2007/08/25 00:07:00 | 00,268,648 | ---- | M] (Symantec Corporation)
ccProSub.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccProSub.dll -> [2007/08/25 00:07:00 | 00,049,512 | ---- | M] (Symantec Corporation)
ccProd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccProd.dll -> [2007/08/25 00:07:00 | 00,031,592 | ---- | M] (Symantec Corporation)
ccEmlPxy.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccEmlPxy.dll -> [2007/08/25 00:06:58 | 00,314,216 | ---- | M] (Symantec Corporation)
ccErrDsp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccErrDsp.dll -> [2007/08/25 00:06:58 | 00,103,272 | ---- | M] (Symantec Corporation)
ccInst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccInst.dll -> [2007/08/25 00:06:58 | 00,088,424 | ---- | M] (Symantec Corporation)
ccAlert.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccAlert.dll -> [2007/08/25 00:06:56 | 00,227,176 | ---- | M] (Symantec Corporation)
ccALEng.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ccALEng.dll -> [2007/08/25 00:06:54 | 00,142,184 | ---- | M] (Symantec Corporation)
SymAddIn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\XP\SymAddIn.dll -> [2007/08/24 23:53:54 | 00,135,536 | ---- | M] (Symantec Corporation)
ncwHyPEX.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\ncwHyPEX\ncwHyPEX.dll -> [2007/08/24 23:53:52 | 00,234,352 | ---- | M] (Symantec Corporation)
nisoptui.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\nisoptui.exe -> [2007/08/24 23:53:52 | 00,121,712 | ---- | M] (Symantec Corporation)
ISWrkSv.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISWrkSv.dll -> [2007/08/24 23:53:52 | 00,025,968 | ---- | M] (Symantec Corporation)
nisopts.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\nisopts.dll -> [2007/08/24 23:53:50 | 01,076,080 | ---- | M] (Symantec Corporation)
ISProd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISProd.dll -> [2007/08/24 23:53:48 | 00,049,520 | ---- | M] (Symantec Corporation)
ISProd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\ISProd.dll -> [2007/08/24 23:53:48 | 00,049,520 | ---- | M] (Symantec Corporation)
isCfgCmp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\isCfgCmp.dll -> [2007/08/24 23:53:46 | 00,580,464 | ---- | M] (Symantec Corporation)
isCfgXml.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\isCfgXml.dll -> [2007/08/24 23:53:46 | 00,234,864 | ---- | M] (Symantec Corporation)
muis.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\MUI\muis.dll -> [2007/08/24 23:53:44 | 00,009,072 | ---- | M] (Symantec Corporation)
ISBTPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\Dist\ISBTPlg.dll -> [2007/08/24 23:53:32 | 00,070,000 | ---- | M] (Symantec Corporation)
ISBTPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISBTPlg.dll -> [2007/08/24 23:53:32 | 00,070,000 | ---- | M] (Symantec Corporation)
ISBTPlgS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISBTPlgS.dll -> [2007/08/24 23:53:30 | 00,149,872 | ---- | M] (Symantec Corporation)
osCheck.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\osCheck.exe -> [2007/08/24 23:53:28 | 00,714,608 | ---- | M] (Symantec Corporation)
MCUI32.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SecHist\MCUI32.exe -> [2007/08/24 23:53:26 | 00,442,736 | ---- | M] (Symantec Corporation)
nmapapp.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\nmapapp.exe -> [2007/08/24 23:53:26 | 00,276,336 | ---- | M] (Symantec Corporation)
VTCache.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\Options\VTCache.dll -> [2007/08/24 23:53:26 | 00,037,232 | ---- | M] (Symantec Corporation)
SymAddIn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\Vista\SymAddIn.dll -> [2007/08/24 23:53:24 | 00,128,368 | ---- | M] (Symantec Corporation)
SymMcCmd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymMcCmd.dll -> [2007/08/24 23:53:24 | 00,075,632 | ---- | M] (Symantec Corporation)
SymAdLog.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymAdLog.dll -> [2007/08/24 23:53:24 | 00,056,688 | ---- | M] (Symantec Corporation)
SPLVPlug.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SPBBC\SPLVPlug.dll -> [2007/08/24 23:53:22 | 00,107,376 | ---- | M] (Symantec Corporation)
SPLVPlug.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\SYMSHARE\SPBBC\SPLVPlug.dll -> [2007/08/24 23:53:22 | 00,107,376 | ---- | M] (Symantec Corporation)
SetEvtHp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\SetEvtHp.dll -> [2007/08/24 23:53:22 | 00,075,632 | ---- | M] (Symantec Corporation)
RuleUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\RuleUI.dll -> [2007/08/24 23:53:20 | 00,361,840 | ---- | M] (Symantec Corporation)
PgmCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\PgmCtl.dll -> [2007/08/24 23:53:20 | 00,199,536 | ---- | M] (Symantec Corporation)
MCMGR32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SecHist\MCMGR32.dll -> [2007/08/24 23:53:18 | 00,098,672 | ---- | M] (Symantec Corporation)
MceEULA.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\MceEULA.dll -> [2007/08/24 23:53:18 | 00,041,840 | ---- | M] (Symantec Corporation)
isPwd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\isPwd.dll -> [2007/08/24 23:53:16 | 00,111,984 | ---- | M] (Symantec Corporation)
ISPrdCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISPrdCtl.dll -> [2007/08/24 23:53:16 | 00,097,136 | ---- | M] (Symantec Corporation)
ISVAReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\CF\CFMan\ISVAReg.dll -> [2007/08/24 23:53:16 | 00,008,560 | ---- | M] (Symantec Corporation)
ISLAlert.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISLAlert.dll -> [2007/08/24 23:53:14 | 00,165,232 | ---- | M] (Symantec Corporation)
isError.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\isError.dll -> [2007/08/24 23:53:14 | 00,054,640 | ---- | M] (Symantec Corporation)
ISFWReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ISFWReg.dll -> [2007/08/24 23:53:14 | 00,008,560 | ---- | M] (Symantec Corporation)
ISDataCl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISDataCl.dll -> [2007/08/24 23:53:12 | 00,798,576 | ---- | M] (Symantec Corporation)
ISDataSv.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\ISDataSv.dll -> [2007/08/24 23:53:12 | 00,281,968 | ---- | M] (Symantec Corporation)
ISCOReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\CF\CFMan\ISCOReg.dll -> [2007/08/24 23:53:12 | 00,008,560 | ---- | M] (Symantec Corporation)
ISCFReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ISCFReg.dll -> [2007/08/24 23:53:10 | 00,010,096 | ---- | M] (Symantec Corporation)
isAbout.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\isAbout.dll -> [2007/08/24 23:53:08 | 00,145,264 | ---- | M] (Symantec Corporation)
IMCfg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IMCfg.dll -> [2007/08/24 23:53:08 | 00,072,048 | ---- | M] (Symantec Corporation)
ISArbit.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\ISArbit.dll -> [2007/08/24 23:53:08 | 00,050,032 | ---- | M] (Symantec Corporation)
fwMCPlug.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\fwMCPlug.dll -> [2007/08/24 23:53:06 | 00,426,864 | ---- | M] (Symantec Corporation)
IDSUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSUI.dll -> [2007/08/24 23:53:06 | 00,204,656 | ---- | M] (Symantec Corporation)
fwPlugin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\fwPlugin.dll -> [2007/08/24 23:53:06 | 00,193,904 | ---- | M] (Symantec Corporation)
fwEvent.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\fwEvent.dll -> [2007/08/24 23:53:04 | 00,164,720 | ---- | M] (Symantec Corporation)
fwAlert.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\fwAlert.dll -> [2007/08/24 23:53:02 | 00,236,912 | ---- | M] (Symantec Corporation)
NCOItf.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\NCOItf.dll -> [2007/08/24 22:52:14 | 00,177,520 | ---- | M] (Symantec Corporation)
COExport.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\COExport.exe -> [2007/08/24 22:52:12 | 00,370,032 | ---- | M] (Symantec Corporation)
coAcctSv.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coAcctSv.dll -> [2007/08/24 22:52:12 | 00,103,792 | ---- | M] (Symantec Corporation)
IVPlugin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\IVPlugin.dll -> [2007/08/24 22:52:10 | 00,479,088 | ---- | M] (Symantec Corporation)
rf.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\rf.dll -> [2007/08/24 22:52:08 | 01,353,136 | ---- | M] (Siber Systems)
rfpxy.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\rfpxy.dll -> [2007/08/24 22:52:08 | 00,497,008 | ---- | M] (Siber Systems Inc.)
