Also, just recently, Virus Scan has been spontaneously closing down.
Any thoughts?
Logfile of HijackThis v1.99.1
Scan saved at 3:41:14 PM, on 10/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
D:\Malware\AVG Anti-Spyware 7.5\guard.exe
D:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\diskeeper\DkService.exe
D:\Program Files\Malware\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\1&1 EasyLogin\EasyLogin.exe
D:\Program Files\Sony Handheld\AlarmApp.exe
D:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
D:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
D:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\WINDOWS\system32\ntvdm.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Malware\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer custom designed for Marcel xxxxxxxxx(deleted by me)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - D:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe /nosplash
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Malware\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [D:\Program Files\1&1 EasyLogin\EasyLogin.exe] "1&1 EasyLogin" HIDE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [1&1 EasyLogin] "D:\Program Files\1&1 EasyLogin\EasyLogin.exe" HIDE
O4 - Global Startup: Alarm Manager.LNK = D:\Program Files\Sony Handheld\AlarmApp.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: vzTCPConfig - http://www2.verizon....vzTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfi...oad/tgctlcm.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1131392140405
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zone...canner37460.cab
O16 - DPF: {819EDD4C-7EB6-4D97-B831-D68B57E7D3ED} (Wyncs Control) - http://highschoolsports.net/Wyncs.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...ta/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab
O19 - User stylesheet: (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - D:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Malware\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVSync Manager (AvSynMgr) - Network Associates, Inc. - D:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Diskeeper - Diskeeper Corporation - D:\Program Files\diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Fuse Service - Intuit - C:\Program Files\Common Files\Intuit\Fuse\Service\Intuit Fuse Service.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDEngine - Raxco Software, Inc. - d:\Program Files\Raxco Perfect Disk Defrag Util\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - d:\Program Files\Raxco Perfect Disk Defrag Util\PDSched.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
The uninstall list is:
1&1 EasyLogin
2000 Professional Tax System For Windows
2001 ProSeries User's Guide
2002 ProSeries User's Guide
2003 ProSeries User's Guide
2004 ProSeries User's Guide
Ad-Aware SE Personal
Adobe Acrobat 7.0.9 Professional
Adobe Bridge 1.0
Adobe Common File Installer
Adobe GoLive CS2 English
Adobe Help Center 2.0
Adobe Photoshop Elements 4.0
Adobe Reader 8.1.0
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
Ahead InCD
AIM 6
AVG Anti-Spyware 7.5
Brother HL-5050
CLIE memory stick driver
Diet + Exercise Assistant Desktop
Diskeeper 2007 Professional
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DT NetDocs Print Only
EntlClnt
Google Earth
Google Toolbar for Internet Explorer
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Java 2 Runtime Environment, SE v1.4.2_01
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee VirusScan Professional Edition
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft ActiveX Control Pad
Microsoft Broadband Networking
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Premium
Microsoft Office Converter Pack
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox (2.0.0.7)
MS Export
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Norton PartitionMagic 8.0
NVIDIA Windows 2000/XP Display Drivers
Palm
PaperPort
PDF2Web v1.6
PerfectDisk
ProSeries 2001
ProSeries 2002
ProSeries 2003
ProSeries 2004
ProSeries 2005
ProSeries 2006
ProSeries User's Guide 2006
QuickBooks Basic Edition 2003
QuickBooks Pro 2000
QuickTime
RealPlayer
Savings Bond Wizard
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Spelling Dictionaries Support For Adobe Reader 8
SplashID
SplashPhoto
Spybot - Search & Destroy 1.4
SwiftView Viewer
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Viewpoint Media Player
ViewSonic Monitor Drivers
WexTech AnswerWorks
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB887797
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinZip
ZoneAlarm
I also just received this Error Signature when Virus Scan shut down:
szAppName : Mcshield.exe szAppVer : 6.0.0.100 szModName : kernel32.dll
szModVer : 5.1.2600.3119 offset : 00012a5b
