Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

backdoor.tidserv!inf removal


  • This topic is locked This topic is locked

#16
hammerman

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    smb.sys
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • 0

Advertisements


#17
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 19:41 on 25/07/2010 by Introfeel (Administrator - Elevation successful)

========== filefind ==========

Searching for "smb.sys"
C:\Windows.old.000\Windows\System32\drivers\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.001\Windows\System32\drivers\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.001\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old\Windows\System32\drivers\smb.sys --a--- 66560 bytes [22:18 27/11/2009] [04:45 11/04/2009] (Unable to calculate MD5)
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.20521_none_5df94bff13fca6fc\smb.sys --a--- 66048 bytes [01:18 04/04/2008] [01:18 04/04/2008] 46BAF398809A0F3B2D3300A1760E4B91
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6001.18000_none_5f6a9133f7f64138\smb.sys --a--- 66560 bytes [20:55 21/10/2008] [05:55 19/01/2008] 031E6BCD53C9B2B9ACE111EAFEC347B6
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys --a--- 66560 bytes [22:18 27/11/2009] [04:45 11/04/2009] (Unable to calculate MD5)
C:\Windows\System32\drivers\smb.sys --a--- 66560 bytes [11:38 09/05/2010] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6001.18000_none_5f6a9133f7f64138\smb.sys --a--- 66560 bytes [09:18 06/05/2010] [05:55 19/01/2008] 031E6BCD53C9B2B9ACE111EAFEC347B6
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys --a--- 66560 bytes [11:38 09/05/2010] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04

-=End Of File=-
  • 0

#18
hammerman

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

FCopy::
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys | C:\Windows\System32\drivers\smb.sys
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys | C:\smb.sys


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Please run another Norton scan and post the report.
  • 0

#19
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix 10-07-24.03 - Introfeel 07/26/2010 8:18.3.2 - x86
MicrosoftŽ Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.984 [GMT -5:00]
Running from: c:\users\Introfeel\Desktop\ComboFix.exe
Command switches used :: c:\users\Introfeel\Desktop\CFScript.txt
AV: Norton Security Suite *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Security Suite *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
--------------- FCopy ---------------

c:\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys --> c:\windows\System32\drivers\smb.sys
c:\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys --> C:\smb.sys
.
((((((((((((((((((((((((( Files Created from 2010-06-26 to 2010-07-26 )))))))))))))))))))))))))))))))
.

2010-07-26 13:28 . 2010-07-26 13:28 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-07-26 13:28 . 2010-07-26 13:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-26 13:28 . 2010-07-26 13:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-26 13:18 . 2009-04-11 04:45 66560 ----a-w- C:\smb.sys
2010-07-26 03:20 . 2010-06-18 14:24 223232 ----a-w- c:\windows\system32\hpmtp104.dll
2010-07-26 03:20 . 2010-06-18 14:25 326656 ----a-w- c:\windows\system32\hpmml104.dll
2010-07-26 03:20 . 2010-06-18 14:24 275968 ----a-w- c:\windows\system32\hpmja104.dll
2010-07-26 03:20 . 2010-06-18 14:35 179200 ----a-w- c:\windows\system32\hpcpn104.dll
2010-07-26 03:16 . 2010-07-26 03:16 -------- d-----w- C:\HP Universal Print Driver PostScript v5.1.0.1
2010-07-26 03:02 . 1998-10-29 21:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-07-25 23:32 . 2010-07-25 23:32 -------- d-----w- c:\program files\MSN Toolbar
2010-07-25 23:32 . 2010-07-25 23:32 -------- d-----w- c:\programdata\UAB
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\users\Introfeel\AppData\Local\PC_Drivers_Headquarters
2010-07-25 23:31 . 2010-07-25 23:32 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-07-23 16:35 . 2010-07-24 17:44 -------- d-----w- c:\program files\Spyware Doctor
2010-07-22 22:23 . 2010-07-22 22:23 -------- d-----w- c:\program files\iPod
2010-07-22 21:55 . 2010-07-24 23:12 -------- d-----w- c:\users\Introfeel\AppData\Roaming\vlc
2010-07-21 22:11 . 2010-07-21 22:11 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Creative
2010-07-12 05:52 . 2010-07-12 05:52 -------- d-----w- c:\program files\IDI Magic
2010-07-12 01:12 . 2010-07-12 01:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CrashDumps
2010-07-10 11:29 . 2010-07-10 11:34 -------- d-----w- c:\program files\Cherry Red Casino
2010-07-07 11:56 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2010-06-26 20:51 . 2010-07-14 20:40 -------- d-----w- c:\program files\Rushmore Casino

