alberrt
2010-01-31, 16:06
My computer just had a lot of viruses removed and I now have installed Norton 360. My browser reroutes my searches to advertising sites, so something is still wrong. I try to run SPYBOT and toward the end of the scan it freezes my computer. I have seen several messages on similar issues and they seem to point to still haveing some malware on my machine. In fact long before it freezes, spybot will find a few items to fix. I stop the scan and tell it to fix the problems, and there is an indication of the problem is fixed. When I rerun I see the same problems, and then toward the end it freezes. I have downloaded and reinstalled 1.6.2 several times and it continues. I see most problems the first thing asked for is to run ssd and send the log, so I have done that.
DDS (Ver_09-12-01.01) - NTFSx86
Run by Allen Burton at 9:21:58.13 on Sun 01/31/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.215 [GMT -5:00]
AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\ALLENB~1\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - Adobe PDF Reader Link Helper
BHO: {41d68ed8-4cff-4115-88a6-6ebb8af19000} - __BHODemonDisabled
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.5.2.11\IPSBHO.DLL
BHO: TBSB00444: {826b4fea-a910-4ffd-a358-7bf0fa996ce5} - TBSB00444 Class
BHO: {833ad16f-0baf-023c-6d86-07a377cd0912} - No File
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: turbotax.com
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
DPF: {E39EB9E7-BF7C-45FE-903F-5AF938F56181}
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
TCP: {0D992A63-ECDE-4E99-872A-98DF7944D2A7} = 193.104.110.38,4.2.2.1
TCP: {4B336A66-CC08-4089-B1D7-E58507B56CEA} = 193.104.110.38,4.2.2.1,192.168.0.1
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.5.2.11\CoIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\516\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: hivorihuk - {152ee70a-eeef-4ab2-bb7d-d5b5882638df} - No File
STS: {7c5c14cb-b272-4b00-85a0-99c130b15497} - No File
LSA: Notification Packages = scecli jitodujo.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0305020.00b\SymEFA.sys [2010-1-28 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2010-1-28 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2010-1-28 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100128.002\IDSXpx86.sys [2010-1-30 329592]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.5.2.11\ccSvcHst.exe [2010-1-28 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-1-30 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100130.021\NAVENG.SYS [2010-1-31 84912]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100130.021\NAVEX15.SYS [2010-1-31 1323568]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 IO_Memory;IO_Memory;\??\c:\sysprep\drivers\ioport.sys --> c:\sysprep\drivers\ioport.sys [?]
S3 ndisdrv;ndisdrv;c:\windows\system32\ndisdrv.sys [2006-2-15 2304]
S3 SVRPEDRV;SVRPEDRV;\??\c:\sysprep\pedrv.sys --> c:\sysprep\PEDrv.sys [?]
=============== Created Last 30 ================
2010-01-30 18:45:28 0 d-----w- c:\program files\Citrix
2010-01-30 18:45:14 61224 ----a-w- c:\documents and settings\allen burton\GoToAssistDownloadHelper.exe
2010-01-29 03:12:40 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-01-29 03:12:39 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-29 03:11:48 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-01-29 03:11:42 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-01-29 03:11:42 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-01-29 03:11:42 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-01-29 03:11:42 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-01-29 03:11:42 0 d-----w- c:\program files\Symantec
2010-01-29 03:10:33 0 d-----w- c:\windows\system32\drivers\N360
2010-01-29 03:10:31 0 d-----w- c:\program files\Norton 360
2010-01-29 03:10:29 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-01-29 02:27:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2010-01-29 02:06:20 28409 ----a-w- c:\windows\system32\FHO71T0WYI.dat
2010-01-29 01:31:20 0 d-----w- c:\program files\NortonInstaller
2010-01-29 01:31:20 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-01-27 21:16:09 46640 ----a-w- c:\windows\system32\msln.exe
2010-01-22 22:32:55 0 d-----w- c:\program files\common files\Symantec Shared
2010-01-22 20:17:38 0 ----a-w- c:\windows\system32\IS15.exe
2010-01-19 02:25:44 100 ----a-w- c:\windows\system32\flags.ini
2010-01-18 11:29:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Toolbar4
2010-01-18 11:29:12 0 ----a-w- c:\windows\system32\helper32.dll