DSMigrat.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\DSMigrat.dll -> [2007/08/24 22:52:08 | 00,341,360 | ---- | M] (Symantec Corporation)
AcctMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\AcctMgr.dll -> [2007/08/24 22:52:06 | 01,385,328 | ---- | M] (Symantec Corporation)
coParse.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coParse.dll -> [2007/08/24 22:52:06 | 00,202,096 | ---- | M] (Symantec Corporation)
coFFPlgn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coFFPlgn.dll -> [2007/08/24 22:52:00 | 00,300,400 | ---- | M] (Symantec Corporation)
coCWPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coCWPlg.dll -> [2007/08/24 22:52:00 | 00,128,368 | ---- | M] (Symantec Corporation)
coRegMon.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coRegMon.dll -> [2007/08/24 22:52:00 | 00,061,808 | ---- | M] (Symantec Corporation)
coUICtlr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coUICtlr.dll -> [2007/08/24 22:51:58 | 00,271,728 | ---- | M] (Symantec Corporation)
CoIEPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\CoIEPlg.dll -> [2007/08/24 22:51:56 | 00,316,784 | ---- | M] (Symantec Corporation)
coWCID.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coWCID.dll -> [2007/08/24 22:51:56 | 00,193,904 | ---- | M] (Symantec Corporation)
coCoreFW.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coCoreFW.dll -> [2007/08/24 22:51:54 | 00,148,848 | ---- | M] (Symantec Corporation)
coFSPCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coFSPCtl.dll -> [2007/08/24 22:51:54 | 00,073,584 | ---- | M] (Symantec Corporation)
CWBlkLst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\CWBlkLst.dll -> [2007/08/24 22:51:50 | 00,099,696 | ---- | M] (Symantec Corporation)
coWbAuth.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coWbAuth.dll -> [2007/08/24 22:51:48 | 00,210,288 | ---- | M] (Symantec Corporation)
coVisPrx.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coVisPrx.exe -> [2007/08/24 22:51:48 | 00,095,600 | ---- | M] (Symantec Corporation)
NPPCCWkr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\NPPCCWkr.dll -> [2007/08/24 22:51:46 | 00,083,312 | ---- | M] (Symantec Corporation)
NPPDSMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\NPPDSMgr.dll -> [2007/08/24 22:51:46 | 00,064,880 | ---- | M] (Symantec Corporation)
CWWLMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\CWWLMgr.dll -> [2007/08/24 22:51:46 | 00,051,568 | ---- | M] (Symantec Corporation)
coSubmit.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coSubmit.dll -> [2007/08/24 22:51:44 | 00,071,024 | ---- | M] (Symantec Corporation)
coSubXLT.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coSubXLT.dll -> [2007/08/24 22:51:44 | 00,019,824 | ---- | M] (Symantec Corporation)
CWCon.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\CWCon.dll -> [2007/08/24 22:51:42 | 00,129,392 | ---- | M] (Symantec Corporation)
CWBB.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\CWBB.dll -> [2007/08/24 22:51:40 | 00,147,824 | ---- | M] (Symantec Corporation)
coDataPr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\coDataPr.dll -> [2007/08/24 22:51:38 | 00,352,624 | ---- | M] (Symantec Corporation)
coFSPReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\coFSPReg.dll -> [2007/08/24 22:51:18 | 00,010,608 | ---- | M] (Symantec Corporation)
WALuCbk.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\WALuCbk.dll -> [2007/08/24 22:51:08 | 00,642,416 | ---- | M] (Symantec Corporation)
WP20.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\WP20.dll -> [2007/08/24 22:51:06 | 00,009,584 | ---- | M] (Symantec Corporation)
WA20.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\WA20.dll -> [2007/08/24 22:51:04 | 00,010,096 | ---- | M] (Symantec Corporation)
NCO20.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\NCO20.dll -> [2007/08/24 22:51:04 | 00,009,584 | ---- | M] (Symantec Corporation)
IV20.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\IV20.dll -> [2007/08/24 22:51:04 | 00,009,584 | ---- | M] (Symantec Corporation)
CW20.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\CW20.dll -> [2007/08/24 22:51:02 | 00,009,072 | ---- | M] (Symantec Corporation)
NCOVER.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\NCOVER.dat -> [2007/08/24 22:42:54 | 00,000,068 | ---- | M] ()
COLUpdtr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\COL\COLUpdtr.exe -> [2007/08/24 22:26:26 | 00,288,088 | ---- | M] (Symantec Corporation)
sesHlp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\COL\sesHlp.dll -> [2007/08/24 22:26:24 | 00,378,200 | ---- | M] (Symantec Corporation)
BBIF.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\COL\BBIF.dll -> [2007/08/24 22:26:18 | 00,746,840 | ---- | M] (Symantec Corporation)
COL32LU.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\Symantec\LUREGMAN\COL32LU.dll -> [2007/08/24 22:26:16 | 00,009,048 | ---- | M] (Symantec Corporation)
auCOLPwd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SYMSHARE\auCOLPwd.dll -> [2007/08/24 22:21:58 | 00,144,728 | ---- | M] (Symantec Corporation)
SymUIHlp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymUIHlp.dll -> [2007/08/24 04:49:22 | 00,730,504 | ---- | M] (Symantec Corporation)
SymSubWz.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymSubWz.dll -> [2007/08/24 04:49:20 | 00,521,608 | ---- | M] (Symantec Corporation)
cltUIStb.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltUIStb.exe -> [2007/08/24 04:49:20 | 00,439,688 | ---- | M] (Symantec Corporation)
cltUAC.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltUAC.exe -> [2007/08/24 04:49:18 | 00,423,304 | ---- | M] (Symantec Corporation)
CLTSComp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\CLTSComp.dll -> [2007/08/24 04:49:18 | 00,230,792 | ---- | M] (Symantec Corporation)
cltEndPt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltEndPt.dll -> [2007/08/24 04:49:16 | 00,132,488 | ---- | M] (Symantec Corporation)
CLTNetCN.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\CLTNetCN.dll -> [2007/08/24 04:49:16 | 00,107,912 | ---- | M] (Symantec Corporation)
SymLCUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymLCUI.dll -> [2007/08/24 04:49:14 | 00,439,688 | ---- | M] (Symantec Corporation)
SymHost.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymHost.dll -> [2007/08/24 04:49:14 | 00,206,216 | ---- | M] (Symantec Corporation)
SymSHAx.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SymSHAx.dll -> [2007/08/24 04:49:14 | 00,148,872 | ---- | M] (Symantec Corporation)
SYMCUW.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SYMCUW.exe -> [2007/08/24 04:49:12 | 00,607,624 | ---- | M] (Symantec Corporation)
SubStats.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SubStats.dll -> [2007/08/24 04:49:12 | 00,279,944 | ---- | M] (Symantec Corporation)
SubComp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SubComp.dll -> [2007/08/24 04:49:10 | 00,116,104 | ---- | M] (Symantec Corporation)
LcPlgXml.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\LcPlgXml.dll -> [2007/08/24 04:49:08 | 00,132,488 | ---- | M] (Symantec Corporation)
LicPlug.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\LicPlug.dll -> [2007/08/24 04:49:06 | 00,353,672 | ---- | M] (Symantec Corporation)
ewoc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\ewoc.dll -> [2007/08/24 04:49:06 | 00,300,424 | ---- | M] (Symantec Corporation)
CUWUtils.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\CUWUtils.dll -> [2007/08/24 04:49:04 | 00,308,616 | ---- | M] (Symantec Corporation)
EULAComp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\EULAComp.dll -> [2007/08/24 04:49:04 | 00,218,504 | ---- | M] (Symantec Corporation)
cltPIPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltPIPlg.dll -> [2007/08/24 04:49:02 | 00,165,256 | ---- | M] (Symantec Corporation)
ActComp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\ActComp.dll -> [2007/08/24 04:49:00 | 00,165,256 | ---- | M] (Symantec Corporation)
cltCFRg8.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\CF\cltCFRg8.dll -> [2007/08/24 04:49:00 | 00,009,096 | ---- | M] (Symantec Corporation)
SymLTCOM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymLTCOM.dll -> [2007/08/24 04:48:48 | 00,152,968 | ---- | M] (Symantec Corporation)
clt06PIN.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\clt06PIN.dll -> [2007/08/24 04:48:48 | 00,112,008 | ---- | M] (Symantec Corporation)
SSAutoRN.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SSAutoRN.exe -> [2007/08/24 04:48:46 | 00,513,416 | ---- | M] (Symantec Corporation)
DRMLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\DRMLUReg.dll -> [2007/08/24 04:48:46 | 00,008,584 | ---- | M] (Symantec Corporation)
cltBTPgS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\cltBTPgS.dll -> [2007/08/24 04:48:32 | 00,242,568 | ---- | M] (Symantec Corporation)
Metadata.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\Metadata.dat -> [2007/08/24 00:25:00 | 00,118,372 | ---- | M] ()
VIRSCAN1.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\VIRSCAN1.DAT -> [2007/08/24 00:25:00 | 00,000,032 | ---- | M] ()
sigs.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\sigs.dat -> [2007/08/24 00:24:58 | 03,850,012 | ---- | M] ()
Scxpx86.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\Scxpx86.dll -> [2007/08/24 00:23:22 | 00,390,520 | ---- | M] (Symantec Corporation)
IDSxpx86.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\IDSxpx86.dll -> [2007/08/24 00:23:18 | 00,681,336 | ---- | M] (Symantec Corporation)
SymIDSI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\SymIDSI.dll -> [2007/08/24 00:23:10 | 00,173,432 | ---- | M] (Symantec Corporation)
LUTPReg.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\LUpdate\LUMfests\LUTPReg.dll -> [2007/08/23 23:52:58 | 00,009,096 | ---- | M] (Symantec Corporation)
LUTPReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\LUpdate\LUMfests\LUTPReg.dll -> [2007/08/23 23:52:58 | 00,009,096 | ---- | M] (Symantec Corporation)
LUTPReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests\LUTPReg.dll -> [2007/08/23 23:52:58 | 00,009,096 | ---- | M] (Symantec Corporation)
LUShdsRg.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\LUpdate\LUMfests\LUShdsRg.dll -> [2007/08/23 23:52:56 | 00,009,096 | ---- | M] (Symantec Corporation)
LUShdsRg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\LUpdate\LUMfests\LUShdsRg.dll -> [2007/08/23 23:52:56 | 00,009,096 | ---- | M] (Symantec Corporation)
LUSh64Rg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests\LUSh64Rg.dll -> [2007/08/23 23:52:54 | 00,009,096 | ---- | M] (Symantec Corporation)
LUBBReg.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\LUpdate\LUMfests\LUBBReg.dll -> [2007/08/23 23:52:52 | 00,009,096 | ---- | M] (Symantec Corporation)
LUBBReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\LUpdate\LUMfests\LUBBReg.dll -> [2007/08/23 23:52:52 | 00,009,096 | ---- | M] (Symantec Corporation)
TProcPlg.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\TProcPlg.dll -> [2007/08/23 23:52:50 | 00,062,856 | ---- | M] (Symantec Corporation)
TProcPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\TProcPlg.dll -> [2007/08/23 23:52:50 | 00,062,856 | ---- | M] (Symantec Corporation)
TProcPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\TProcPlg.dll -> [2007/08/23 23:52:50 | 00,062,856 | ---- | M] (Symantec Corporation)
LUBB64Rg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\LUpdate\LUMfests\LUBB64Rg.dll -> [2007/08/23 23:52:50 | 00,009,608 | ---- | M] (Symantec Corporation)
ccTrstPc.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\ccTrstPc.dll -> [2007/08/23 23:52:48 | 00,337,288 | ---- | M] (Symantec Corporation)
ccTrstPc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\ccTrstPc.dll -> [2007/08/23 23:52:48 | 00,337,288 | ---- | M] (Symantec Corporation)
ccTrstPc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\ccTrstPc.dll -> [2007/08/23 23:52:48 | 00,337,288 | ---- | M] (Symantec Corporation)
UpdMgr.exe -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe -> [2007/08/23 23:52:46 | 00,661,896 | ---- | M] (Symantec Corporation)
UpdMgr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\UpdMgr.exe -> [2007/08/23 23:52:46 | 00,661,896 | ---- | M] (Symantec Corporation)
bbRGen.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\bbRGen.dll -> [2007/08/23 23:52:42 | 00,317,832 | ---- | M] (Symantec Corporation)
bbRGen.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\bbRGen.dll -> [2007/08/23 23:52:42 | 00,317,832 | ---- | M] (Symantec Corporation)
SPBBCCli.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\SPBBCCli.dll -> [2007/08/23 23:52:40 | 00,370,056 | ---- | M] (Symantec Corporation)
SPBBCCli.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCCli.dll -> [2007/08/23 23:52:40 | 00,370,056 | ---- | M] (Symantec Corporation)
SPBBCEvt.dll -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\SPBBCEvt.dll -> [2007/08/23 23:52:36 | 01,958,792 | ---- | M] (Symantec Corporation)
SPBBCEvt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\SPBBCEvt.dll -> [2007/08/23 23:52:36 | 01,958,792 | ---- | M] (Symantec Corporation)
TPDef.dat -> %UserProfile%\Local Settings\Temp\SPBBC32\SYMSHARE\SPBBC\TPDef.dat -> [2007/08/23 23:52:24 | 00,006,825 | ---- | M] ()
TPDef.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SPBBC\SPBBC32\SYMSHARE\SPBBC\TPDef.dat -> [2007/08/23 23:52:24 | 00,006,825 | ---- | M] ()
TPDef.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SPBBC\SPBBC64\SYMSHARE\SPBBC\TPDef.dat -> [2007/08/23 23:52:24 | 00,006,825 | ---- | M] ()
QBackup.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\QBackup.dll -> [2007/08/23 23:19:00 | 00,131,416 | ---- | M] (Symantec Corporation)
AVScan.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVScan.dll -> [2007/08/23 23:18:58 | 00,611,160 | ---- | M] (Symantec Corporation)
AVifc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVifc.dll -> [2007/08/23 23:18:58 | 00,359,768 | ---- | M] (Symantec Corporation)
DefInst.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\PreScan\DefInst.dll -> [2007/08/23 23:18:58 | 00,205,656 | ---- | M] (Symantec Corporation)
AVExclu.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVExclu.dll -> [2007/08/23 23:18:56 | 00,160,600 | ---- | M] (Symantec Corporation)
AVMail.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVMail.dll -> [2007/08/23 23:18:56 | 00,081,752 | ---- | M] (Symantec Corporation)
avCmpCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\avCmpCtl.dll -> [2007/08/23 23:18:54 | 00,065,368 | ---- | M] (Symantec Corporation)
AVLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\AVLUReg.dll -> [2007/08/23 23:18:54 | 00,008,536 | ---- | M] (Symantec Corporation)
avCFReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\avCFReg.dll -> [2007/08/23 23:18:54 | 00,008,536 | ---- | M] (Symantec Corporation)
AVModule.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVModule.dll -> [2007/08/23 23:18:52 | 00,365,912 | ---- | M] (Symantec Corporation)
AVDefMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\AVDefMgr.dll -> [2007/08/23 23:18:52 | 00,101,208 | ---- | M] (Symantec Corporation)
sku.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\sku.dat -> [2007/08/23 22:28:18 | 00,000,244 | ---- | M] ()
sku.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\sku.dat -> [2007/08/23 22:28:18 | 00,000,244 | ---- | M] ()
uiDataCl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\uiNPC\uiNPC64\NPC\uiDataCl.dll -> [2007/08/23 20:26:40 | 00,222,584 | ---- | M] (Symantec Corporation)
Gadget.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\uiNPC\uiNPC64\NPC\Gadget.dll -> [2007/08/23 20:26:38 | 00,108,408 | ---- | M] (Symantec Corporation)
DataPvdr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\uiNPC\uiNPC64\NPC\DataPvdr.dll -> [2007/08/23 20:26:38 | 00,073,592 | ---- | M] (Symantec Corporation)
WSCRMain.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WSCRMain.dll -> [2007/08/23 20:26:10 | 00,405,880 | ---- | M] (Symantec Corporation)
WmiMontr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WmiMontr.dll -> [2007/08/23 20:26:10 | 00,079,224 | ---- | M] (Symantec Corporation)
WSCRHlpr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WSCRHlpr.dll -> [2007/08/23 20:26:10 | 00,062,840 | ---- | M] (Symantec Corporation)
WSCR_Fix.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WSCR_Fix.dll -> [2007/08/23 20:26:08 | 00,061,816 | ---- | M] (Symantec Corporation)
WmiClnt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WmiClnt.dll -> [2007/08/23 20:26:08 | 00,050,040 | ---- | M] (Symantec Corporation)
WmiData.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\WmiData.dll -> [2007/08/23 20:26:08 | 00,030,072 | ---- | M] (Symantec Corporation)
uiStub2.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiStub2.exe -> [2007/08/23 20:26:06 | 00,081,272 | ---- | M] (Symantec Corporation)
uiLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\uiLUReg.dll -> [2007/08/23 20:26:06 | 00,010,104 | ---- | M] (Symantec Corporation)
uiHost.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiHost.dll -> [2007/08/23 20:26:04 | 00,152,440 | ---- | M] (Symantec Corporation)
uiLicPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiLicPlg.dll -> [2007/08/23 20:26:04 | 00,125,816 | ---- | M] (Symantec Corporation)
uiGadCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiGadCtl.dll -> [2007/08/23 20:26:04 | 00,042,360 | ---- | M] (Symantec Corporation)
UICntnr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\UICntnr.dll -> [2007/08/23 20:26:02 | 00,826,232 | ---- | M] (Symantec Corporation)
uiDataCl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiDataCl.dll -> [2007/08/23 20:26:02 | 00,178,040 | ---- | M] (Symantec Corporation)
uiAlert.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiAlert.dll -> [2007/08/23 20:26:00 | 00,366,456 | ---- | M] (Symantec Corporation)
uiBtPlg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\uiBtPlg.dll -> [2007/08/23 20:26:00 | 00,060,792 | ---- | M] (Symantec Corporation)
uiCFReg2.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\Manifest\uiCFReg2.dll -> [2007/08/23 20:26:00 | 00,009,592 | ---- | M] (Symantec Corporation)
suphtml.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\suphtml.dll -> [2007/08/23 20:25:58 | 01,237,368 | ---- | M] (Symantec Corporation)
PEPEvnt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\PEPEvnt.dll -> [2007/08/23 20:25:58 | 00,063,864 | ---- | M] (Symantec Corporation)
pcStatus.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\pcStatus.dll -> [2007/08/23 20:25:56 | 00,334,200 | ---- | M] (Symantec Corporation)
NSCPLUG2.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\NSCPLUG2.dll -> [2007/08/23 20:25:56 | 00,136,568 | ---- | M] (Symantec Corporation)
npcTray.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcTray.dll -> [2007/08/23 20:25:54 | 00,165,752 | ---- | M] (Symantec Corporation)
npcLUStb.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcLUStb.exe -> [2007/08/23 20:25:54 | 00,082,808 | ---- | M] (Symantec Corporation)
npcLUEng.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcLUEng.dll -> [2007/08/23 20:25:52 | 00,263,544 | ---- | M] (Symantec Corporation)
npcLuCbk.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcLuCbk.dll -> [2007/08/23 20:25:52 | 00,116,088 | ---- | M] (Symantec Corporation)
npcLULdr.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcLULdr.exe -> [2007/08/23 20:25:52 | 00,042,360 | ---- | M] (Symantec Corporation)
npcLU.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\npcLU.dll -> [2007/08/23 20:25:50 | 00,271,736 | ---- | M] (Symantec Corporation)
NPCEXT.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\NPCEXT.dll -> [2007/08/23 20:25:48 | 00,343,928 | ---- | M] (Symantec Corporation)
isUAC.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\isUAC.exe -> [2007/08/23 20:25:48 | 00,036,728 | ---- | M] (Symantec Corporation)
isStatus.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\isStatus.dll -> [2007/08/23 20:25:46 | 00,262,520 | ---- | M] (Symantec Corporation)
hsui.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\hsui.dll -> [2007/08/23 20:25:44 | 00,228,728 | ---- | M] (Symantec Corporation)
Gadget.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\Gadget.dll -> [2007/08/23 20:25:44 | 00,083,320 | ---- | M] (Symantec Corporation)
DataPvdr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\DataPvdr.dll -> [2007/08/23 20:25:44 | 00,053,112 | ---- | M] (Symantec Corporation)
HSLoader.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\HSLoader.exe -> [2007/08/23 20:25:44 | 00,035,192 | ---- | M] (Symantec Corporation)
SymNeti.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymNet\SymNet\SymNeti.dll -> [2007/08/23 18:57:56 | 00,577,928 | ---- | M] (Symantec Corporation)
SymNeti.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SymNet\SND_x64\SymNeti.dll -> [2007/08/23 18:57:56 | 00,577,928 | ---- | M] (Symantec Corporation)
SNDSvc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymNet\SymNet\SNDSvc.dll -> [2007/08/23 18:57:56 | 00,226,184 | ---- | M] (Symantec Corporation)
SNDSvc.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SymNet\SND_x64\SNDSvc.dll -> [2007/08/23 18:57:56 | 00,226,184 | ---- | M] (Symantec Corporation)
SymRedir.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymNet\SymNet\SymRedir.dll -> [2007/08/23 18:57:56 | 00,207,240 | ---- | M] (Symantec Corporation)
SymRedir.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SymNet\SND_x64\SymRedir.dll -> [2007/08/23 18:57:56 | 00,207,240 | ---- | M] (Symantec Corporation)
SNDunin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymNet\SymNet\SNDunin.dll -> [2007/08/23 18:57:56 | 00,115,080 | ---- | M] (Symantec Corporation)
SNDunin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SymNet\SND_x64\SNDunin.dll -> [2007/08/23 18:57:56 | 00,115,080 | ---- | M] (Symantec Corporation)
nnmgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\nnmgr.dll -> [2007/08/23 18:01:12 | 01,441,624 | ---- | M] (Symantec Corporation)