Also, the error report referred me to appcompat.txt, which reads:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="Mcshield.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="Mcshield.exe" SIZE="237663" CHECKSUM="0x9B6E7F73" BIN_FILE_VERSION="6.0.0.100" BIN_PRODUCT_VERSION="6.0.0.0" PRODUCT_VERSION="6.0.0" FILE_DESCRIPTION="NT On-Access Scanner service." COMPANY_NAME="Network Associates, Inc." PRODUCT_NAME="McAfee On-Access Scanner" FILE_VERSION="6.0.0" ORIGINAL_FILENAME="McShield.exe" INTERNAL_NAME="McShield" LEGAL_COPYRIGHT="Copyright© 1995-2001 Networks Associates Technology, Inc. All Rights Reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="6.0.0.100" UPTO_BIN_PRODUCT_VERSION="6.0.0.0" LINK_DATE="08/05/2002 17:53:39" UPTO_LINK_DATE="08/05/2002 17:53:39" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="naiann.dll" SIZE="86117" CHECKSUM="0xB9553BBF" BIN_FILE_VERSION="6.0.0.100" BIN_PRODUCT_VERSION="6.0.0.0" PRODUCT_VERSION="6.0.0" FILE_DESCRIPTION="VirusScan announcer DLL" COMPANY_NAME="Network Associates, Inc." PRODUCT_NAME="McAfee On-Access Scanner" FILE_VERSION="6.0.0" ORIGINAL_FILENAME="naiann.dll" INTERNAL_NAME="naiann" LEGAL_COPYRIGHT="Copyright© 1995-2001 Networks Associates Technology, Inc. All Rights Reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="6.0.0.100" UPTO_BIN_PRODUCT_VERSION="6.0.0.0" LINK_DATE="08/05/2002 17:52:28" UPTO_LINK_DATE="08/05/2002 17:52:28" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="NaiEvent.dll" SIZE="45073" CHECKSUM="0x456EA171" BIN_FILE_VERSION="6.0.0.100" BIN_PRODUCT_VERSION="6.0.0.0" PRODUCT_VERSION="6.0.0" FILE_DESCRIPTION="McShield event logging resources" COMPANY_NAME="Network Associates, Inc." PRODUCT_NAME="McAfee On-Access Scanner" FILE_VERSION="6.0.0" ORIGINAL_FILENAME="NaiEvent.dll" INTERNAL_NAME="NaiEvent" LEGAL_COPYRIGHT="Copyright© 1995-2001 Networks Associates Technology, Inc. All Rights Reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="6.0.0.100" UPTO_BIN_PRODUCT_VERSION="6.0.0.0" LINK_DATE="08/05/2002 17:52:30" UPTO_LINK_DATE="08/05/2002 17:52:30" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="ScanServ.dll" SIZE="77929" CHECKSUM="0x81D10A4B" BIN_FILE_VERSION="6.0.0.100" BIN_PRODUCT_VERSION="6.0.0.0" PRODUCT_VERSION="6.0.0" FILE_DESCRIPTION="VirusScan NT support DLL" COMPANY_NAME="Network Associates, Inc." PRODUCT_NAME="McAfee On-Access Scanner" FILE_VERSION="6.0.0" ORIGINAL_FILENAME="ScanServ.dll" INTERNAL_NAME="ScanServ" LEGAL_COPYRIGHT="Copyright© 1995-2001 Networks Associates Technology, Inc. All Rights Reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="6.0.0.100" UPTO_BIN_PRODUCT_VERSION="6.0.0.0" LINK_DATE="08/05/2002 17:53:42" UPTO_LINK_DATE="08/05/2002 17:53:42" VER_LANGUAGE="English (United States) [0x409]" />
<MATCHING_FILE NAME="Res00\McShield.DLL" SIZE="12305" CHECKSUM="0x9A741AC6" BIN_FILE_VERSION="6.0.0.100" BIN_PRODUCT_VERSION="6.0.0.0" PRODUCT_VERSION="6.0.0" FILE_DESCRIPTION="English (09) resources for McShield" COMPANY_NAME="Network Associates, Inc." PRODUCT_NAME="McAfee On-Access Scanner" FILE_VERSION="6.0.0" ORIGINAL_FILENAME="McShield.dll" INTERNAL_NAME="McShield" LEGAL_COPYRIGHT="Copyright© 1995-2001 Networks Associates Technology, Inc. All Rights Reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="6.0.0.100" UPTO_BIN_PRODUCT_VERSION="6.0.0.0" LINK_DATE="08/05/2002 17:52:07" UPTO_LINK_DATE="08/05/2002 17:52:07" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="984576" CHECKSUM="0xF0B331F6" BIN_FILE_VERSION="5.1.2600.3119" BIN_PRODUCT_VERSION="5.1.2600.3119" PRODUCT_VERSION="5.1.2600.3119" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System" FILE_VERSION="5.1.2600.3119 (xpsp_sp2_gdr.070416-1301)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF9293" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.3119" UPTO_BIN_PRODUCT_VERSION="5.1.2600.3119" LINK_DATE="04/16/2007 15:52:53" UPTO_LINK_DATE="04/16/2007 15:52:53" VER_LANGUAGE="English (United States) [0x409]" />
</EXE>
</DATABASE>
manifest.txt was also created at the same time. It reads:
Server=watson.microsoft.com
UI LCID=1033
Flags=1672018
Brand=WINDOWS
TitleName=NT On-Access Scanner service.
DigPidRegPath=HKLM\Software\Microsoft\Windows NT\CurrentVersion\DigitalProductId
ErrorText=If you were in the middle of something, the information you were working on might be lost.
Stage1URL=
Stage1URL=/StageOne/Mcshield_exe/6_0_0_100/kernel32_dll/5_1_2600_3119/00012a5b.htm
Stage2URL=
Stage2URL=/dw/stagetwo.asp?szAppName=Mcshield.exe&szAppVer=6.0.0.100&szModName=kernel32.dll&szModVer=5.1.2600.3119&offset=00012a5b
DataFiles=C:\DOCUME~1\Marcel\LOCALS~1\Temp\WERfda5.dir00\Mcshield.exe.mdmp|C:\DOCUME~1\Marcel\LOCALS~1\Temp\WERfda5.dir00\appcompat.txt
Heap=C:\DOCUME~1\Marcel\LOCALS~1\Temp\WERfda5.dir00\Mcshield.exe.hdmp
ErrorSubPath=Mcshield.exe\6.0.0.100\kernel32.dll\5.1.2600.3119\00012a5b
DirectoryDelete=C:\DOCUME~1\Marcel\LOCALS~1\Temp\WERfda5.dir00
Edited by marcel, 16 October 2007 - 04:51 PM.