2010-01-18 11:27:44 0 d-sh--w- c:\docume~1\allenb~1\applic~1\SystemProc
2010-01-13 02:19:41 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
==================== Find3M ====================
2010-01-27 21:49:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
============= FINISH: 9:24:04.98 ===============
DDS (Ver_09-12-01.01) - NTFSx86
Run by Allen Burton at 9:21:58.13 on Sun 01/31/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.215 [GMT -5:00]
AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\ALLENB~1\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - Adobe PDF Reader Link Helper
BHO: {41d68ed8-4cff-4115-88a6-6ebb8af19000} - __BHODemonDisabled
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.5.2.11\IPSBHO.DLL
BHO: TBSB00444: {826b4fea-a910-4ffd-a358-7bf0fa996ce5} - TBSB00444 Class
BHO: {833ad16f-0baf-023c-6d86-07a377cd0912} - No File
TB: {0C8413C1-FAD1-446C-8584-BE50576F863E} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TPSMain] TPSMain.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: turbotax.com
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
DPF: {E39EB9E7-BF7C-45FE-903F-5AF938F56181}
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
TCP: {0D992A63-ECDE-4E99-872A-98DF7944D2A7} = 193.104.110.38,4.2.2.1
TCP: {4B336A66-CC08-4089-B1D7-E58507B56CEA} = 193.104.110.38,4.2.2.1,192.168.0.1
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.5.2.11\CoIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\516\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: hivorihuk - {152ee70a-eeef-4ab2-bb7d-d5b5882638df} - No File
STS: {7c5c14cb-b272-4b00-85a0-99c130b15497} - No File
LSA: Notification Packages = scecli jitodujo.dll
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0305020.00b\SymEFA.sys [2010-1-28 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2010-1-28 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2010-1-28 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100128.002\IDSXpx86.sys [2010-1-30 329592]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.5.2.11\ccSvcHst.exe [2010-1-28 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-1-30 102448]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100130.021\NAVENG.SYS [2010-1-31 84912]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20100130.021\NAVEX15.SYS [2010-1-31 1323568]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 IO_Memory;IO_Memory;\??\c:\sysprep\drivers\ioport.sys --> c:\sysprep\drivers\ioport.sys [?]
S3 ndisdrv;ndisdrv;c:\windows\system32\ndisdrv.sys [2006-2-15 2304]
S3 SVRPEDRV;SVRPEDRV;\??\c:\sysprep\pedrv.sys --> c:\sysprep\PEDrv.sys [?]
=============== Created Last 30 ================
2010-01-30 18:45:28 0 d-----w- c:\program files\Citrix
2010-01-30 18:45:14 61224 ----a-w- c:\documents and settings\allen burton\GoToAssistDownloadHelper.exe
2010-01-29 03:12:40 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-01-29 03:12:39 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-29 03:11:48 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-01-29 03:11:42 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-01-29 03:11:42 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-01-29 03:11:42 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-01-29 03:11:42 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-01-29 03:11:42 0 d-----w- c:\program files\Symantec
2010-01-29 03:10:33 0 d-----w- c:\windows\system32\drivers\N360
2010-01-29 03:10:31 0 d-----w- c:\program files\Norton 360
2010-01-29 03:10:29 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-01-29 02:27:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2010-01-29 02:06:20 28409 ----a-w- c:\windows\system32\FHO71T0WYI.dat
2010-01-29 01:31:20 0 d-----w- c:\program files\NortonInstaller
2010-01-29 01:31:20 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-01-27 21:16:09 46640 ----a-w- c:\windows\system32\msln.exe
2010-01-22 22:32:55 0 d-----w- c:\program files\common files\Symantec Shared
2010-01-22 20:17:38 0 ----a-w- c:\windows\system32\IS15.exe
2010-01-19 02:25:44 100 ----a-w- c:\windows\system32\flags.ini
2010-01-18 11:29:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Toolbar4
2010-01-18 11:29:12 0 ----a-w- c:\windows\system32\helper32.dll
2010-01-18 11:27:44 0 d-sh--w- c:\docume~1\allenb~1\applic~1\SystemProc
2010-01-13 02:19:41 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
==================== Find3M ====================
2010-01-27 21:49:59 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
============= FINISH: 9:24:04.98 ===============