netmap.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\netmap.dll -> [2007/08/23 18:01:10 | 00,953,688 | ---- | M] (Symantec Corporation)
hnlureg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\hnlureg.dll -> [2007/08/23 18:01:08 | 00,008,536 | ---- | M] (Symantec Corporation)
HNCFReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\MANIFEST\HNCFReg.dll -> [2007/08/23 18:01:08 | 00,008,536 | ---- | M] (Symantec Corporation)
hndisco.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\hndisco.dll -> [2007/08/23 18:01:06 | 00,140,632 | ---- | M] (Symantec Corporation)
hncore.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\hncore.dll -> [2007/08/23 18:01:04 | 00,636,248 | ---- | M] (Symantec Corporation)
HNCmpCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\HNCmpCtl.dll -> [2007/08/23 18:01:04 | 00,073,560 | ---- | M] (Symantec Corporation)
LUinsDll.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUinsDll.dll -> [2007/08/23 15:35:44 | 00,010,104 | ---- | M] (Symantec Corporation)
LUCheck.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUCheck.exe -> [2007/08/23 15:35:42 | 00,181,624 | ---- | M] (Symantec Corporation)
LSETUP.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LSETUP.EXE -> [2007/08/23 15:35:42 | 00,181,624 | ---- | M] (Symantec Corporation)
S32LUIS1.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\S32LUIS1.DLL -> [2007/08/23 15:35:38 | 00,157,048 | ---- | M] (Symantec Corporation)
S32LUWI1.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\S32LUWI1.DLL -> [2007/08/23 15:35:38 | 00,152,952 | ---- | M] (Symantec Corporation)
S32LIVE1.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\S32LIVE1.DLL -> [2007/08/23 15:35:36 | 00,456,056 | ---- | M] (Symantec Corporation)
PRCRGCOM.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\PRCRGCOM.DLL -> [2007/08/23 15:35:34 | 00,382,328 | ---- | M] (Symantec Corporation)
PRCCOMPS.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\PRCCOMPS.DLL -> [2007/08/23 15:35:34 | 00,066,936 | ---- | M] (Symantec Corporation)
NETDTCRL.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\NETDTCRL.DLL -> [2007/08/23 15:35:32 | 00,251,256 | ---- | M] (Symantec Corporation)
ALUSDSVC.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\ALUSDSVC.EXE -> [2007/08/23 15:35:30 | 00,243,064 | ---- | M] (Symantec Corporation)
LuPreCon.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LuPreCon.DLL -> [2007/08/23 15:35:28 | 00,173,432 | ---- | M] (Symantec Corporation)
LUCOMPS.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUCOMPS.DLL -> [2007/08/23 15:35:24 | 00,083,320 | ---- | M] (Symantec Corporation)
LUCBPRXY.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUCBPRXY.EXE -> [2007/08/23 15:35:24 | 00,062,840 | ---- | M] (Symantec Corporation)
LUCOMSVR.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUCOMSVR.EXE -> [2007/08/23 15:35:22 | 03,192,184 | ---- | M] (Symantec Corporation)
LuccMUI.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LuccMUI.dll -> [2007/08/23 15:35:22 | 00,075,128 | ---- | M] (Symantec Corporation)
NotifyHA.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\NotifyHA.exe -> [2007/08/23 15:35:22 | 00,016,760 | ---- | M] (Symantec Corporation)
LuConfig.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LuConfig.EXE -> [2007/08/23 15:35:20 | 00,804,216 | ---- | M] (Symantec Corporation)
LUALL.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\LUALL.EXE -> [2007/08/23 15:35:18 | 00,869,752 | ---- | M] (Symantec Corporation)
AUPDATE.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\AUPDATE.EXE -> [2007/08/23 15:35:14 | 00,308,600 | ---- | M] (Symantec Corporation)
ALUNOTIF.EXE -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\ALUNOTIF.EXE -> [2007/08/23 15:35:12 | 00,152,952 | ---- | M] (Symantec Corporation)
UNRAR.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\UNRAR.DLL -> [2007/08/23 15:19:56 | 00,169,304 | ---- | M] ()
IdsInst.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\IDS\IdsInst.exe -> [2007/08/22 21:28:42 | 02,344,312 | ---- | M] (Symantec Corporation)
AppTrc32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppTrc32.dll -> [2007/08/22 20:55:12 | 00,026,968 | ---- | M] (Symantec Corporation)
AppLU.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppLU.dll -> [2007/08/22 20:55:12 | 00,009,048 | ---- | M] (Symantec Corporation)
AppSch32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppSch32.dll -> [2007/08/22 20:55:10 | 00,057,176 | ---- | M] (Symantec Corporation)
AppReg32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppReg32.dll -> [2007/08/22 20:55:10 | 00,055,128 | ---- | M] (Symantec Corporation)
AppSet32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppSet32.dll -> [2007/08/22 20:55:10 | 00,053,080 | ---- | M] (Symantec Corporation)
AppMgr32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppMgr32.dll -> [2007/08/22 20:55:08 | 00,222,552 | ---- | M] (Symantec Corporation)
AppPlg32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\AppCore\AppCore\AppPlg32.dll -> [2007/08/22 20:55:08 | 00,065,880 | ---- | M] (Symantec Corporation)
FWHelper.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWHelper.dll -> [2007/08/22 16:45:06 | 00,197,976 | ---- | M] (Symantec Corporation)
FWRulMtn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWRulMtn.dll -> [2007/08/22 16:45:06 | 00,065,880 | ---- | M] (Symantec Corporation)
FWCmpCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWCmpCtl.dll -> [2007/08/22 16:45:04 | 00,103,256 | ---- | M] (Symantec Corporation)
FWLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWLUReg.dll -> [2007/08/22 16:45:04 | 00,009,048 | ---- | M] (Symantec Corporation)
FWSetup.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWSetup.dll -> [2007/08/22 16:45:02 | 00,103,768 | ---- | M] (Symantec Corporation)
ICFMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ICFMgr.dll -> [2007/08/22 16:45:02 | 00,045,912 | ---- | M] (Symantec Corporation)
FWCFReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWCFReg.dll -> [2007/08/22 16:45:02 | 00,008,536 | ---- | M] (Symantec Corporation)
FWAgent.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWAgent.dll -> [2007/08/22 16:45:00 | 00,160,600 | ---- | M] (Symantec Corporation)
FwRuleIO.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FwRuleIO.dll -> [2007/08/22 16:45:00 | 00,088,920 | ---- | M] (Symantec Corporation)
FwALEIO.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FwALEIO.dll -> [2007/08/22 16:45:00 | 00,068,952 | ---- | M] (Symantec Corporation)
FWCfg.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\FWCfg.exe -> [2007/08/22 16:44:58 | 00,031,576 | ---- | M] (Symantec Corporation)
v_found.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\v_found.dll -> [2007/08/22 08:23:06 | 00,015,248 | ---- | M] (Symantec Corporation)
V_AutoLU.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\V_AutoLU.dll -> [2007/08/22 08:23:06 | 00,015,248 | ---- | M] (Symantec Corporation)
unin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\unin.dll -> [2007/08/22 08:23:04 | 00,015,248 | ---- | M] (Symantec Corporation)
SYM_resp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYM_resp.dll -> [2007/08/22 08:23:04 | 00,015,248 | ---- | M] (Symantec Corporation)
SYM_mon.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYM_mon.dll -> [2007/08/22 08:23:02 | 00,015,248 | ---- | M] (Symantec Corporation)
SYM_IA.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYM_IA.dll -> [2007/08/22 08:23:02 | 00,015,248 | ---- | M] (Symantec Corporation)
SYM_FD.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYM_FD.dll -> [2007/08/22 08:23:02 | 00,015,248 | ---- | M] (Symantec Corporation)
SYMstart.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYMstart.dll -> [2007/08/22 08:23:00 | 00,015,248 | ---- | M] (Symantec Corporation)
SYM_cust.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SYM_cust.dll -> [2007/08/22 08:23:00 | 00,015,248 | ---- | M] (Symantec Corporation)
symhelp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\symhelp.dll -> [2007/08/22 08:22:58 | 00,015,248 | ---- | M] (Symantec Corporation)
SymHelp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\SymHelp.dll -> [2007/08/22 08:22:58 | 00,015,248 | ---- | M] (Symantec Corporation)
Supt_CPD.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\Supt_CPD.dll -> [2007/08/22 08:22:58 | 00,015,248 | ---- | M] (Symantec Corporation)
mrsmarti
2009-03-18, 00:49
protect.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\protect.dll -> [2007/08/22 08:22:58 | 00,015,248 | ---- | M] (Symantec Corporation)
options.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\options.dll -> [2007/08/22 08:22:56 | 00,015,248 | ---- | M] (Symantec Corporation)
NPCacct.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NPCacct.dll -> [2007/08/22 08:22:56 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_unin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_unin.dll -> [2007/08/22 08:22:54 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_task.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_task.dll -> [2007/08/22 08:22:54 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_opts.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_opts.dll -> [2007/08/22 08:22:52 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_mon.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_mon.dll -> [2007/08/22 08:22:52 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_feat.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_feat.dll -> [2007/08/22 08:22:52 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_dis.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_dis.dll -> [2007/08/22 08:22:50 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_007.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_007.dll -> [2007/08/22 08:22:50 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_003.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_003.dll -> [2007/08/22 08:22:48 | 00,015,248 | ---- | M] (Symantec Corporation)
NIS_002.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NIS_002.dll -> [2007/08/22 08:22:48 | 00,015,248 | ---- | M] (Symantec Corporation)
NCO_tool.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NCO_tool.dll -> [2007/08/22 08:22:48 | 00,015,248 | ---- | M] (Symantec Corporation)
NCO_stat.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NCO_stat.dll -> [2007/08/22 08:22:46 | 00,015,248 | ---- | M] (Symantec Corporation)
NCO_feat.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NCO_feat.dll -> [2007/08/22 08:22:46 | 00,015,248 | ---- | M] (Symantec Corporation)
NCO_data.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NCO_data.dll -> [2007/08/22 08:22:44 | 00,015,248 | ---- | M] (Symantec Corporation)