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-26 13:09 . 2010-05-14 22:45 -------- d-----w- c:\users\Introfeel\AppData\Roaming\LimeWire
2010-07-26 03:47 . 2010-05-06 19:43 3072 ----a-w- c:\users\Introfeel\AppData\Roaming\wklnhst.dat
2010-07-26 03:17 . 2010-05-07 02:49 -------- d-----w- c:\users\Introfeel\AppData\Roaming\HpUpdate
2010-07-26 03:02 . 2010-05-15 23:30 -------- d-----w- c:\program files\Hewlett-Packard
2010-07-26 02:36 . 2010-05-15 23:22 126920 ----a-w- c:\windows\hppins01.dat
2010-07-22 23:05 . 2010-05-06 17:29 -------- d-----w- c:\programdata\Roxio
2010-07-22 22:24 . 2010-05-07 05:52 -------- d-----w- c:\program files\iTunes
2010-07-22 22:23 . 2010-05-07 05:45 -------- d-----w- c:\program files\Common Files\Apple
2010-07-22 22:19 . 2010-07-22 22:19 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-20 15:51 . 2010-05-08 14:50 1 ----a-w- c:\users\Introfeel\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-07-15 12:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-12 05:51 . 2010-05-06 17:20 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-09 20:48 . 2010-05-06 08:15 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Skype
2010-07-09 16:12 . 2010-05-08 00:07 -------- d-----w- c:\users\Introfeel\AppData\Roaming\skypePM
2010-07-03 22:37 . 2010-05-06 17:37 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Roxio
2010-07-01 17:01 . 2010-05-07 02:47 -------- d-----w- c:\users\Introfeel\AppData\Roaming\HP
2010-06-27 21:15 . 2010-06-27 21:15 79367 ----a-w- c:\users\Introfeel\AppData\Roaming\Google\Google Talk\uninstall.exe
2010-06-27 01:18 . 2010-05-15 04:50 10134 ----a-r- c:\users\Introfeel\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
2010-06-26 11:36 . 2010-06-26 11:36 -------- d-----w- c:\program files\Microsoft.NET
2010-06-19 02:59 . 2010-05-06 01:56 101496 ----a-w- c:\users\Introfeel\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-19 02:55 . 2010-05-07 05:54 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Apple Computer
2010-06-19 02:54 . 2010-06-19 02:54 -------- d-----w- c:\program files\Bonjour
2010-06-18 14:24 . 2010-06-12 01:16 243200 ----a-w- c:\windows\system32\hpmpm081.dll
2010-06-18 14:24 . 2010-06-12 01:16 179200 ----a-w- c:\windows\system32\hpmpw081.dll
2010-06-18 14:24 . 2010-06-18 14:24 102912 ----a-w- c:\windows\system32\hpmco104.dll
2010-06-18 12:56 . 2010-06-18 12:55 -------- d-----w- c:\program files\GMATPrep
2010-06-18 12:55 . 2010-05-06 05:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-14 17:24 . 2010-05-08 03:39 -------- d-----w- c:\program files\Safari
2010-06-14 17:22 . 2010-06-14 17:22 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-12 01:18 . 2010-06-12 01:18 -------- d-----w- c:\programdata\Hewlett-Packard
2010-06-11 21:51 . 2010-06-11 21:51 3055600 ----a-w- c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-06-11 21:36 . 2010-06-11 21:36 275952 ----a-w- c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2010-06-04 21:46 . 2010-05-09 00:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-26 17:06 . 2010-06-11 11:23 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 11:23 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-18 21:35 . 2010-05-18 21:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:35 . 2010-05-18 21:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 17:32 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-09 01:19 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-05-09 01:19 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-05-08 23:57 . 2010-05-08 23:57 143976 ----a-w- c:\users\Introfeel\AppData\Roaming\Move Networks\uninstall.exe
2010-05-08 23:57 . 2009-10-15 00:50 5642688 ----a-w- c:\users\Introfeel\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
2010-05-08 03:52 . 2010-05-08 03:52 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-08 03:52 . 2010-05-08 03:52 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-08 03:52 . 2010-05-08 03:52 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-08 03:52 . 2010-05-08 03:52 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-08 03:52 . 2010-05-08 03:52 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-08 02:53 . 2010-05-08 02:54 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-08 02:45 . 2010-05-08 02:45 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-05-08 00:07 . 2010-05-08 00:07 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-05-07 15:06 . 2010-05-07 15:06 4710 ----a-r- c:\users\Introfeel\AppData\Roaming\Microsoft\Installer\{DF6DA606-904D-4C18-823F-A4CFC3035E53}\ext.exe
2010-05-06 08:05 . 2010-05-06 08:05 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-06 07:57 . 2010-05-06 07:57 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-05-06 07:57 . 2010-05-06 07:57 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-05-06 07:57 . 2010-05-06 07:57 243712 ----a-w- c:\windows\system32\rastls.dll
2010-05-06 07:57 . 2010-05-06 07:57 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-05-06 07:56 . 2010-05-06 07:56 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-05-06 07:56 . 2010-05-06 07:56 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-05-06 07:56 . 2010-05-06 07:56 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-05-06 07:56 . 2010-05-06 07:56 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-05-06 07:56 . 2010-05-06 07:56 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-05-06 07:56 . 2010-05-06 07:56 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-05-06 07:56 . 2010-05-06 07:56 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-05-06 07:56 . 2010-05-06 07:56 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-05-06 07:56 . 2010-05-06 07:56 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-05-06 07:56 . 2010-05-06 07:56 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-05-06 06:35 . 2010-05-06 06:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-05-06 06:35 . 2010-05-06 06:35 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-05-06 06:35 . 2010-05-06 06:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-05-06 06:33 . 2010-05-06 06:33 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-05-06 06:32 . 2010-05-06 06:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-05-06 06:32 . 2010-05-06 06:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-05-06 06:32 . 2010-05-06 06:32 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-05-06 06:32 . 2010-05-06 06:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-05-06 05:26 . 2010-05-06 01:56 680 ----a-w- c:\users\Introfeel\AppData\Local\d3d9caps.dat
2010-05-06 04:50 . 2010-05-06 04:50 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-05-06 04:50 . 2010-05-06 04:50 23552 ----a-w- c:\windows\system32\lpk.dll
2010-05-06 04:50 . 2010-05-06 04:50 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-05-06 04:50 . 2010-05-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-05-06 04:50 . 2010-05-06 04:50 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-05-06 04:50 . 2010-05-06 04:50 272896 ----a-w- c:\windows\system32\polstore.dll
2010-05-06 04:49 . 2010-05-06 04:49 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-05-06 04:49 . 2010-05-06 04:49 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-05-06 04:47 . 2010-05-06 04:47 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-05-06 04:47 . 2010-05-06 04:47 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-05-06 04:47 . 2010-05-06 04:47 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-05-06 04:47 . 2010-05-06 04:47 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-05-06 04:47 . 2010-05-06 04:47 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-05-06 04:47 . 2010-05-06 04:47 17920 ----a-w- c:\windows\system32\netevent.dll
2010-05-06 04:47 . 2010-05-06 04:47 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-05-06 04:47 . 2010-05-06 04:47 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-05-06 04:47 . 2010-05-06 04:47 10240 ----a-w- c:\windows\system32\finger.exe
2010-05-06 04:46 . 2010-05-06 04:46 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-05-06 04:46 . 2010-05-06 04:46 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-05-06 04:46 . 2010-05-06 04:46 65024 ----a-w- c:\windows\system32\wlanapi.dll
2010-05-06 04:46 . 2010-05-06 04:46 513536 ----a-w- c:\windows\system32\wlansvc.dll
2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( [email protected]_15.36.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-06 04:56 . 2010-07-26 13:10 43722 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-07-26 13:10 60722 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-26 00:58 . 2009-02-26 00:58 26136 c:\windows\System32\DriverStore\FileRepository\hpmews01.inf_29b08f9b\hpfxgen.sys
+ 2009-02-26 00:58 . 2009-02-26 00:58 17432 c:\windows\System32\DriverStore\FileRepository\hpmews01.inf_29b08f9b\hpfxbulk.sys
+ 2010-07-26 03:20 . 2009-02-26 00:57 18944 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hppmopjl.dll
+ 2010-07-26 03:20 . 2010-03-04 19:10 79872 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hppccompio.dll
+ 2010-07-26 03:20 . 2010-06-15 18:26 49252 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmnque.dll
+ 2010-07-26 03:20 . 2010-06-15 18:26 49250 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmnndps.dll
+ 2010-07-26 03:20 . 2009-02-25 22:32 59928 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\fxcompchannel.dll
+ 2010-07-26 03:20 . 2010-01-20 16:30 20480 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\cioum.dll
- 2006-11-02 13:02 . 2010-07-25 10:22 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2010-07-26 13:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2010-07-26 13:12 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2010-07-25 10:22 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2010-07-26 13:12 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2010-07-25 10:22 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-05-06 23:09 . 2010-07-24 17:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-06 23:09 . 2010-07-26 03:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-05-06 23:09 . 2010-07-26 03:30 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-05-06 23:09 . 2010-07-24 17:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-05-06 23:09 . 2010-07-26 03:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-05-06 23:09 . 2010-07-24 17:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-25 23:31 . 2010-07-25 23:31 54584 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\UNINST_Uninstall_D_4299976C1167441FA07CEF9926E410B1.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 46392 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\ProductName.chm.de_E8BE655ADEA641369B5E012FC4DD61C6.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\NewShortcut7_093EA01C878D4FB8BBB75CF2AF29E7A1.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriversHQ.DriverDe_84B8F33B3EBF407BAC7CF7FF8090594C.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriversHQ.DriverDe_73EA94828B1A467994E24B03923D8FFE.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.pt_6CF114D33913468CBA2AA6967939B819.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.it_251B66F1CA924E82A1EE29E85D5EC5A1.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.fr_E1678746353A46E3A9150D3E8B3832B1.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.es_654C8EA5162D4D4084239A5EDD67F462.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.ch_571875AB094D409B841CA52363CEAF75.exe
+ 2010-07-25 23:31 . 2010-07-25 23:31 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\ARPPRODUCTICON.exe
+ 2006-11-02 10:25 . 2010-07-26 03:21 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2010-06-19 02:56 86016 c:\windows\inf\infstor.dat
+ 2006-11-02 10:25 . 2010-07-26 03:21 51200 c:\windows\inf\infpub.dat
- 2006-11-02 10:25 . 2010-06-19 02:56 51200 c:\windows\inf\infpub.dat
+ 2010-07-25 23:31 . 2010-07-25 23:31 73728 c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\c54b4620699191a94cb40fc575c358b9\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