NCO_cs.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NCO_cs.dll -> [2007/08/22 08:22:44 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_pvnt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_pvnt.dll -> [2007/08/22 08:22:42 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_opts.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_opts.dll -> [2007/08/22 08:22:42 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_mon.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_mon.dll -> [2007/08/22 08:22:40 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_feat.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_feat.dll -> [2007/08/22 08:22:40 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_dis.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_dis.dll -> [2007/08/22 08:22:40 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_007.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_007.dll -> [2007/08/22 08:22:38 | 00,015,248 | ---- | M] (Symantec Corporation)
NAV_001.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\NAV_001.dll -> [2007/08/22 08:22:38 | 00,015,248 | ---- | M] (Symantec Corporation)
Msg_Cntr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\Msg_Cntr.dll -> [2007/08/22 08:22:36 | 00,015,248 | ---- | M] (Symantec Corporation)
LU_sub.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\LU_sub.dll -> [2007/08/22 08:22:36 | 00,015,248 | ---- | M] (Symantec Corporation)
LU_PC.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\LU_PC.dll -> [2007/08/22 08:22:36 | 00,015,248 | ---- | M] (Symantec Corporation)
LU_002.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\LU_002.dll -> [2007/08/22 08:22:32 | 00,015,248 | ---- | M] (Symantec Corporation)
LU_001.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\LU_001.dll -> [2007/08/22 08:22:32 | 00,015,248 | ---- | M] (Symantec Corporation)
IDS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\IDS.dll -> [2007/08/22 08:22:30 | 00,015,248 | ---- | M] (Symantec Corporation)
home_net.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\home_net.dll -> [2007/08/22 08:22:30 | 00,015,248 | ---- | M] (Symantec Corporation)
Hlp_supt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\Hlp_supt.dll -> [2007/08/22 08:22:30 | 00,015,248 | ---- | M] (Symantec Corporation)
GUZ_004.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\GUZ_004.dll -> [2007/08/22 08:22:28 | 00,015,248 | ---- | M] (Symantec Corporation)
firewall.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\firewall.dll -> [2007/08/22 08:22:28 | 00,015,248 | ---- | M] (Symantec Corporation)
feat_sum.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\feat_sum.dll -> [2007/08/22 08:22:26 | 00,015,248 | ---- | M] (Symantec Corporation)
FAQ.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\FAQ.dll -> [2007/08/22 08:22:26 | 00,015,248 | ---- | M] (Symantec Corporation)
disable.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\disable.dll -> [2007/08/22 08:22:22 | 00,015,248 | ---- | M] (Symantec Corporation)
CCLGVIEW.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\0901\CCLGVIEW.dll -> [2007/08/22 08:22:20 | 00,015,248 | ---- | M] (Symantec Corporation)
VAScanPS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\VAScanPS.dll -> [2007/08/22 02:22:14 | 00,016,216 | ---- | M] (Symantec Corporation)
VAMnPS64.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\VAMnPS64.dll -> [2007/08/22 02:22:14 | 00,016,216 | ---- | M] (Symantec Corporation)
VAEngn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\VAEngn.dll -> [2007/08/22 02:22:12 | 00,331,608 | ---- | M] (Symantec Corporation)
VAMngr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\VAMngr.dll -> [2007/08/22 02:22:12 | 00,088,920 | ---- | M] (Symantec Corporation)
VAEnPS64.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\VAEnPS64.dll -> [2007/08/22 02:22:12 | 00,029,016 | ---- | M] (Symantec Corporation)
SAM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\SAM.dll -> [2007/08/22 02:22:10 | 00,022,872 | ---- | M] (Symantec Corporation)
comHost.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN64\comHost.exe -> [2007/08/22 02:22:08 | 00,267,096 | ---- | M] (Symantec Corporation)
VALUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\VALUReg.dll -> [2007/08/22 02:21:40 | 00,008,024 | ---- | M] (Symantec Corporation)
VACmpCtl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VACmpCtl.dll -> [2007/08/22 02:21:38 | 00,031,576 | ---- | M] (Symantec Corporation)
VACFReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\CF\CFMan\VACFReg.dll -> [2007/08/22 02:21:38 | 00,008,536 | ---- | M] (Symantec Corporation)
VAScanPS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VAScanPS.dll -> [2007/08/22 02:21:36 | 00,015,704 | ---- | M] (Symantec Corporation)
VAMngrPS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VAMngrPS.dll -> [2007/08/22 02:21:36 | 00,015,704 | ---- | M] (Symantec Corporation)
VAEngn.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VAEngn.dll -> [2007/08/22 02:21:34 | 00,221,016 | ---- | M] (Symantec Corporation)
VAMngr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VAMngr.dll -> [2007/08/22 02:21:34 | 00,044,376 | ---- | M] (Symantec Corporation)
VAEngnPS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VAEngnPS.dll -> [2007/08/22 02:21:34 | 00,023,896 | ---- | M] (Symantec Corporation)
VACtrl.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\VACtrl.dll -> [2007/08/22 02:21:32 | 00,152,920 | ---- | M] (Symantec Corporation)
SAM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\SAM.dll -> [2007/08/22 02:21:32 | 00,018,776 | ---- | M] (Symantec Corporation)
comHost.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\comHost.exe -> [2007/08/22 02:21:30 | 00,055,640 | ---- | M] (Symantec Corporation)
ScrptEng.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\ScrptEng.dat -> [2007/08/22 01:41:02 | 00,005,753 | ---- | M] ()
SymLTLRM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SymLTLRM.dll -> [2007/08/21 02:04:04 | 00,008,584 | ---- | M] (Symantec Corporation)
unicows.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\CCPD-LC\unicows.dll -> [2007/08/21 02:00:10 | 00,245,408 | ---- | M] (Microsoft Corporation)
symlctnk.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\symlctnk.dll -> [2007/08/21 01:52:34 | 00,462,192 | ---- | M] ()
PIFSvc.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\PIFSvc.exe -> [2007/08/21 00:13:30 | 00,509,320 | ---- | M] (Symantec Corporation)
AlertUi.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\AlertUi.dll -> [2007/08/21 00:13:28 | 00,247,176 | ---- | M] (Symantec Corporation)
PollMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\PollMgr.dll -> [2007/08/21 00:13:26 | 00,542,088 | ---- | M] (Symantec Corporation)
PifPep07.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\PifPep07.dll -> [2007/08/21 00:13:26 | 00,185,736 | ---- | M] (Symantec Corporation)
PifEng.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\PifEng.dll -> [2007/08/21 00:13:24 | 00,304,520 | ---- | M] (Symantec Corporation)
mhUpgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\mhUpgr.dll -> [2007/08/21 00:13:22 | 00,144,776 | ---- | M] (Symantec Corporation)
mhSched.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\mhSched.dll -> [2007/08/21 00:13:20 | 00,152,968 | ---- | M] (Symantec Corporation)
dcProd.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\dcProd.dll -> [2007/08/21 00:13:18 | 00,091,528 | ---- | M] (Symantec Corporation)
dcmhSvar.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\dcmhSvar.dll -> [2007/08/21 00:13:16 | 00,169,352 | ---- | M] (Symantec Corporation)
dcGlobal.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\dcGlobal.dll -> [2007/08/21 00:13:16 | 00,107,912 | ---- | M] (Symantec Corporation)
AlertEng.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\AlertEng.dll -> [2007/08/21 00:13:12 | 00,185,736 | ---- | M] (Symantec Corporation)
PifPep06.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\PifPep06.dll -> [2007/08/21 00:13:10 | 00,226,696 | ---- | M] (Symantec Corporation)
CFLUReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\CFLUReg.dll -> [2007/08/20 22:20:04 | 00,008,536 | ---- | M] (Symantec Corporation)
PEP2S.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\PEP2S.dll -> [2007/08/20 22:20:00 | 00,759,128 | ---- | M] (Symantec Corporation)
PEP2.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\PEP2.dll -> [2007/08/20 22:19:58 | 00,673,624 | ---- | M] (Symantec Corporation)
cfV2Pack.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\cfV2Pack.dll -> [2007/08/20 22:19:58 | 00,052,568 | ---- | M] (Symantec Corporation)
cfReg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\CFMan\cfReg.dll -> [2007/08/20 22:19:58 | 00,010,072 | ---- | M] (Symantec Corporation)
cfLUCbk.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\cfLUCbk.dll -> [2007/08/20 22:19:56 | 00,419,160 | ---- | M] (Symantec Corporation)
cfEPack.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\CF\cfCore\cfEPack.dll -> [2007/08/20 22:19:56 | 00,024,920 | ---- | M] (Symantec Corporation)
PackMgr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\PackMgr.dll -> [2007/08/20 11:53:10 | 00,387,448 | ---- | M] (Symantec Corporation)
nppwff.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\nppwff.dll -> [2007/08/20 11:52:58 | 00,398,712 | ---- | M] (Symantec Corporation)
nppw.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\nppw.dll -> [2007/08/20 11:52:56 | 00,502,648 | ---- | M] (Symantec Corporation)
VIRSCAN7.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN7.DAT -> [2007/08/20 03:00:00 | 11,630,298 | ---- | M] ()
VIRSCAN7.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN7.DAT -> [2007/08/20 03:00:00 | 11,630,298 | ---- | M] ()
VIRSCAN9.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN9.DAT -> [2007/08/20 03:00:00 | 04,870,649 | ---- | M] ()
VIRSCAN9.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN9.DAT -> [2007/08/20 03:00:00 | 04,870,649 | ---- | M] ()
VIRSCAN5.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN5.DAT -> [2007/08/20 03:00:00 | 04,370,126 | ---- | M] ()
VIRSCAN5.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN5.DAT -> [2007/08/20 03:00:00 | 04,370,126 | ---- | M] ()
CCERASER.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\CCERASER.DLL -> [2007/08/20 03:00:00 | 02,454,576 | ---- | M] (Symantec Corporation)
CCERASER.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\CCERASER.DLL -> [2007/08/20 03:00:00 | 02,454,576 | ---- | M] (Symantec Corporation)
VIRSCAN8.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN8.DAT -> [2007/08/20 03:00:00 | 01,794,328 | ---- | M] ()
VIRSCAN8.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN8.DAT -> [2007/08/20 03:00:00 | 01,794,328 | ---- | M] ()
TCSCAN7.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TCSCAN7.DAT -> [2007/08/20 03:00:00 | 01,758,211 | ---- | M] ()
TCSCAN7.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TCSCAN7.DAT -> [2007/08/20 03:00:00 | 01,758,211 | ---- | M] ()
VIRSCAN1.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN1.DAT -> [2007/08/20 03:00:00 | 00,992,613 | ---- | M] ()
VIRSCAN1.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN1.DAT -> [2007/08/20 03:00:00 | 00,992,613 | ---- | M] ()
NAVEX32A.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\NAVEX32A.DLL -> [2007/08/20 03:00:00 | 00,914,800 | ---- | M] (Symantec Corporation)
NAVEX32A.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\NAVEX32A.DLL -> [2007/08/20 03:00:00 | 00,914,800 | ---- | M] (Symantec Corporation)
TCSCAN9.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TCSCAN9.DAT -> [2007/08/20 03:00:00 | 00,896,294 | ---- | M] ()
TCSCAN9.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TCSCAN9.DAT -> [2007/08/20 03:00:00 | 00,896,294 | ---- | M] ()
VIRSCAN2.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN2.DAT -> [2007/08/20 03:00:00 | 00,570,702 | ---- | M] ()
VIRSCAN2.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN2.DAT -> [2007/08/20 03:00:00 | 00,570,702 | ---- | M] ()
TCDEFS.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TCDEFS.DAT -> [2007/08/20 03:00:00 | 00,396,592 | ---- | M] ()
TCDEFS.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TCDEFS.DAT -> [2007/08/20 03:00:00 | 00,396,592 | ---- | M] ()
VIRSCAN6.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN6.DAT -> [2007/08/20 03:00:00 | 00,391,730 | ---- | M] ()
VIRSCAN6.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN6.DAT -> [2007/08/20 03:00:00 | 00,391,730 | ---- | M] ()
TCSCAN8.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TCSCAN8.DAT -> [2007/08/20 03:00:00 | 00,376,293 | ---- | M] ()
TCSCAN8.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TCSCAN8.DAT -> [2007/08/20 03:00:00 | 00,376,293 | ---- | M] ()
VIRSCAN4.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN4.DAT -> [2007/08/20 03:00:00 | 00,320,253 | ---- | M] ()
VIRSCAN4.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN4.DAT -> [2007/08/20 03:00:00 | 00,320,253 | ---- | M] ()
ECMSVR32.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\ECMSVR32.DLL -> [2007/08/20 03:00:00 | 00,284,016 | ---- | M] (Symantec Corporation)
ECMSVR32.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\ECMSVR32.DLL -> [2007/08/20 03:00:00 | 00,284,016 | ---- | M] (Symantec Corporation)
VIRSCAN3.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCAN3.DAT -> [2007/08/20 03:00:00 | 00,149,996 | ---- | M] ()
VIRSCAN3.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCAN3.DAT -> [2007/08/20 03:00:00 | 00,149,996 | ---- | M] ()
NAVENG32.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\NAVENG32.DLL -> [2007/08/20 03:00:00 | 00,124,272 | ---- | M] (Symantec Corporation)
NAVENG32.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\NAVENG32.DLL -> [2007/08/20 03:00:00 | 00,124,272 | ---- | M] (Symantec Corporation)
SCRAUTH.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\SCRAUTH.DAT -> [2007/08/20 03:00:00 | 00,097,744 | ---- | M] ()
SCRAUTH.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\SCRAUTH.DAT -> [2007/08/20 03:00:00 | 00,097,744 | ---- | M] ()
TSCAN1.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TSCAN1.DAT -> [2007/08/20 03:00:00 | 00,067,619 | ---- | M] ()
TSCAN1.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TSCAN1.DAT -> [2007/08/20 03:00:00 | 00,067,619 | ---- | M] ()
CATALOG.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\CATALOG.DAT -> [2007/08/20 03:00:00 | 00,003,432 | ---- | M] ()
CATALOG.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\CATALOG.DAT -> [2007/08/20 03:00:00 | 00,003,432 | ---- | M] ()
TSCAN1HD.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TSCAN1HD.DAT -> [2007/08/20 03:00:00 | 00,003,240 | ---- | M] ()
TSCAN1HD.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TSCAN1HD.DAT -> [2007/08/20 03:00:00 | 00,003,240 | ---- | M] ()
TINFL.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TINFL.DAT -> [2007/08/20 03:00:00 | 00,001,957 | ---- | M] ()
TINFL.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TINFL.DAT -> [2007/08/20 03:00:00 | 00,001,957 | ---- | M] ()
TINF.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TINF.DAT -> [2007/08/20 03:00:00 | 00,000,453 | ---- | M] ()
TINF.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TINF.DAT -> [2007/08/20 03:00:00 | 00,000,453 | ---- | M] ()
ZDONE.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\ZDONE.DAT -> [2007/08/20 03:00:00 | 00,000,224 | ---- | M] ()
ZDONE.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\ZDONE.DAT -> [2007/08/20 03:00:00 | 00,000,224 | ---- | M] ()
TINFIDX.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\TINFIDX.DAT -> [2007/08/20 03:00:00 | 00,000,148 | ---- | M] ()
TINFIDX.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\TINFIDX.DAT -> [2007/08/20 03:00:00 | 00,000,148 | ---- | M] ()
VIRSCANT.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusDef\VIRSCANT.DAT -> [2007/08/20 03:00:00 | 00,000,032 | ---- | M] ()
VIRSCANT.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\VirusD64\VIRSCANT.DAT -> [2007/08/20 03:00:00 | 00,000,032 | ---- | M] ()
SymAbLRM.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SymAbLRM.dll -> [2007/08/17 17:48:52 | 00,008,592 | ---- | M] (Symantec Corporation)
SymCAbt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\SymCAbt.dll -> [2007/08/17 17:48:50 | 00,292,240 | ---- | M] (Symantec Corporation)
SymHTML.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\SymHTML.dll -> [2007/08/15 20:03:48 | 01,592,664 | ---- | M] (Symantec Corporation)
SymHTML.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\SymHTML.dll -> [2007/08/15 20:03:48 | 01,592,664 | ---- | M] (Symantec Corporation)
SymHTML.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\SYMHTML\SymHTML.dll -> [2007/08/15 20:03:48 | 01,210,200 | ---- | M] (Symantec Corporation)
shtmbase.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\SYMHTML\shtmbase.dll -> [2007/08/15 20:03:48 | 00,042,840 | ---- | M] (Symantec Corporation)
HTEC_LU.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\HTEC\HTEC_LU.dll -> [2007/08/14 18:51:10 | 00,009,592 | ---- | M] (Symantec Corporation)
HTECSub.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\HTEC\HTECSub.dll -> [2007/08/14 18:51:08 | 00,079,224 | ---- | M] (Symantec Corporation)
htec.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\HTEC\htec.dll -> [2007/08/14 18:51:06 | 00,210,296 | ---- | M] (Symantec Corporation)
navopts.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\navopts.dat -> [2007/08/14 17:03:17 | 00,005,004 | ---- | M] ()
Sevntx64.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SEVINST\Sevntx64.exe -> [2007/08/13 19:06:10 | 01,018,760 | ---- | M] (Symantec Corporation)
Sevinst.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SEVINST\Sevinst.exe -> [2007/08/13 19:06:08 | 00,824,712 | ---- | M] (Symantec Corporation)
WACert.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\WACert.dat -> [2007/08/11 16:46:06 | 00,042,516 | ---- | M] ()
Srtsp32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\Srtsp32.dll -> [2007/08/09 18:05:54 | 00,714,096 | ---- | M] (Symantec Corporation)
srtUnin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\srtUnin.dll -> [2007/08/09 18:05:54 | 00,116,080 | ---- | M] (Symantec Corporation)
SavRT32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Suport64\SRTSP\SRTSPx64\SYMSHARE\SRTSP\SavRT32.dll -> [2007/08/09 18:05:54 | 00,116,080 | ---- | M] (Symantec Corporation)
Srtsp32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\Srtsp32.dll -> [2007/08/09 18:05:53 | 00,714,096 | ---- | M] (Symantec Corporation)
srtUnin.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\srtUnin.dll -> [2007/08/09 18:05:53 | 00,116,080 | ---- | M] (Symantec Corporation)
SavRT32.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SRTSP\SRTSP\SYMSHARE\SRTSP\SavRT32.dll -> [2007/08/09 18:05:53 | 00,116,080 | ---- | M] (Symantec Corporation)
ssextern.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\APP\SUPPSOFT\ssextern.dll -> [2007/08/09 13:55:44 | 00,632,160 | ---- | M] (Symantec Corporation)
sdcnetck.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\APP\SUPPSOFT\sdcnetck.dll -> [2007/08/09 13:55:44 | 00,374,112 | ---- | M] (Symantec Corporation)
wificfg.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\APP\SUPPSOFT\wificfg.exe -> [2007/08/09 13:55:44 | 00,136,544 | ---- | M] (Symantec Corporation)
COH64.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH64\COH64.exe -> [2007/08/08 20:42:44 | 01,985,584 | ---- | M] (Symantec Corporation)
COH64LUR.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH64\COH64LUR.dll -> [2007/08/08 20:28:06 | 00,009,568 | ---- | M] (Symantec Corporation)
COH32LUR.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH32\COH32LUR.dll -> [2007/08/08 20:28:04 | 00,009,568 | ---- | M] (Symantec Corporation)
COHClean.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH64\COHClean.dll -> [2007/08/08 20:27:58 | 00,148,832 | ---- | M] (Symantec Corporation)
COHClean.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH32\COHClean.dll -> [2007/08/08 20:27:58 | 00,148,832 | ---- | M] (Symantec Corporation)
sh0000.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH64\sh0000.dll -> [2007/08/08 20:27:54 | 00,300,384 | ---- | M] (Symantec Corporation)
sh0000.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH32\sh0000.dll -> [2007/08/08 20:27:54 | 00,300,384 | ---- | M] (Symantec Corporation)
sesHlp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH64\sesHlp.dll -> [2007/08/08 20:27:54 | 00,140,640 | ---- | M] (Symantec Corporation)
sesHlp.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH32\sesHlp.dll -> [2007/08/08 20:27:54 | 00,140,640 | ---- | M] (Symantec Corporation)
COH32.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH32\COH32.exe -> [2007/08/08 20:27:50 | 01,234,272 | ---- | M] (Symantec Corporation)
AHS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH64\AHS.dll -> [2007/08/08 20:27:50 | 01,131,872 | ---- | M] (Symantec Corporation)
AHS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\COH32\AHS.dll -> [2007/08/08 20:27:50 | 01,131,872 | ---- | M] (Symantec Corporation)
IDS9xx86.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\IDS9xx86.dll -> [2007/08/08 00:25:56 | 00,157,120 | ---- | M] (Symantec Corporation)
CATALOG.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\CATALOG.DAT -> [2007/08/08 00:25:38 | 00,000,976 | ---- | M] ()
zdone.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\IDSDefs\zdone.dat -> [2007/08/08 00:25:38 | 00,000,224 | ---- | M] ()
PRCPS64.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\PRCPS64.DLL -> [2007/08/06 17:47:14 | 00,059,768 | ---- | M] (Symantec Corporation)
SymTheme.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\SymTheme.dll -> [2007/08/06 13:34:24 | 00,572,760 | ---- | M] (Symantec Corporation)
SymTheme.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\SYMTHM\SymTheme.dll -> [2007/08/06 13:34:24 | 00,372,568 | ---- | M] (Symantec Corporation)
sthmbase.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\SYMTHM\sthmbase.dll -> [2007/08/06 13:34:24 | 00,042,840 | ---- | M] (Symantec Corporation)