+ 2010-05-06 04:56 . 2010-07-26 13:10 9084 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-939453163-656404264-1916229718-1000_UserData.bin
- 2010-07-24 17:44 . 2010-07-24 17:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-26 13:08 . 2010-07-26 13:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-07-24 17:44 . 2010-07-24 17:44 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-26 13:08 . 2010-07-26 13:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-06-12 01:17 . 2010-06-18 14:35 302080 c:\windows\System32\spool\prtprocs\w32x86\hpcpp104.dll
- 2010-06-12 01:17 . 2010-05-01 22:54 302080 c:\windows\System32\spool\prtprocs\w32x86\hpcpp104.dll
+ 2006-11-02 10:25 . 2009-07-14 00:16 542208 c:\windows\System32\spool\drivers\w32x86\3\pscript5.dll
+ 2006-11-02 10:25 . 2009-07-14 00:16 726016 c:\windows\System32\spool\drivers\w32x86\3\ps5ui.dll
- 2010-06-12 01:16 . 2010-05-01 22:46 867328 c:\windows\System32\spool\drivers\w32x86\3\hpmur104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:26 867328 c:\windows\System32\spool\drivers\w32x86\3\hpmur104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:24 179200 c:\windows\System32\spool\drivers\w32x86\3\hpmpw081.dll
- 2010-06-12 01:16 . 2010-05-01 22:44 179200 c:\windows\System32\spool\drivers\w32x86\3\hpmpw081.dll
- 2010-06-12 01:16 . 2010-05-01 22:44 243200 c:\windows\System32\spool\drivers\w32x86\3\hpmpm081.dll
+ 2010-06-12 01:16 . 2010-06-18 14:24 243200 c:\windows\System32\spool\drivers\w32x86\3\hpmpm081.dll
- 2010-06-12 01:16 . 2010-05-01 22:44 749056 c:\windows\System32\spool\drivers\w32x86\3\hpmdp104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:24 749056 c:\windows\System32\spool\drivers\w32x86\3\hpmdp104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:34 124928 c:\windows\System32\spool\drivers\w32x86\3\hpfxcomw.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 124928 c:\windows\System32\spool\drivers\w32x86\3\hpfxcomw.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 644608 c:\windows\System32\spool\drivers\w32x86\3\hpcsr104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 179200 c:\windows\System32\spool\drivers\w32x86\3\hpcpn104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 179200 c:\windows\System32\spool\drivers\w32x86\3\hpcpn104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 253440 c:\windows\System32\spool\drivers\w32x86\3\hpcpe104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 253440 c:\windows\System32\spool\drivers\w32x86\3\hpcpe104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 519680 c:\windows\System32\spool\drivers\w32x86\3\hpcev104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 519680 c:\windows\System32\spool\drivers\w32x86\3\hpcev104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 309760 c:\windows\System32\spool\drivers\w32x86\3\hpcc3104.dll
- 2010-06-12 01:16 . 2010-05-01 22:55 309760 c:\windows\System32\spool\drivers\w32x86\3\hpcc3104.dll
+ 2006-11-02 10:33 . 2010-07-26 02:36 612592 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-07-23 16:03 612592 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-07-26 02:36 107654 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2010-07-23 16:03 107654 c:\windows\System32\perfc009.dat
+ 2009-03-24 17:52 . 2009-03-24 17:52 107840 c:\windows\System32\msstkprp.dll
+ 2009-02-26 01:01 . 2009-02-26 01:01 372736 c:\windows\System32\DriverStore\FileRepository\hpzid4vp.inf_9edd969c\drivers\dot4\Win2000\hppldcoi.dll
+ 2009-02-26 01:01 . 2009-02-26 01:01 309760 c:\windows\System32\DriverStore\FileRepository\hpzid4vp.inf_9edd969c\drivers\dot4\Win2000\difxapi.dll
+ 2009-02-26 00:59 . 2009-02-26 00:59 188416 c:\windows\System32\DriverStore\FileRepository\hpmews01.inf_29b08f9b\hpmews01.dll
+ 2010-07-26 03:20 . 2009-07-14 00:16 542208 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\pscript5.dll
+ 2010-07-26 03:20 . 2009-07-14 00:16 726016 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\ps5ui.dll
+ 2010-07-26 03:20 . 2010-03-25 17:10 146944 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpsysobj.dll
+ 2010-07-26 03:20 . 2010-06-18 14:26 867328 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmur104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:24 223232 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmtp104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:24 179200 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmpw081.dll
+ 2009-02-26 01:01 . 2009-02-26 01:01 372736 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmprein.dll
+ 2010-07-26 03:20 . 2010-06-18 14:24 243200 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmpm081.dll
+ 2010-07-26 03:20 . 2010-06-18 14:25 326656 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmml104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:24 275968 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmja104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:24 749056 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmdp104.dll
+ 2010-06-18 14:24 . 2010-06-18 14:24 102912 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmco104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:34 124928 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpfxcomw.dll
+ 2010-07-26 03:20 . 2009-11-30 20:25 524800 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\HPDRVJCT.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 644608 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcsr104.dll
+ 2010-07-26 03:20 . 2009-02-26 00:57 135168 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcsat20.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 302080 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcpp104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 179200 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcpn104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 253440 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcpe104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 519680 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcev104.dll
+ 2010-07-26 03:20 . 2010-04-23 12:18 507904 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcdmc32.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 309760 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcc3104.dll
+ 2009-02-26 01:01 . 2009-02-26 01:01 309760 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\drivers\dot4\Win2000\difxapi.dll
+ 2010-07-26 03:20 . 2010-04-29 16:25 349696 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\cioum32.msi
+ 2010-07-25 23:32 . 2010-07-25 23:32 164864 c:\windows\Installer\663a4c4.msi
+ 2010-07-25 23:32 . 2010-07-25 23:32 186880 c:\windows\Installer\663a4be.msi
+ 2010-07-25 23:32 . 2010-07-25 23:32 203776 c:\windows\Installer\663a4b2.msi
+ 2006-11-02 10:25 . 2010-07-26 03:21 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2010-06-19 02:56 143360 c:\windows\inf\infstrng.dat
+ 2010-07-25 23:31 . 2010-07-25 23:31 119296 c:\windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\fb5046d7fcf777313821ebae0c3632c7\XPBurnComponent.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 303616 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\b8c6fc20535abc362fa447e9f4becfa0\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 309248 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\0af9ecd3c9ee2521addff6eca3007911\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 148992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\00469844a857f73595f29cf391ab434e\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 230400 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\a841f1af5b2d06c52aa4b84779b6448d\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\ddcf52de4404af7493f632a96ecae702\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 338944 c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\25616013dbdda11984c50c5665f1243b\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 529920 c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\6c6ca09ad7130790bd54fa2708cba33f\DriversHQ.Common.ni.dll
- 2010-06-12 01:16 . 2010-05-01 22:47 1544704 c:\windows\System32\spool\drivers\w32x86\3\hpmux104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:27 1544704 c:\windows\System32\spool\drivers\w32x86\3\hpmux104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:25 2143232 c:\windows\System32\spool\drivers\w32x86\3\hpmsn104.dll
- 2010-06-12 01:16 . 2010-05-01 22:45 2143232 c:\windows\System32\spool\drivers\w32x86\3\hpmsn104.dll
- 2010-06-12 01:16 . 2010-05-01 22:45 1244160 c:\windows\System32\spool\drivers\w32x86\3\hpmsl104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:25 1244160 c:\windows\System32\spool\drivers\w32x86\3\hpmsl104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:32 3717120 c:\windows\System32\spool\drivers\w32x86\3\hpcur104.dll
- 2010-06-12 01:16 . 2010-05-01 22:52 3717120 c:\windows\System32\spool\drivers\w32x86\3\hpcur104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 3676672 c:\windows\System32\spool\drivers\w32x86\3\hpcui104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 3676672 c:\windows\System32\spool\drivers\w32x86\3\hpcui104.dll
- 2010-06-12 01:16 . 2010-05-01 22:52 4233728 c:\windows\System32\spool\drivers\w32x86\3\hpcst104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:32 4233728 c:\windows\System32\spool\drivers\w32x86\3\hpcst104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 1015296 c:\windows\System32\spool\drivers\w32x86\3\hpcss104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 1015296 c:\windows\System32\spool\drivers\w32x86\3\hpcss104.dll
- 2010-06-12 01:16 . 2010-05-01 22:54 1670656 c:\windows\System32\spool\drivers\w32x86\3\hpcls104.dll
+ 2010-06-12 01:16 . 2010-06-18 14:35 1670656 c:\windows\System32\spool\drivers\w32x86\3\hpcls104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:27 1544704 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmux104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:25 2143232 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmsn104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:25 1244160 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpmsl104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:32 3717120 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcur104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 3676672 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcui104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:32 4233728 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcst104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 1015296 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcss104.dll
+ 2010-07-26 03:20 . 2010-06-18 14:35 1670656 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpcls104.dll
+ 2010-02-26 02:20 . 2010-02-26 02:20 3210240 c:\windows\System32\DriverStore\FileRepository\hpcu104d.inf_5672c1b6\hpbcfgre.dll
+ 2010-07-25 23:31 . 2010-07-25 23:31 2697216 c:\windows\Installer\663a4b8.msp
+ 2010-07-25 23:32 . 2010-07-25 23:32 2317312 c:\windows\Installer\663a4ac.msi
+ 2010-07-25 23:31 . 2010-07-25 23:31 2398720 c:\windows\Installer\663a49c.msi
+ 2010-07-25 23:31 . 2010-07-25 23:31 3916800 c:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\b6beb3ef91ea77f3d70abeb3c2205ffa\DriversHQ.DriverDetective.Client.ni.exe
- 2010-07-25 08:00 . 2010-04-21 01:32 14194624 c:\windows\SoftwareDistribution\Download\Install\NDP1.1sp1-KB979906-X86.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"eFax 4.4"="c:\program files\eFax Messenger 4.4\J2GDllCmd.exe" [2008-10-07 95744]
"Google Update"="c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-05-08 136176]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"googletalk"="c:\users\Introfeel\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"V0270Mon.exe"="c:\windows\V0270Mon.exe" [2007-08-22 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-08 202256]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2007-05-19 741376]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