DefUtDCD.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\DefUtDCD.dll -> [2007/08/01 16:29:46 | 00,628,088 | ---- | M] (Symantec Corporation)
DefUtDCD.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\DefUtDCD.dll -> [2007/08/01 16:29:46 | 00,628,088 | ---- | M] (Symantec Corporation)
SAUpdt.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\SAUpdt.dll -> [2007/07/31 13:15:20 | 00,913,240 | ---- | M] (Symantec Corporation)
tgctlsi.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\tgctlsi.dll -> [2007/07/30 17:54:40 | 01,144,208 | ---- | M] (Symantec Corporation)
tgctlsr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\tgctlsr.dll -> [2007/07/30 17:54:40 | 00,578,960 | ---- | M] (Symantec Corporation)
tgctlcm.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\tgctlcm.dll -> [2007/07/30 17:54:40 | 00,279,952 | ---- | M] (Symantec Corporation)
tgctlss.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\tgctlss.dll -> [2007/07/30 17:54:40 | 00,206,224 | ---- | M] (Symantec Corporation)
SymAData.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SymAData.dll -> [2007/07/30 17:54:38 | 00,140,688 | ---- | M] (Symantec Corporation)
SymSupCC.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SymSupCC.dll -> [2007/07/30 17:54:38 | 00,075,152 | ---- | M] (Symantec Corporation)
ssctlln.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ssctlln.dll -> [2007/07/30 17:54:36 | 01,328,528 | ---- | M] (Symantec Corporation)
ssctlbr.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ssctlbr.dll -> [2007/07/30 17:54:36 | 00,107,920 | ---- | M] (Symantec Corporation)
ssctlwmi.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\ssctlwmi.dll -> [2007/07/30 17:54:36 | 00,091,536 | ---- | M] (Symantec Corporation)
sshelper.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\sshelper.exe -> [2007/07/30 17:54:34 | 00,071,056 | ---- | M] (Symantec Corporation)
SyKnAppS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\SyKnAppS.dll -> [2007/07/30 16:04:32 | 01,334,104 | ---- | M] (Symantec Corporation)
SyKnAppS.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\SyKnAppS.dll -> [2007/07/30 16:04:32 | 01,334,104 | ---- | M] (Symantec Corporation)
patch25.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\patch25.dll -> [2007/07/30 15:55:42 | 00,091,232 | ---- | M] (Symantec Corporation)
patch25.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\patch25.dll -> [2007/07/30 15:55:42 | 00,091,232 | ---- | M] (Symantec Corporation)
DefUDply.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\DefUDply.dll -> [2007/07/25 19:54:00 | 00,710,016 | ---- | M] (Symantec Corporation)
WADomain.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\WADomain.dat -> [2007/07/22 15:37:16 | 01,126,692 | ---- | M] ()
WADB.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\WADB.dat -> [2007/07/22 15:37:16 | 00,000,212 | ---- | M] ()
dec_abi.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\dec_abi.dll -> [2007/07/18 18:42:36 | 01,291,616 | ---- | M] (Symantec Corporation)
decluman.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\decluman.dll -> [2007/07/18 18:42:36 | 00,008,032 | ---- | M] (Symantec Corporation)
ecmldr32.DLL -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\ecmldr32.DLL -> [2007/07/11 14:22:38 | 00,042,864 | ---- | M] (Symantec Corporation)
rmt.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH64\rmt.dat -> [2007/06/21 14:28:48 | 00,003,232 | ---- | M] ()
rmt.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH32\rmt.dat -> [2007/06/21 14:28:48 | 00,003,232 | ---- | M] ()
SMNLnch.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SMNLnch.exe -> [2007/06/15 23:03:54 | 00,476,816 | ---- | M] (Symantec Corporation)
SMNLnch.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\SYMSHARE\SMNLnch.exe -> [2007/06/15 23:03:54 | 00,476,816 | ---- | M] (Symantec Corporation)
Patch25d.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\Patch25d.dll -> [2007/06/15 15:03:20 | 00,040,072 | ---- | M] (Symantec Corporation)
patch25d.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\patch25d.dll -> [2007/06/15 15:03:20 | 00,040,072 | ---- | M] (Symantec Corporation)
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\uiNPC\uiNPC\NPC\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\Reporter\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\PreScan\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\HelpMSI\External\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\ccCommon\ccCommon\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\VASCAN\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SPBBC\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\SecHist\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\PIF_96E2\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\OPC\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\App\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NCO\NCO\APP\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\NORTON\APP\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\SYMSHARE\SPBBC\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
fallback.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Lang\fallback.dat -> [2007/04/23 20:02:30 | 00,000,004 | ---- | M] ()
capicom.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\LUpdate\WLUEX\SYSTEM32\capicom.dll -> [2007/04/11 13:11:20 | 00,511,328 | ---- | M] (Microsoft Corporation)
wds.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH64\wds.dat -> [2007/03/02 18:38:10 | 00,002,448 | ---- | M] ()
wds.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\COH32\wds.dat -> [2007/03/02 18:38:10 | 00,002,448 | ---- | M] ()
redist64.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\VCRedist\redist64.exe -> [2007/02/12 21:10:44 | 03,161,088 | ---- | M] (Microsoft Corporation)
redist32.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\VCRedist\redist32.exe -> [2007/02/12 21:10:44 | 02,682,880 | ---- | M] (Microsoft Corporation)
defexcl.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\NAV\External\CommonFi\defexcl.dat -> [2006/08/11 17:30:34 | 00,000,317 | ---- | M] ()
DICTNRY.DAT -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\VAData\Dict\DICTNRY.DAT -> [2005/10/19 13:03:36 | 02,722,316 | ---- | M] ()
Symdlbrg.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Setup\Setup\SYMSHARE\Symdlbrg.dll -> [2005/09/30 18:06:52 | 00,045,712 | ---- | M] (Symantec Corporation)
SymAddIn.dat -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\SYMSHARE\SymAddIn.dat -> [2005/05/24 18:01:44 | 00,000,124 | ---- | M] ()
wiupdate.exe -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\MSI\wiupdate.exe -> [2005/05/19 15:50:36 | 02,584,848 | ---- | M] (Microsoft Corporation)
msvcp71.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\msvcp71.dll -> [2003/03/18 22:14:52 | 00,499,712 | ---- | M] (Microsoft Corporation)
msvcr71.dll -> %UserProfile%\Local Settings\Temp\NIS15.0.0.60\Support\SymMCEAI\SymMCEAI\msvcr71.dll -> [2003/02/21 06:42:22 | 00,348,160 | ---- | M] (Microsoft Corporation)
[Alternate Data Streams]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Gone Fishing.bmp:tggqjl
@Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable
@Alternate Data Stream - 197753 bytes -> %SystemRoot%\DELL.BMP:vpdkhc
@Alternate Data Stream - 197755 bytes -> %SystemRoot%\_DEFAULT.PIF:mezame
@Alternate Data Stream - 3567 bytes -> %SystemRoot%\_DEFAULT.PIF:ffsfog
@Alternate Data Stream - 3567 bytes -> %SystemRoot%\_DEFAULT.PIF:puvuaf
@Alternate Data Stream - 3567 bytes -> %SystemRoot%\FeatherTexture.bmp:lxgpgp
@Alternate Data Stream - 3567 bytes -> %SystemRoot%\VB.INI:fpmfon
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
IPC error: 2 The system cannot find the file specified.
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\FeatherTexture.bmp:lxgpgp 3567 bytes
C:\WINDOWS\DELL.BMP:vpdkhc 197753 bytes
C:\WINDOWS\VB.INI:fpmfon 3567 bytes
C:\WINDOWS\_DEFAULT.PIF:ffsfog 3567 bytes
C:\WINDOWS\_DEFAULT.PIF:mezame 197755 bytes
C:\WINDOWS\_DEFAULT.PIF:puvuaf 3567 bytes
C:\WINDOWS\Gone Fishing.bmp:tggqjl 0 bytes
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 7
< Document and Settings folder & sub folders >
scanning hidden files ...
IPC error: 2 The system cannot find the file specified.
C:\Documents and Settings\Aleda Tysver\Favorites\kare11.com Minneapolis and St. Paul, MN News, Weather and Sports.url:favicon 1406 bytes
C:\Documents and Settings\Aleda Tysver\Favorites\Microsoft Websites\craigslist.url:favicon 1150 bytes
C:\Documents and Settings\Aleda Tysver\Favorites\Vanguard - Mutual funds, IRAs, ETFs, 401(k) plans, and more.url:favicon 3638 bytes
C:\Documents and Settings\Aleda Tysver\Favorites\YouTube - U of MN Marching Band Halftime at Insight Bowl.url:favicon 1150 bytes
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\BF45099B.TMP 0 bytes
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\CB708204.TMP 0 bytes
C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844 100 bytes
scan completed successfully
hidden files: 54
< End of report >
[/code]
Phew!! The End- it was too long to post. I hope I did the correct thing.
Hi mrsmarti
Yes it was a long log, and a lot of Norton's temp files.
She has only 255.00 Mb Total Physical Memory,it is too little since she is using norton......
1 - Download and Run OTMoveIt3
Download OTMoveIt3 (http://oldtimer.geekstogo.com/OTMoveIt3.exe) by Old Timer and save it to your Desktop.
Double-click OTMoveIt3.exe.
Copy the lines in the codebox below.
:Commands
[EmptyTemp]
Return to OTMoveIt3, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar), and paste it in your next reply.
Close OTMoveIt3
2 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad
3 - Status Check
Please reply with
1. the OTMoveIt3 Log
2. a fresh HijackThis log
Thanks peku006
mrsmarti
2009-03-18, 22:58
Hi again. MIssion accomplished. I was not clear about whether to run a HJT log before or after the OTMoveIT3 program request for a reboot. SO, I ran it both ways, just to be safe. The MoveIT log seemed to be the same, except for the last 5 lines. I'm first posting the MoveIT log and the HJT log (done AFTER the reboot). In the next post I'm pasting the HJT log taken PRIOR to the requested reboot.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ALEDAT~1\LOCALS~1\Temp\~DF149A.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JET8126.tmp scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03182009_150018
Files moved on Reboot...
File C:\DOCUME~1\ALEDAT~1\LOCALS~1\Temp\~DF149A.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\JET8126.tmp moved successfully.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
HJT lot AFTER reboot
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:37:58 PM, on 3/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8712 bytes
mrsmarti
2009-03-18, 23:02
OOPS... I said the above log was the one PRIOR to the reboot. NO, that is wrong. It is the log AFTER the reboot. Sorry for the confusion. Below is the log PRIOR to reboot. Thanks for your patience.