c:\users\Introfeel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
eFax 4.4.lnk - c:\program files\eFax Messenger 4.4\J2GTray.exe [2008-10-7 656896]
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):12,b1,8c,89,39,f1,ca,01

R2 AMPingService;AMPingService;c:\users\INTROF~1\AppData\Local\Temp\AMPing.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [2005-02-02 9344]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100709.001\BHDrvx86.sys [2010-06-19 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100723.001\IDSvix86.sys [2010-05-28 344112]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0402000.00C\SYMTDIV.SYS [2010-05-06 339504]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-23 102448]
S3 VF0270Dev;Live! Cam Optia;c:\windows\system32\DRIVERS\V0270Dev.sys [2007-08-20 227488]
S3 VF0270Vfx;VF0270 Video FX;c:\windows\system32\DRIVERS\V0270VFx.sys [2007-03-05 7424]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-939453163-656404264-1916229718-1000Core.job
- c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-08 04:20]

2010-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-939453163-656404264-1916229718-1000UA.job
- c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-08 04:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/?cid=NET_mmhpset
uInternet Settings,ProxyOverride = *.local
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.ap.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\users\Introfeel\AppData\Roaming\Mozilla\Firefox\Profiles\jq6w6nho.default\
FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Introfeel\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-26 08:28
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-07-26 08:35:24
ComboFix-quarantined-files.txt 2010-07-26 13:35
ComboFix2.txt 2010-07-25 15:42
ComboFix3.txt 2010-07-24 17:12

Pre-Run: 351,050,448,896 bytes free
Post-Run: 351,032,147,968 bytes free

- - End Of File - - 092826254E11E972C55A3F5D4DBDEA6E
  • 0

#20
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I ran the virus checker and it is still there needing manual removal.
  • 0

#21
hammerman

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Can you post the Norton scan report or take a screenshot?
  • 0

#22
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Category: Scan Results
Date & Time,Risk,Activity,Status,Task Name,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Virus,Cookie,Total Security Risks Resolved,Cookie Resolved,Total Security Risks Requiring Attention,Virus Unresolved
7/26/2010 11:53 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:15:58,"1,719,123","1,708,981",320,"5,951","3,864",7,"8,288","47,476",23,2,21,21,21,2,2
7/26/2010 9:00 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:28,"6,397","1,135",214,"4,880",19,149,959,16,0,,,0,,0,
7/24/2010 10:35 PM,Info,Full System Scan results,Completed,Full System Scan,0:03:21:11,"1,843,690","1,833,368",305,"6,196","3,814",7,"8,303","47,494",18,2,16,16,16,2,2
7/24/2010 7:43 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:22,"6,896","1,255",208,"5,265",19,149,"1,078",9,0,,,0,,0,
7/24/2010 9:05 AM,Info,Full System Scan results,Completed,Full System Scan,0:02:58:08,"1,537,075","1,527,175",326,"5,773","3,794",7,"8,155","91,069",6,2,4,4,4,2,2
7/24/2010 6:25 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:58,"6,281","1,134",216,"4,759",23,149,956,10,0,,,0,,0,
7/23/2010 9:47 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:28:06,"1,859,217","1,849,341",324,"5,783","3,762",7,"7,951","47,538",5,2,3,3,3,2,2
7/23/2010 6:34 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:39,"6,172","1,126",215,"4,663",19,149,936,36,0,,,0,,0,
7/23/2010 1:36 AM,Info,Full System Scan results,Completed,Full System Scan,0:04:01:00,"1,862,336","1,852,297",324,"5,894","3,814",7,"7,985","47,547",38,2,36,36,36,2,2
7/22/2010 9:55 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:14,"6,446","1,178",215,"4,885",19,149,982,24,0,,,0,,0,
7/21/2010 1:01 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:48,"6,899","1,167",215,"5,363",19,135,993,0,0,,,0,,0,
7/19/2010 9:52 PM,Info,Idle Full System Scan results,Completed,Idle Full System Scan,0:00:25:01,"476,883","466,831",326,"5,951","3,639",136,"7,940","369,493",3,2,1,1,1,2,2


Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/26/2010 8:41 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 7:18 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 6:12 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 5:29 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/23/2010 6:23 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/22/2010 9:39 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/19/2010 9:31 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action


Category: Unresolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/26/2010 11:27 AM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.
7/26/2010 10:53 AM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.


Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Gateway Physical Address,Subnet Identifier,Category
7/26/2010 8:28 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/26/2010 8:16 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/26/2010 8:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/26/2010 8:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 10:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 9:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 9:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:35 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:23 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 12:45 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:45 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 12:00 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:00 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 11:47 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 11:47 AM,Info,Connected to a protected network. (192.168.2.0/255.255.255.0),Protected,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 6:05 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 6:05 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 5:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 5:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:27 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:27 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:19 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:19 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:17 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:17 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:15 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:15 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 6:13 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 6:13 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:57 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,"Protecting your connection to a newly detected network on adapter \"Intel® 82562V-2 10/100 Network Connection\" (IP address: 192.168.2.2).",Detected,No Action Required,,,Firewall - Network and Connections
7/23/2010 5:41 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:41 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:27 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:27 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 11:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 11:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:24 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:24 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/21/2010 12:41 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/21/2010 12:41 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/21/2010 6:00 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/21/2010 6:00 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/20/2010 10:48 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/20/2010 10:48 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/20/2010 6:12 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/20/2010 6:12 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,


Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category,Program Name,Program Path,Default Action,Action Taken,Local Computer,Traffic Description
7/26/2010 8:16 AM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 8:16 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/26/2010 8:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:59 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:31 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:22 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 PM,Info,Firewall rules were automatically created for Install.,Protected,No Action Required,,Install,C:\HP Universal Print Driver PostScript v5.1.0.1\Install.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:12 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 49650","Outbound TCP, https"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall rules were automatically created for hpjdwnld.,Protected,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,Automatically create rules,"fe80::6da9:5b79:ae5d:a12e%8, 64243","Outbound UDP, Port 3702"
7/25/2010 10:04 PM,Info,Firewall rules were automatically created for hpjdwnld.,Protected,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,Automatically create rules,"192.168.2.2, 64242","Outbound UDP, Port 427"
7/25/2010 10:04 PM,Info,Firewall rules were automatically created for hpjdwnld.,Protected,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,Automatically create rules,"192.168.2.2, 64241","Outbound UDP, Port 161"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall rules were automatically created for hpjdwnld.,Protected,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,Automatically create rules,"192.168.2.2, 49646","Outbound TCP, www-http"
7/25/2010 10:03 PM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:03 PM,Info,Firewall rules were automatically created for hpjdwnld.,Protected,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 9:42 PM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:32 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57450","Outbound TCP, https"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57449","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57448","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57447","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 214 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for AMPing.,Protected,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,Automatically create rules,"192.168.2.2, 57432","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 213 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for AMPing.,Protected,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 212 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 57430","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 211 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,You allowed MSI2140 to access your network resources.,Allowed,No Action Required,,MSI2140,C:\Users\Introfeel\AppData\Local\Temp\MSI2140.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57424","Outbound TCP, https"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 57422","Outbound TCP, www-http"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 209 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57421","Outbound TCP, www-http"
7/25/2010 6:31 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,You allowed InstallManager_BAB_BAB to access your network resources.,Allowed,No Action Required,,InstallManager_BAB_BAB,C:\Users\Introfeel\AppData\Local\Temp\InstallManager_BAB_BAB.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:29 PM,Info,You allowed MSI55 to access your network resources.,Allowed,No Action Required,,MSI55,C:\Users\Introfeel\AppData\Local\Temp\MSI55.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 11:55 AM,Info,Firewall rules were automatically created for iTunes.,Protected,No Action Required,,iTunes,C:\Program Files\iTunes\iTunes.exe,No Action Required,Automatically create rules,"0.0.0.0, 3689","Inbound TCP, Port 3689"
7/25/2010 10:36 AM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:36 AM,Info,Firewall rules were automatically created for IP Configuration Utility.,Protected,No Action Required,,IP Configuration Utility,C:\Windows\System32\ipconfig.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,You created firewall rules to manage how ComboFix-Download accesses your network resources.,Custom,No Action Required,,ComboFix-Download,C:\ComboFix\ComboFix-Download.cfxxe,No Action Required,User configured rules,"192.168.2.2, 55793","Outbound TCP, www-http"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 4:44 PM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 4:44 PM,Info,Firewall has been enabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:45 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:43 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:00 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:59 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,Firewall has been disabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 7:29 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall rules were automatically created for Services and Controller app.,Protected,No Action Required,,Services and Controller app,C:\Windows\System32\services.exe,No Action Required,Automatically create rules,"0.0.0.0, 49158","Inbound TCP, Port 49158"
7/24/2010 5:12 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 5:12 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 5:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 49342","Outbound TCP, www-http"
7/23/2010 11:50 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:49 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:49 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49320","Outbound TCP, https"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:43 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 49308","Outbound TCP, www-http"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 201 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 200 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49289","Outbound TCP, www-http"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 199 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,You allowed sdsetup_aff[1] to access your network resources.,Allowed,No Action Required,,sdsetup_aff[1],C:\Users\Introfeel\AppData\Local\Temp\is-S2AM5.tmp\sdsetup_aff[1].tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 49286","Outbound TCP, www-http"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 197 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:28 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:12 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:05 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 8:40 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 6:14 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:55 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:52 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 49189","Outbound TCP, www-http"
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 5:41 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:38 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall rules were automatically created for Macrovision FLEXnet Connect Agent.,Protected,No Action Required,,Macrovision FLEXnet Connect Agent,C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe,No Action Required,Automatically create rules,"192.168.2.2, 49239","Outbound TCP, www-http"
7/22/2010 5:28 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 4:55 PM,Info,Firewall rules were automatically created for an application.,Protected,No Action Required,,,C:\Program Files\VideoLAN\VLC\vlc.exe,No Action Required,Automatically create rules,"127.0.0.1, 50403","Inbound TCP, Port 50403"
7/22/2010 11:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 6:19 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 10:56 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49611","Inbound TCP, Port 49611"
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49608","Inbound TCP, Port 49608"
7/21/2010 12:41 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 7:47 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 6:01 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/20/2010 11:10 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/20/2010 10:49 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/20/2010 10:46 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/20/2010 6:12 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/20/2010 12:30 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,


Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,Category
7/26/2010 8:09 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:17 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/21/2010 6:00 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/21/2010 6:00 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/21/2010 6:00 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/20/2010 10:48 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/20/2010 10:48 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/20/2010 10:48 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/20/2010 6:11 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/20/2010 6:11 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/20/2010 6:11 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention


Category: Download Insight
Date & Time,Risk,Activity,Status
7/25/2010 10:15 PM,Info,Download Insight analyzed upd-5101-ps_winxp_vista[1].exe,Access allowed
7/25/2010 10:02 PM,Info,Download Insight analyzed dlm.exe,Access allowed
7/25/2010 7:40 PM,Info,Download Insight analyzed SystemLook.exe,Access allowed
7/25/2010 6:49 PM,Info,Download Insight analyzed DriverInstaller_DD.exe,Access allowed
7/25/2010 6:28 PM,Info,Download Insight analyzed DriverInstaller_DD[1].exe,Access allowed
7/24/2010 11:39 AM,Info,Download Insight analyzed ComboFix.exe,Access allowed
7/23/2010 3:57 PM,Info,Download Insight analyzed OTL.exe,Access allowed
7/23/2010 11:35 AM,Info,Download Insight analyzed sdsetup_aff[1].exe,Access allowed


Category: AntiSpam
Date & Time,Risk,Activity,Status,Recommended Action
7/22/2010 9:34 PM,Info,Updating AntiSpam definitions,Detected,No action required


Category: Identity
Date & Time,Risk,Activity,Status,Recommended Action
7/26/2010 9:08 AM,Info,Using Antiphishing definitions version 20100726.004,Detected,No Action Required
7/26/2010 8:37 AM,Info,Antiphishing definitions version 20100726.004 downloaded,Detected,No Action Required
7/24/2010 8:19 PM,Info,Using Antiphishing definitions version 20100724.008,Detected,No Action Required
7/24/2010 7:14 PM,Info,Antiphishing definitions version 20100724.008 downloaded,Detected,No Action Required
7/24/2010 6:29 AM,Info,Using Antiphishing definitions version 20100724.003,Detected,No Action Required
7/24/2010 5:24 AM,Info,Antiphishing definitions version 20100724.003 downloaded,Detected,No Action Required
7/22/2010 10:39 PM,Info,Using Antiphishing definitions version 20100723.001,Detected,No Action Required
7/22/2010 9:34 PM,Info,Antiphishing definitions version 20100723.001 downloaded,Detected,No Action Required


Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details,Detailed Status
7/26/2010 11:27 AM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Pending,No Action Required,"Monday, July 26, 2010 11:27 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... ",
7/26/2010 11:27 AM,Info,Statistical Submission: Backdoor.Tidserv!inf,Pending,No Action Required,"Monday, July 26, 2010 11:27 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... ",
7/26/2010 10:55 AM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Pending,No Action Required,"Monday, July 26, 2010 10:55 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... ",
7/26/2010 10:55 AM,Info,Statistical Submission: Backdoor.Tidserv!inf,Pending,No Action Required,"Monday, July 26, 2010 10:55 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... ",
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:29 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Monday, July 26, 2010 8:59 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:26 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 7:40 PM,Info,IPS Detection Statistical Submission,Waiting,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 57831 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE Offending URL: jpshortstuff.247fixes.com/SystemLook.exe Date Detected: Mon, 26 Jul 2010 00:40:28 GMT Application File Checksum: 5C9B1062EA7A44E8F6BFDE994B68C7AA Application File Information: 8.0.6001.18928 Network Data: 434D50520014000078DAEDCBCB0AC2301404D0891511545C08827E440B22B82E3650C107A6ED46175D488A0F4AC444A87F6F10F40B5CCE81CB3070679B2CE3760798020800217CB6FC7D737C04BA03DF441FFE0D138CA0E4BE90595EA6324EA42AD35D965FEFF66C1ECEBA675585B3F9A2BA34DA86275343049FDD10BDDFAE50AB287B59A7EBB531B750377A7300111111111111111111FDDD1B21641B5E Sub-signature ID: 68872 Remote Address: 213.133.97.36 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:18:26 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:18:11 GMT Product:Norton 360 4.2.0.12",
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:17:52 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:21 AM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Sunday, July 25, 2010 11:17 AM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 55795 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\COMBOFIX\COMBOFIX-DOWNLOAD.CFXXE Offending URL: download.bleepingcomputer.com/sUBs/ComboFix.exe Date Detected: Sun, 25 Jul 2010 15:21:53 GMT Application File Checksum: CE222401FC3C1BC17E70BCFFF25507F3 Network Data: 434D50520014000078DAEDCBCD0A82401405E0331911549B821641AFA0CF603A618B8AFCD9D842328710D4912CF2F11B827A8296E783CBB917EE39F89E3B1C012B00162084C981996F2ECFC078662E318579C31A0B84F294C828CE02E9FA32CC82631417FAD554FA52D879A5545B36B7ABAEDBE743DD6DB340589FEE1C935F3709774E976C3AC7D375AEB7656FAB5EED53101111111111111111D1FFBC01F7F61E2D Sub-signature ID: 68872 Remote Address: 208.43.120.24 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 16:17:11 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:12 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:25:09 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:11 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:55 GMT Product:Norton 360 4.2.0.12",
7/24/2010 9:36 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Sunday, July 25, 2010 4:25 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:33 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:23 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:18 GMT Product:Norton 360 4.2.0.12",
7/23/2010 8:45 AM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 5:47 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 15:38:23 GMT Product:Norton 360 4.2.0.12",
7/22/2010 11:38 PM,Info,Sample Submission: pcdrtouchscrn.p5x,Submitted,No Action Required,"Friday, July 23, 2010 1:38 AM",Norton Security Suite,Sample Submission: pcdrtouchscrn.p5x,"CSIDL_SYSTEM_DRIVE\windows.old\program files\dell support center\hwdiag\bin\pcdrtouchscrn.p5x OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 06:38:13 GMT Product:Norton 360 4.2.0.12",
7/19/2010 9:50 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Tuesday, July 20, 2010 9:11 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Tue, 20 Jul 2010 03:35:10 GMT Product:Norton 360 4.2.0.12",
7/19/2010 9:45 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Monday, July 19, 2010 10:35 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Tue, 20 Jul 2010 03:35:05 GMT Product:Norton 360 4.2.0.12",


Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction,Terminal Session
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PEV.CFXXE,5736,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\HANDLE.CFXXE,756,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Duplicate Object,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PEV.CFXXE,5104,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,5672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,5912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,1228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,464,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:35 AM",C:\COMBOFIX\PV.CFXXE,3308,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:34 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:34 AM",C:\COMBOFIX\PEV.CFXXE,5168,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:34 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:34 AM",C:\COMBOFIX\PV.CFXXE,4280,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:33 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:33 AM",C:\COMBOFIX\PV.CFXXE,5176,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:33 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:33 AM",C:\COMBOFIX\PV.CFXXE,5612,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:31 AM",C:\COMBOFIX\PV.CFXXE,4412,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:28 AM",C:\COMBOFIX\PV.CFXXE,1724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:28 AM",C:\COMBOFIX\PV.CFXXE,5480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:28 AM",C:\COMBOFIX\PV.CFXXE,4724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:28 AM",C:\COMBOFIX\PV.CFXXE,5296,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:26 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:26 AM",C:\COMBOFIX\PV.CFXXE,5572,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:26 AM",C:\COMBOFIX\PEV.CFXXE,3280,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:26 AM",C:\COMBOFIX\PEV.CFXXE,3280,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:26 AM",C:\COMBOFIX\PEV.CFXXE,3204,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,5244,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\SWREG.CFXXE,5444,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\HANDLE.CFXXE,5084,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Duplicate Object,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,1848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,1668,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,4112,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,5248,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,1952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,6040,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,1924,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,1924,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,4888,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,5400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,4284,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,5700,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,4548,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,3816,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,5284,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,4052,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:25 AM",C:\COMBOFIX\PEV.CFXXE,936,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PV.CFXXE,5352,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PV.CFXXE,5936,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PV.CFXXE,4396,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PV.CFXXE,4680,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PV.CFXXE,4596,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,6068,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,6068,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,4352,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,1848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5460,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5736,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5968,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,276,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,3228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,3228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,1832,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,2848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5740,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5288,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,1828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5256,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:24 AM",C:\COMBOFIX\PEV.CFXXE,5256,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,3056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.EXE,2632,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,2892,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,2892,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,5984,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,4064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,3580,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,6016,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:23 AM",C:\COMBOFIX\PEV.CFXXE,3892,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:20 AM",C:\COMBOFIX\PEV.EXE,4440,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:20 AM",C:\COMBOFIX\PEV.CFXXE,2860,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:20 AM",C:\COMBOFIX\PEV.EXE,3304,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:19 AM",C:\COMBOFIX\PEV.CFXXE,1852,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:19 AM",C:\COMBOFIX\PEV.CFXXE,1852,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,5016,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,5744,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,4064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,5272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,5388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\HANDLE.CFXXE,4660,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Duplicate Object,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,5152,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,4416,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\PV.CFXXE,4668,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:18 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Monday, July 26, 2010 8:18 AM",C:\COMBOFIX\HANDLE.CFXXE,5348,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Duplicate Object,Unauthorized access blocked,1
7/26/2010 8:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:17 AM",C:\COMBOFIX\PEV.CFXXE,6132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:17 AM",C:\COMBOFIX\PEV.CFXXE,6132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:17 AM",C:\COMBOFIX\PEV.CFXXE,6132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:17 AM",C:\COMBOFIX\PEV.CFXXE,4564,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,1796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PEV.CFXXE,6060,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PEV.CFXXE,5300,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PEV.CFXXE,5764,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PEV.CFXXE,2208,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,4464,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,3876,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,5484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,5700,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,1856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\COMBOFIX\PV.CFXXE,4864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\32788R22FWJFW\PV.CFXXE,6108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:16 AM",C:\32788R22FWJFW\PV.CFXXE,5860,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\PV.CFXXE,4432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Open Process Token,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\PEV.EXE,4356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\PEV.EXE,4356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,2208,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\PEV.EXE,4464,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2304,Access Process Data,Unauthorized access blocked,1
7/26/2010 8:15 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Monday, July 26, 2010 8:15 AM",C:\32788R22FWJFW\IEXPLORE.EXE,2472,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3584,Post Terminate Message to Window,Unauthorized access blocked,1
7/26/2010 8:09 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Monday, July 26, 2010 8:09 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2072,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/25/2010 10:32 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2428,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/25/2010 10:29 PM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:29 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,576,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2432,Access Thread Data,Unauthorized access blocked,
7/25/2010 9:32 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Sunday, July 25, 2010 9:32 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2124,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/25/2010 9:29 PM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Sunday, July 25, 2010 9:29 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,576,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Thread Data,Unauthorized access blocked,
7/25/2010 8:41 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 8:41 PM",C:\PROGRAM FILES\APPLE SOFTWARE UPDATE\SOFTWAREUPDATE.EXE,2688,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Open Process Token,Unauthorized access blocked,1
7/25/2010 6:31 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 6:31 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4308,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 6:31 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 6:31 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4664,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,
7/25/2010 6:31 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 6:31 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4664,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,
7/25/2010 6:31 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 6:31 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4664,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PEV.CFXXE,1956,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\HANDLE.CFXXE,1388,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Duplicate Object,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PEV.CFXXE,2972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,6136,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,5220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,6128,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,5736,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,5884,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:42 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:42 AM",C:\COMBOFIX\PV.CFXXE,4628,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:40 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:40 AM",C:\COMBOFIX\PEV.CFXXE,4924,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:40 AM",C:\COMBOFIX\PV.CFXXE,5276,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:40 AM",C:\COMBOFIX\PV.CFXXE,1388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:40 AM",C:\COMBOFIX\PV.CFXXE,272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:38 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:38 AM",C:\COMBOFIX\PV.CFXXE,5284,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:35 AM",C:\COMBOFIX\PV.CFXXE,2400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:35 AM",C:\COMBOFIX\PV.CFXXE,4308,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:35 AM",C:\COMBOFIX\PV.CFXXE,5368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:35 AM",C:\COMBOFIX\PV.CFXXE,4728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PV.CFXXE,156,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,2796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,2796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,4536,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,4152,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\SWREG.CFXXE,5836,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\HANDLE.CFXXE,5368,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Duplicate Object,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,3432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,4980,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:33 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:33 AM",C:\COMBOFIX\PEV.CFXXE,5004,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,3300,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,4332,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,5044,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,5148,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,5148,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,4600,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,5052,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,1036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,3316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,3220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,1120,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,6048,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,5852,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:32 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:32 AM",C:\COMBOFIX\PEV.CFXXE,3328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PV.CFXXE,5860,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PV.CFXXE,3560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PV.CFXXE,4836,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PV.CFXXE,408,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,2480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5544,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5528,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5004,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4188,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4968,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,2544,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,1144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,4952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,3828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.EXE,1972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,5828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,2328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:31 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:31 AM",C:\COMBOFIX\PEV.CFXXE,3296,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,5944,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,3328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,3328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,3572,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:28 AM",C:\COMBOFIX\PEV.EXE,5940,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:27 AM",C:\COMBOFIX\PEV.CFXXE,5988,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:27 AM",C:\COMBOFIX\PEV.EXE,2544,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:27 AM",C:\COMBOFIX\PEV.CFXXE,5020,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:27 AM",C:\COMBOFIX\PEV.CFXXE,5020,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:26 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:26 AM",C:\COMBOFIX\PV.CFXXE,5884,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\PV.CFXXE,3880,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\PV.CFXXE,4724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\PV.CFXXE,3944,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\HANDLE.CFXXE,5328,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Duplicate Object,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\PV.CFXXE,3988,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:25 AM",C:\COMBOFIX\PV.CFXXE,4428,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:24 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:24 AM",C:\COMBOFIX\PV.CFXXE,5256,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:24 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Sunday, July 25, 2010 10:24 AM",C:\COMBOFIX\HANDLE.CFXXE,5708,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Duplicate Object,Unauthorized access blocked,1
7/25/2010 10:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:24 AM",C:\COMBOFIX\PEV.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,5104,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PV.CFXXE,4424,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,4636,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PV.CFXXE,5528,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,2796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:23 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:23 AM",C:\COMBOFIX\PEV.CFXXE,2476,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PEV.CFXXE,936,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,2036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4292,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,2428,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,1156,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PV.CFXXE,948,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PV.CFXXE,4852,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PV.CFXXE,3264,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PEV.EXE,3108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PEV.EXE,3108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\PEV.EXE,4148,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,2620,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:22 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Sunday, July 25, 2010 10:22 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5612,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Post Terminate Message to Window,Unauthorized access blocked,1
7/25/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,4688,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,5260,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,5728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,1252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:21 AM",C:\32788R22FWJFW\PV.CFXXE,4528,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:20 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:20 AM",C:\32788R22FWJFW\PV.CFXXE,6076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:20 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, July 25, 2010 10:20 AM",C:\32788R22FWJFW\PV.CFXXE,3500,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Open Process Token,Unauthorized access blocked,1
7/25/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:20 AM",C:\32788R22FWJFW\PEV.EXE,3724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:20 AM",C:\32788R22FWJFW\PEV.EXE,3724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:19 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,1172,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Sunday, July 25, 2010 10:19 AM",C:\32788R22FWJFW\PEV.EXE,2280,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/25/2010 10:19 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Sunday, July 25, 2010 10:19 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5924,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3380,Post Terminate Message to Window,Unauthorized access blocked,1
7/24/2010 6:38 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 6:38 PM",C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE,3124,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2004,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:45 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Saturday, July 24, 2010 12:45 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,800,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/24/2010 12:43 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 12:43 PM",C:\USERS\INTROFEEL\APPDATA\LOCAL\TEMP\_IU14D2N.TMP,4788,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PEV.CFXXE,2912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\HANDLE.CFXXE,304,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3084,Duplicate Object,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PEV.CFXXE,2664,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PEV.CFXXE,304,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,3728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,3228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,4076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,3884,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,1916,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:12 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:12 PM",C:\COMBOFIX\PV.CFXXE,1968,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:10 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 12:10 PM",C:\COMBOFIX\PEV.CFXXE,3960,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Access Process Data,Unauthorized access blocked,1
7/24/2010 12:10 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:10 PM",C:\COMBOFIX\PV.CFXXE,3644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:10 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:10 PM",C:\COMBOFIX\PV.CFXXE,2624,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:10 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:10 PM",C:\COMBOFIX\PV.CFXXE,3612,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:10 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:10 PM",C:\COMBOFIX\PV.CFXXE,3268,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:06 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:06 PM",C:\COMBOFIX\PV.CFXXE,3064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 12:01 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Saturday, July 24, 2010 12:01 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,3632,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/24/2010 12:00 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 12:00 PM",C:\COMBOFIX\PV.CFXXE,3800,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,540,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:59 AM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:59 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,588,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Thread Data,Unauthorized access blocked,
7/24/2010 11:59 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:59 AM",C:\COMBOFIX\PEV.CFXXE,3428,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:59 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:59 AM",C:\COMBOFIX\PV.CFXXE,4796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:59 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:59 AM",C:\COMBOFIX\PV.CFXXE,228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:59 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:59 AM",C:\COMBOFIX\PV.CFXXE,2188,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:58 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:58 AM",C:\COMBOFIX\PV.CFXXE,6056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:57 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:57 AM",C:\COMBOFIX\PV.CFXXE,4396,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:56 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:56 AM",C:\COMBOFIX\PV.CFXXE,5144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:56 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:56 AM",C:\COMBOFIX\PEV.CFXXE,5584,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:56 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:56 AM",C:\COMBOFIX\PEV.CFXXE,5584,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:56 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:56 AM",C:\COMBOFIX\PEV.EXE,4668,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:56 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:56 AM",C:\COMBOFIX\PEV.CFXXE,4848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,2412,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\SWREG.CFXXE,5980,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\HANDLE.CFXXE,4820,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Duplicate Object,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,1836,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,1228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,4248,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5344,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5376,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,4848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5964,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5964,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,6104,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,5464,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,6064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,4648,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,4484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,1876,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.CFXXE,4012,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:55 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:55 AM",C:\COMBOFIX\PEV.EXE,2192,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:54 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:54 AM",C:\COMBOFIX\PV.CFXXE,5756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:54 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:54 AM",C:\COMBOFIX\PV.CFXXE,4496,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:54 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:54 AM",C:\COMBOFIX\PV.CFXXE,5940,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:54 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:54 AM",C:\COMBOFIX\PV.CFXXE,2416,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:54 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:54 AM",C:\COMBOFIX\PV.CFXXE,5300,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5016,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,2096,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5392,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5496,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5340,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,6076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,3636,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,3636,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5944,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5632,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5908,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4844,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4844,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4944,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.EXE,2388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,5660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,4552,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:53 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:53 AM",C:\COMBOFIX\PEV.CFXXE,2412,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:52 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:52 AM",C:\COMBOFIX\PEV.CFXXE,2656,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:52 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:52 AM",C:\COMBOFIX\PEV.CFXXE,5168,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:52 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:52 AM",C:\COMBOFIX\PEV.CFXXE,5168,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:52 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:52 AM",C:\COMBOFIX\PEV.CFXXE,6080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:50 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:50 AM",C:\COMBOFIX\PEV.EXE,5096,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:49 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:49 AM",C:\COMBOFIX\PEV.CFXXE,2104,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:49 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:49 AM",C:\COMBOFIX\PEV.EXE,4268,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:49 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:49 AM",C:\COMBOFIX\PEV.CFXXE,3340,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:49 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:49 AM",C:\COMBOFIX\PEV.CFXXE,3340,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:48 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:48 AM",C:\COMBOFIX\PV.CFXXE,2624,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:48 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:48 AM",C:\COMBOFIX\PV.CFXXE,5584,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:48 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:48 AM",C:\COMBOFIX\PV.CFXXE,4500,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:48 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:48 AM",C:\COMBOFIX\PV.CFXXE,6056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:48 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Saturday, July 24, 2010 11:48 AM",C:\COMBOFIX\HANDLE.CFXXE,4964,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Duplicate Object,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PV.CFXXE,1680,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PV.CFXXE,5180,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PV.CFXXE,5348,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\HANDLE.CFXXE,4676,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Duplicate Object,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PEV.CFXXE,5692,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PEV.CFXXE,5692,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PEV.CFXXE,5692,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PEV.CFXXE,4408,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PV.CFXXE,4384,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:47 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:47 AM",C:\COMBOFIX\PEV.CFXXE,308,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,3448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PEV.CFXXE,1304,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PEV.CFXXE,3528,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PEV.CFXXE,4792,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,6016,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,1908,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,5912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,5192,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,3192,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\COMBOFIX\PV.CFXXE,4248,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:46 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:46 AM",C:\32788R22FWJFW\PV.CFXXE,4868,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:43 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:43 AM",C:\32788R22FWJFW\PV.CFXXE,1836,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, July 24, 2010 11:40 AM",C:\32788R22FWJFW\PV.CFXXE,4012,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Open Process Token,Unauthorized access blocked,1
7/24/2010 11:40 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:40 AM",C:\32788R22FWJFW\PEV.EXE,4936,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:40 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:40 AM",C:\32788R22FWJFW\PEV.EXE,4936,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:39 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:39 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:39 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 11:39 AM",C:\32788R22FWJFW\PEV.EXE,5836,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2180,Access Process Data,Unauthorized access blocked,1
7/24/2010 11:39 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Saturday, July 24, 2010 11:39 AM",C:\32788R22FWJFW\IEXPLORE.EXE,3920,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3852,Post Terminate Message to Window,Unauthorized access blocked,1
7/24/2010 6:06 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Saturday, July 24, 2010 6:06 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2020,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/24/2010 5:10 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Saturday, July 24, 2010 5:10 AM",C:\USERS\INTROFEEL\DESKTOP\GMER\GMER.EXE,5792,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,2364,Access Process Data,Unauthorized access blocked,1
7/24/2010 5:08 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Saturday, July 24, 2010 5:08 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,1244,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 4:22 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 4:22 PM",C:\USERS\INTROFEEL\DESKTOP\GMER\GMER.EXE,5912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,1
7/23/2010 4:21 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 4:21 PM",C:\USERS\INTROFEEL\DESKTOP\GMER\GMER.EXE,480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,1
7/23/2010 11:51 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:51 AM",C:\PROGRAM FILES\SPYWARE DOCTOR\UMINJECT32.EXE,4872,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1668,Access Process Data,Unauthorized access blocked,
7/23/2010 11:51 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:51 AM",C:\PROGRAM FILES\SPYWARE DOCTOR\UMINJECT32.EXE,4328,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1668,Access Process Data,Unauthorized access blocked,
7/23/2010 11:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:42 AM",C:\PROGRAM FILES\SPYWARE DOCTOR\UMINJECT32.EXE,5980,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1668,Access Process Data,Unauthorized access blocked,
7/23/2010 11:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:42 AM",C:\PROGRAM FILES\SPYWARE DOCTOR\UMINJECT32.EXE,4288,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1668,Access Process Data,Unauthorized access blocked,
7/23/2010 11:42 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:42 AM",C:\USERS\INTROFEEL\APPDATA\LOCAL\TEMP\IS-S2AM5.TMP\SDSETUP_AFF[1].TMP,5832,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,1
7/23/2010 11:37 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:37 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:37 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:37 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,1456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,
7/23/2010 11:35 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, July 23, 2010 11:35 AM",C:\USERS\INTROFEEL\APPDATA\LOCAL\TEMP\IS-N3J4V.TMP\INNOMONITOR.EXE,5748,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1180,Access Process Data,Unauthorized access blocked,1
7/23/2010 11:28 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Friday, July 23, 2010 11:28 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,1940,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 11:15 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Friday, July 23, 2010 11:15 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2320,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 11:08 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Friday, July 23, 2010 11:08 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2552,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 11:06 AM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Friday, July 23, 2010 11:06 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,596,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1540,Access Thread Data,Unauthorized access blocked,
7/23/2010 6:14 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Friday, July 23, 2010 6:14 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2600,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 5:41 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Friday, July 23, 2010 5:41 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2372,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/23/2010 5:39 AM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Friday, July 23, 2010 5:39 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1828,Access Thread Data,Unauthorized access blocked,
7/22/2010 5:28 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Thursday, July 22, 2010 5:28 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2508,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/22/2010 5:25 PM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:25 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Thread Data,Unauthorized access blocked,
7/22/2010 5:23 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:23 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3600,Access Process Data,Unauthorized access blocked,
7/22/2010 5:23 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:23 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,
7/22/2010 5:23 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:23 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,
7/22/2010 5:23 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:23 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,
7/22/2010 5:22 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:22 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,1
7/22/2010 5:22 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:22 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,
7/22/2010 5:22 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:22 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,5252,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,
7/22/2010 5:21 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, July 22, 2010 5:21 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,4356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,476,Access Process Data,Unauthorized access blocked,1
7/22/2010 11:09 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Thursday, July 22, 2010 11:09 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2680,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/22/2010 5:25 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Thursday, July 22, 2010 5:25 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,1404,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/21/2010 10:56 PM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Wednesday, July 21, 2010 10:56 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,600,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1336,Access Thread Data,Unauthorized access blocked,
7/21/2010 12:41 PM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Wednesday, July 21, 2010 12:41 PM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2296,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/21/2010 6:02 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Wednesday, July 21, 2010 6:02 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2596,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/20/2010 11:11 PM,Medium,Unauthorized access blocked (Access Thread Data),Blocked,No Action Required,"Tuesday, July 20, 2010 11:11 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1568,Access Thread Data,Unauthorized access blocked,
7/20/2010 10:49 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Tuesday, July 20, 2010 10:49 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,3176,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/20/2010 6:12 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Tuesday, July 20, 2010 6:12 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,1204,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1


Category: Silent Mode
Date & Time,Risk,Activity,Status
7/26/2010 8:37 AM,Info,Silent Mode turned off.,Completed
7/26/2010 8:13 AM,Info,Silent Mode turned on.,Completed
7/25/2010 10:03 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
7/25/2010 10:02 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
7/25/2010 10:47 AM,Info,Silent Mode turned off.,Completed
7/25/2010 10:11 AM,Info,Silent Mode turned on.,Completed
7/21/2010 6:19 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
7/21/2010 6:18 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed


Category: Symantec Error Reporting
Date & Time,Risk,Activity,Status,Error Type,Error Time,Error ID,Error Class,Product Name,Product Version,Process ID,Thread ID,Process Name,Process Version,Process Timestamp,Module Name,Module Version,Module Timestamp,Module Offset,Hash Code,Component Name,Component Id,Error Code,Severity,Error File
7/24/2010 10:33 PM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Sunday, July 25, 2010 2:36 AM",{374C33B2-6202-4FDF-AE38-160C0EEA590D},0x37C0D0A5,Norton Security Suite,4.2.0.12,0x7D4,0x15F8,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",NCW,17.7.0.12,"Friday, May 14, 2010 5:27 AM",0x12E2A0,0x5315CA89,NCW,0x0,0x80004005,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\37C0D0A5\374C33B2-6202-4FDF-AE38-160C0EEA590D.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\37C0D0A5\374C33B2-6202-4FDF-AE38-160C0EEA590D.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{470FBFBB-93F5-46CC-AF2E-407D4368BBBB}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 2:11 PM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 4:17 PM",{D57088C3-E5D9-48ED-ADEB-D65E6C4C88F6},0x72AD28FA,Norton Security Suite,4.2.0.12,0x78C,0x4D0,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",BHEngine,6.1.0.107,"Thursday, May 20, 2010 4:00 AM",0x103AA,0x287FA89C,BHEngine,0x20001,0x80640010,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\72AD28FA\D57088C3-E5D9-48ED-ADEB-D65E6C4C88F6.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\72AD28FA\D57088C3-E5D9-48ED-ADEB-D65E6C4C88F6.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{6370B477-EAF4-45F2-B395-D4DF0E6C8BCC}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 2:11 PM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 4:19 PM",{E5220289-4869-4581-BB59-5CE5E1C7CAB2},0x69C43370,Norton Security Suite,4.2.0.12,0x798,0x588,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",CCEMLPXY,109.0.3.4,"Friday, February 26, 2010 12:21 AM",0x14824,0x8E3216EA,ccEmlPxy,0x7,0x4,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\69C43370\E5220289-4869-4581-BB59-5CE5E1C7CAB2.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\69C43370\E5220289-4869-4581-BB59-5CE5E1C7CAB2.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{CFF82721-30D1-4036-9033-79F9A8DB1852}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 2:11 PM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 4:17 PM",{9E003AE3-9F77-48F1-8870-1009F1261DD8},0x4F60CEA1,Norton Security Suite,4.2.0.12,0x78C,0x8B8,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",avModule,17.7.0.12,"Friday, May 14, 2010 5:27 AM",0x2C886,0x155B2BDC,avModule,0x0,0x8004000E,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\4F60CEA1\9E003AE3-9F77-48F1-8870-1009F1261DD8.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\4F60CEA1\9E003AE3-9F77-48F1-8870-1009F1261DD8.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{57D49EB0-19E1-4BA1-8AD5-E324168E49FC}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 2:11 PM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 4:17 PM",{925E5A85-D43C-462D-807A-780749AA1F6D},0xBEAA423,Norton Security Suite,4.2.0.12,0x78C,0x4D0,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",BHSVCPLG,6.0.8.5,"Tuesday, April 27, 2010 1:29 AM",0x37D6,0x80346998,BHSvcPlg,0x2,0x80640010,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\0BEAA423\925E5A85-D43C-462D-807A-780749AA1F6D.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\0BEAA423\925E5A85-D43C-462D-807A-780749AA1F6D.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{E9CA09BF-1B46-40FB-B039-46D9F0FDE120}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 9:46 AM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 10:57 AM",{36C6F5E1-3856-4B4E-8B99-CC00C6EE54E8},0xD7FF6680,Norton Security Suite,4.2.0.12,0x798,0xC54,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",asEngine,17.7.0.12,"Friday, May 14, 2010 5:27 AM",0xC6A7,0xA69AB7EA,asEngine,0x0,0x80040300,High,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\D7FF6680\36C6F5E1-3856-4B4E-8B99-CC00C6EE54E8.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\D7FF6680\36C6F5E1-3856-4B4E-8B99-CC00C6EE54E8.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{7449CC85-9DEB-47BD-A160-BDF29582F49E}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 9:46 AM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 10:57 AM",{5D579084-2BDC-433A-A050-33DA6E0A010D},0xCC197008,Norton Security Suite,4.2.0.12,0x798,0xC54,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",asEngine,17.7.0.12,"Friday, May 14, 2010 5:27 AM",0xE052,0x8FE871FC,asEngine,0x0,0x80040300,Critical,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\CC197008\5D579084-2BDC-433A-A050-33DA6E0A010D.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\CC197008\5D579084-2BDC-433A-A050-33DA6E0A010D.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{4F619B41-39E9-4C7F-91C9-0B9F76B1F557}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"
7/23/2010 9:46 AM,Low,Symantec Error Reporting Submission,Submitted,Error Condition Detected,"Friday, July 23, 2010 10:57 AM",{50B15F45-4761-4F3C-BA34-42408958FE1C},0xB41BC2DB,Norton Security Suite,4.2.0.12,0x798,0x80C,ccSvcHst,109.0.3.4,"Thursday, February 25, 2010 8:42 PM",asEngine,17.7.0.12,"Friday, May 14, 2010 5:27 AM",0x1B9EA,0x50D3BC81,asEngine,0x0,0x80004005,Low,"C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\B41BC2DB\50B15F45-4761-4F3C-BA34-42408958FE1C.dat, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\CmnClnt\ErrorInstances\B41BC2DB\50B15F45-4761-4F3C-BA34-42408958FE1C.dat.tmp, C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\ErrorManagement\Queue\SQ_{FD4F892E-0EAE-4DF7-8B83-DECA1623FB03}\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.etl"


Category: Tuneup
Date & Time,Risk,Activity,Status,Submitted By,Result,Details,Space Cleaned
7/26/2010 11:59 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive D: Optimization not required, current disk fragmentation is 1%.",
7/26/2010 11:59 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive C: Optimization not required, current disk fragmentation is 1%.",
7/26/2010 11:54 AM,Info,Windows Temporary Files,Success,Tuneup,No problems detected.,,
7/26/2010 11:54 AM,Info,Internet Explorer Temporary Files,Success,Tuneup,Fixed: 1500,,51 MB
7/24/2010 10:41 PM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive D: Optimization not required, current disk fragmentation is 1%.",
7/24/2010 10:41 PM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive C: Optimization not required, current disk fragmentation is 1%.",
7/24/2010 10:36 PM,Info,Windows Temporary Files,Success,Tuneup,Fixed: 23,,229 KB
7/24/2010 10:36 PM,Info,Internet Explorer Temporary Files,Success,Tuneup,Fixed: 1368,,62 MB
7/24/2010 9:16 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive D: Optimization not required, current disk fragmentation is 1%.",
7/24/2010 9:16 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive C: Optimization not required, current disk fragmentation is 1%.",
7/24/2010 9:06 AM,Info,Windows Temporary Files,Success,Tuneup,Fixed: 72,,26 MB
7/24/2010 9:05 AM,Info,Internet Explorer Temporary Files,Success,Tuneup,Fixed: 1159,,86 MB
7/23/2010 9:53 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive D: Optimization not required, current disk fragmentation is 1%.",
7/23/2010 9:53 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive C: Optimization not required, current disk fragmentation is 1%.",
7/23/2010 9:47 AM,Info,Windows Temporary Files,Success,Tuneup,Fixed: 25,,"1,036 KB"
7/23/2010 9:47 AM,Info,Internet Explorer Temporary Files,Success,Tuneup,Fixed: 65,,"1,132 KB"
7/23/2010 1:50 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive D: Optimization not required, current disk fragmentation is 1%.",
7/23/2010 1:50 AM,Info,Disk Optimization,Success,Tuneup,No problems detected.,"Drive C: Optimization not required, current disk fragmentation is 1%.",
7/23/2010 1:37 AM,Info,Windows Temporary Files,Success,Tuneup,Fixed: 321,,49 MB
7/23/2010 1:36 AM,Info,Internet Explorer Temporary Files,Success,Tuneup,Fixed: 1106,,160 MB


Category: Backup
Date & Time,Risk,Activity,Status,Recommended Action,Action,Location,Media Type
7/26/2010 12:09 PM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
7/24/2010 10:42 PM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
7/24/2010 9:19 AM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
7/23/2010 10:48 AM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
7/23/2010 5:19 AM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
7/22/2010 9:34 PM,Info,Backup performed to E:,"Cancelled, Cancelled",None,Backup,E:,CD/DVD Drive
  • 0

#23
hammerman

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

FCopy::
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys | C:\Windows.old\Windows\System32\drivers\smb.sys
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys | C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Then...