Hijack this log prior to reboot.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:22:44 PM, on 3/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [OTMoveIt] C:\Documents and Settings\Aleda Tysver\Desktop\OTMoveIt3.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8750 bytes
mrsmarti
2009-03-18, 23:09
Okay, sorry for the confusion. Below is the log from Prior to the requested reboot. In my purple writing in the above post I stated that the log was from prior to reboot. That log up there really is taken from AFTER reboot. The one below is from prior reboot. Thanks for your patience.
Hijack this log prior to reboot.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:22:44 PM, on 3/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [OTMoveIt] C:\Documents and Settings\Aleda Tysver\Desktop\OTMoveIt3.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8750 bytes
mrsmarti
2009-03-18, 23:23
Hi,
The log in the previous post really is the one after the reboot. I stated in the purple type that it was from prior to reboot, but that is a typo.
Next, I tried to post the HJT log taken PRIOR to the reboot, but this web site will not let me post it. It just disappears after I click submit. So, I have that log if you need it, but let me know how to get the web site to accept that prior to reboot log. Thanks and sorry for the confusion. Thanks also for your kind patience.
mrsmarti
2009-03-19, 01:18
Hi- Now you must think I'm nuts or have lost my mind. It turns out that when I thought the logs weren't posting, they really were---- but onto page 2. I didn't realize that, as I only saw page one.
Now there are 3 HJT logs posted today:
The 1st = the log AFTER the requested reboot.
The 2nd = the log Prior to the requested reboot. (didn't think it posted).
The 3rd = a copy of the log Prior to reboot. (again, didn't realize it posted.)
If you have permission to remove posts, feel free to remove whatever isn't needed, along with this one. Thanks again for your patience! :oops:
Hi mrsmarti
Do not worry about a few extra posts, this goes well
I see left over McAfee software? Did you uninstall it?
1 - F-Secure Online Scan
Please go to F-Secure website (http://support.f-secure.com/ols3beta/start.html) to perform an online scan. Click on Start scanning at the bottom of the page.
You may be prompted to install an ActiveX before you are able to accept the License Agreement. If prompted, please install it. After installing, the Accept button will be available.
Click on Accept to accept the License Agreement.
Click on Custom Scan. Under Virus Scan Options, select the Scan whole system option.
Under Other Scan Options, select these options: Scan all files
Scan whole system for rootkits
Scan whole system for spyware
Scan inside archives
Use advanced heuristics Click Start.
It will start installing the scanner and virus definitions. Once the installation is done, it will start scanning automatically. This takes a while. Please be patient.
Click on I want decide item by item.
Under Actions, select None for all infections found.
Click Next.
Click on Show Report.
Please copy and paste this report in your next reply.
Click Finish.
2 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad
3 - Status Check
Please reply with
1. the F-Secure online scanner report
2. a fresh HijackThis log
How's the computer running now, still slow ?
Thanks peku006
mrsmarti
2009-03-19, 22:41
Hi peku006,
I need some clarifying. The link you asked me to click sent me to this page:
http://www.f-secure.com/en_EMEA/support/
There is no start scanning button to click. I think they changed their page.
Fiddling around I came to a page with these options to download:
Health Check
Easy Clean
Online Scanner
Please let me know which one I should go to.
About McAfee. A few years ago Aleda had that program. Her teenage son removed it prior to installing Norton. I do not see McAFee in the Add/Remove Program list, nor checking thru Windows Explorer and locating the Program file. Obviously, CCleaner isn't located the leftover parts, either. How do I get it off her computer?
Thanks, Marti :)
Hi Marti
F-Secure
bad link :banghead: this (http://support.f-secure.com/enu/home/ols.shtml) is it
McAfee:
Run the McAfee Consumer Removal Tool (MCPR.EXE)
Download the removal tool from HERE (http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe)
Click Save and save the file to any folder on your computer.
Navigate to the folder where the file is saved.
Make sure all McAfee windows are closed.
Double-click MCPR.EXE to run the removal tool.
Restart your computer after receiving the message CleanUp Successful.
Thanks peku006
mrsmarti
2009-03-22, 21:01
Hi Peku006, I ran the McAfee removal tool. Thanks.
Next, we are stuck.
I pressed scan system and the F-Secure program ran until around 145032 files and then up popped a message(summarized): internet explorer has run into a problem and must close. Everything you've done will be lost. When I click okay, all IE screens shut down.
Before I clicked okay, I noticed on the F-Secure screen that 3 viruses and 1 spyware were noted, so far.
I restarted and ran F-Secure again. Later I returned to Aleda's house and found the same message, a 2nd time, at around the same location.
Next, I had her buy 2 GB of RAM :) and my husband installed them yesterday. We ran F-Secure a 3rd time+ and with the same result. Only this time, the IE error box didn't wait for us to click okay, it had shut the website down.
So, now where do we go from here? - Marti
Hi Marti
Let´s try Eset.......
Please go to Eset website (http://www.eset.com/onlinescan/) to perform an online scan. Please use Internet Explorer as it uses ActiveX.
Check (tick) this box: YES, I accept the Terms of Use.
Click on the Start button next to it.
When prompted to run ActiveX. click Yes.
You will be asked to install an ActiveX. Click Install.
Once installed, the scanner will be initialized.
After the scanner is initialized, click Start.
Uncheck (untick) Remove found threats box.
Check (tick) Scan unwanted applications.
Click on Scan.
It will start scanning. Please be patient.
Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt. Please post this log in your next reply.
Thanks peku006
mrsmarti
2009-03-24, 00:16
Greetings peku006,
I gave Aleda the directions. the ESet log and a HJT log are below. She said after she clicked the START button, these 2 items were NOT offered:
7. Uncheck (untick) Remove found threats box.
8. Check (tick) Scan unwanted applications.
All she saw was a SCAN button.
Is it possible that the developers changed the web page or was this missed?
Thanks, Marti
Eset log:
# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3954 (20090323)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.066 (20070917)
# EOSSerial=9e7cd510c6b6434fa5ecc058053810b7
# end=finished
# remove_checked=false
# unwanted_checked=false
# utc_time=2009-03-23 02:59:23
# local_time=2009-03-23 09:59:23 (-0600, Central Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 3
# scanned=229572
# found=2
# scan_time=3839
C:\Program Files\AIM\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application E0D92AC5FDD264E4ED40D45C75934F1B
C:\Program Files\AIM\Sysfiles\WxBug.EXE »WISE »MiniBugTransporter.dll
HJT LOG 3/23
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:06:37 PM, on 3/23/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8327 bytes
Hi Marti
looks good.......
Is it possible that the developers changed the web page or was this missed?
it has changed
1 - Remove bad HijackThis entries
Run HijackThis
Click on the Scan button
Put a check beside all of the items listed below (if present):
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
O8 - Extra context menu item: &Search - http://km.bar.need2find.com/KM/menusearch.html?p=KM
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.
2 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad
3 - Status Check
Please reply with
a fresh HijackThis log
How's the computer running now? Any problems?
Thanks peku006
mrsmarti
2009-03-25, 01:12
Hi Peku006,
I had Aleda follow the directions.
The log is below.
Question:
She updated/downloaded spybot to the latest: 1.6. But prior to doing it she ran SB S&D 1.5. She said it took 75 minutes this time. Much faster than 6 hrs!!! Is there such a thing as "normal" length of time to run?
The question is: in the add/remove programs there are 2 listings:
SB S&D size is 53.83MB
SB S&D 1.4 size is 16.24 MB
Is one of this not needed? When I clicked on Remove the 1.4 program a box came up with a warning if I removed it all sorts of things that were depending on it would be undone. Do we leave both?
Other than the above, things seem to be much better. Thanks :)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:39:11 AM, on 3/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\I386\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8091 bytesLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:39:11 AM, on 3/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\I386\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://chaska.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124326377140
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 8091 bytes
Hi Marti
Is there such a thing as "normal" length of time to run?
No because, everything depends on how big the hard drive is and how much there is stuff
Do we leave both?
you can safely remove the SB S&D 1.4, because you've installed the newer version
Remove HijackThis entries
Run HijackThis
Click on the Scan button
Put a check beside all of the items listed below (if present):
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
Close all open windows and browsers/email, etc...
Click on the "Fix Checked" button
When completed, close the application.
After that.............
Congratulations, your log looks clean! :yahoo:
To remove all of the tools we used and the files and folders they created do the following:
Delete RSIT from your desktop, also delete this folder C:\rsit.
Start OTScanIt2
Click the CleanUp button
OTScanIt2 will delete any tools downloaded and files/folders created and then ask you to reboot so it can remove itself. Click Yes.
Double-click OTMoveIt3.exe.
Click the CleanUp! button.
Select Yes when the "Begin cleanup Process?" prompt appears.
If you are prompted to Reboot during the cleanup, select Yes.
The tool will delete itself once it finishes, if not delete it by yourself.
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:
Turn off System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Reboot.
Turn ON System Restore
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
This will remove all restore points except the new one you just created.
Here are some free programs I recommend that could help you improve your computer's security.
Spybot Search and Destroy 1.6
Download it from here (http://www.safer-networking.org/en/mirrors/index.html). Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here (http://www.bleepingcomputer.com/tutorials/tutorial43.html)
Install SpyWare Blaster 4.0
Download it from here (http://www.javacoolsoftware.com/spywareblaster.html)
Find here the tutorial on how to use Spyware Blaster here (http://www.bleepingcomputer.com/tutorials/tutorial49.html)
Install WinPatrol
Download it from here (http://www.winpatrol.com/download.html)
Here you can find information about how WinPatrol works here (http://www.winpatrol.com/features.html)
Install FireTrust SiteHound
You can find information and download it from here (http://www.firetrust.com/en/products/sitehound)
Install MVPS Hosts File from here (http://mvps.org/winhelp2002/hosts.htm)
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector (http://secunia.com/software_inspector/)
F-secure Health Check (http://www.f-secure.com/weblog/archives/00001356.html)
Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com
Please check out Tony Klein's article "How did I get infected in the first place?" (http://forums.spybot.info/showthread.php?t=279)
Read some information here (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) how to prevent Malware.
Happy safe surfing! :bigthumb:
mrsmarti
2009-03-26, 01:42
Hi peku006,
Aleda will run and check the HJT log. The rest I'll do when I next get to her place in a couple days.
We really appreciate all you patient help. You are wonderful! :bighug:
Aleda is even feeling a bit more daring on the computer.
Again, thanks a lot.
Or, mange tusen takk (I'm not sure of the spelling, as I only heard my folks say it many times).
-Marti :D:
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.