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    smb.sys
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
  • 0

#24
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 04:58 on 28/07/2010 by Introfeel (Administrator - Elevation successful)

========== filefind ==========

Searching for "smb.sys"
C:\smb.sys --a--- 66560 bytes [13:18 26/07/2010] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04
C:\Windows.old.000\Windows\System32\drivers\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.000\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.001\Windows\System32\drivers\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old.001\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old\Windows\System32\drivers\smb.sys --a--- 66560 bytes [22:18 27/11/2009] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.20521_none_5df94bff13fca6fc\smb.sys --a--- 66048 bytes [01:18 04/04/2008] [01:18 04/04/2008] 46BAF398809A0F3B2D3300A1760E4B91
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6001.18000_none_5f6a9133f7f64138\smb.sys --a--- 66560 bytes [20:55 21/10/2008] [05:55 19/01/2008] 031E6BCD53C9B2B9ACE111EAFEC347B6
C:\Windows.old\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys --a--- 66560 bytes [22:18 27/11/2009] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04
C:\Windows\System32\drivers\smb.sys --a--- 66560 bytes [11:38 09/05/2010] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6000.16386_none_5d33cf37fb0b3064\smb.sys --a--- 66048 bytes [08:57 02/11/2006] [08:57 02/11/2006] AC0D90738ADB51A6FD12FF00874A2162
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6001.18000_none_5f6a9133f7f64138\smb.sys --a--- 66560 bytes [09:18 06/05/2010] [05:55 19/01/2008] 031E6BCD53C9B2B9ACE111EAFEC347B6
C:\Windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys ------ 66560 bytes [11:38 09/05/2010] [04:45 11/04/2009] 7B75299A4D201D6A6533603D6914AB04

-=End Of File=-
  • 0

#25
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Hello,

After I ran ComboFix my computer restarted and combofix restarted and said it was preparing a log, but it simply froze on my computer and didn't create the log. It deleted a file and folder something called system32/appdata I think. You know you really got your geek work cut out for you with my system crashing so much. Sorry if it's perplexing as I don't understand any of this. Anyway thanks for keeping on trying.

Shawn
  • 0

Advertisements


#26
hammerman

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi Shawn,

Can you please run Combofix again and post the log. There is no need to use the script this time.

Then, run another Norton scan and see if you get the same message about smb.sys. If you do, please post the Norton report.
  • 0

#27
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix 10-07-27.04 - Introfeel 07/28/2010 10:13:29.5.2 - x86
MicrosoftŽ Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.918 [GMT -5:00]
Running from: c:\users\Introfeel\Desktop\ComboFix.exe
AV: Norton Security Suite *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Suite *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Security Suite *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-28 )))))))))))))))))))))))))))))))
.

2010-07-28 15:22 . 2010-07-28 15:22 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2010-07-28 15:22 . 2010-07-28 15:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-28 15:22 . 2010-07-28 15:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-26 13:18 . 2009-04-11 04:45 66560 ----a-w- C:\smb.sys
2010-07-26 03:20 . 2010-06-18 14:24 223232 ----a-w- c:\windows\system32\hpmtp104.dll
2010-07-26 03:20 . 2010-06-18 14:25 326656 ----a-w- c:\windows\system32\hpmml104.dll
2010-07-26 03:20 . 2010-06-18 14:24 275968 ----a-w- c:\windows\system32\hpmja104.dll
2010-07-26 03:20 . 2010-06-18 14:35 179200 ----a-w- c:\windows\system32\hpcpn104.dll
2010-07-26 03:16 . 2010-07-26 03:16 -------- d-----w- C:\HP Universal Print Driver PostScript v5.1.0.1
2010-07-26 03:02 . 1998-10-29 21:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-07-25 23:32 . 2010-07-25 23:32 -------- d-----w- c:\program files\MSN Toolbar
2010-07-25 23:32 . 2010-07-25 23:32 -------- d-----w- c:\programdata\UAB
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\users\Introfeel\AppData\Local\PC_Drivers_Headquarters
2010-07-25 23:31 . 2010-07-25 23:32 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-07-25 23:31 . 2010-07-25 23:31 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-07-23 16:35 . 2010-07-24 17:44 -------- d-----w- c:\program files\Spyware Doctor
2010-07-22 22:23 . 2010-07-22 22:23 -------- d-----w- c:\program files\iPod
2010-07-22 21:55 . 2010-07-24 23:12 -------- d-----w- c:\users\Introfeel\AppData\Roaming\vlc
2010-07-21 22:11 . 2010-07-21 22:11 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Creative
2010-07-12 05:52 . 2010-07-12 05:52 -------- d-----w- c:\program files\IDI Magic
2010-07-12 01:12 . 2010-07-12 01:12 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CrashDumps
2010-07-10 11:29 . 2010-07-10 11:34 -------- d-----w- c:\program files\Cherry Red Casino
2010-07-07 11:56 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 09:32 . 2010-05-14 22:45 -------- d-----w- c:\users\Introfeel\AppData\Roaming\LimeWire
2010-07-26 03:47 . 2010-05-06 19:43 3072 ----a-w- c:\users\Introfeel\AppData\Roaming\wklnhst.dat
2010-07-26 03:17 . 2010-05-07 02:49 -------- d-----w- c:\users\Introfeel\AppData\Roaming\HpUpdate
2010-07-26 03:02 . 2010-05-15 23:30 -------- d-----w- c:\program files\Hewlett-Packard
2010-07-26 02:36 . 2010-05-15 23:22 126920 ----a-w- c:\windows\hppins01.dat
2010-07-22 23:05 . 2010-05-06 17:29 -------- d-----w- c:\programdata\Roxio
2010-07-22 22:24 . 2010-05-07 05:52 -------- d-----w- c:\program files\iTunes
2010-07-22 22:23 . 2010-05-07 05:45 -------- d-----w- c:\program files\Common Files\Apple
2010-07-22 22:19 . 2010-07-22 22:19 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-20 15:51 . 2010-05-08 14:50 1 ----a-w- c:\users\Introfeel\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-07-15 12:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-14 20:40 . 2010-06-26 20:51 -------- d-----w- c:\program files\Rushmore Casino
2010-07-12 05:51 . 2010-05-06 17:20 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-09 20:48 . 2010-05-06 08:15 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Skype
2010-07-09 16:12 . 2010-05-08 00:07 -------- d-----w- c:\users\Introfeel\AppData\Roaming\skypePM
2010-07-03 22:37 . 2010-05-06 17:37 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Roxio
2010-07-01 17:01 . 2010-05-07 02:47 -------- d-----w- c:\users\Introfeel\AppData\Roaming\HP
2010-06-27 21:15 . 2010-06-27 21:15 79367 ----a-w- c:\users\Introfeel\AppData\Roaming\Google\Google Talk\uninstall.exe
2010-06-27 01:18 . 2010-05-15 04:50 10134 ----a-r- c:\users\Introfeel\AppData\Roaming\Microsoft\Installer\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}\ARPPRODUCTICON.exe
2010-06-26 11:36 . 2010-06-26 11:36 -------- d-----w- c:\program files\Microsoft.NET
2010-06-19 02:59 . 2010-05-06 01:56 101496 ----a-w- c:\users\Introfeel\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-19 02:55 . 2010-05-07 05:54 -------- d-----w- c:\users\Introfeel\AppData\Roaming\Apple Computer
2010-06-19 02:54 . 2010-06-19 02:54 -------- d-----w- c:\program files\Bonjour
2010-06-18 14:24 . 2010-06-12 01:16 243200 ----a-w- c:\windows\system32\hpmpm081.dll
2010-06-18 14:24 . 2010-06-12 01:16 179200 ----a-w- c:\windows\system32\hpmpw081.dll
2010-06-18 14:24 . 2010-06-18 14:24 102912 ----a-w- c:\windows\system32\hpmco104.dll
2010-06-18 12:56 . 2010-06-18 12:55 -------- d-----w- c:\program files\GMATPrep
2010-06-18 12:55 . 2010-05-06 05:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-14 17:24 . 2010-05-08 03:39 -------- d-----w- c:\program files\Safari
2010-06-14 17:22 . 2010-06-14 17:22 71992 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-12 01:18 . 2010-06-12 01:18 -------- d-----w- c:\programdata\Hewlett-Packard
2010-06-11 21:51 . 2010-06-11 21:51 3055600 ----a-w- c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
2010-06-11 21:36 . 2010-06-11 21:36 275952 ----a-w- c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2010-06-04 21:46 . 2010-05-09 00:32 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-26 17:06 . 2010-06-11 11:23 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 11:23 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-18 21:35 . 2010-05-18 21:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:35 . 2010-05-18 21:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 17:32 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-05-09 01:19 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-05-09 01:19 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-05-08 23:57 . 2010-05-08 23:57 143976 ----a-w- c:\users\Introfeel\AppData\Roaming\Move Networks\uninstall.exe
2010-05-08 23:57 . 2009-10-15 00:50 5642688 ----a-w- c:\users\Introfeel\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
2010-05-08 03:52 . 2010-05-08 03:52 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-05-08 03:52 . 2010-05-08 03:52 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-05-08 03:52 . 2010-05-08 03:52 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-05-08 03:52 . 2010-05-08 03:52 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-05-08 03:52 . 2010-05-08 03:52 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-05-08 03:52 . 2010-05-08 03:52 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-05-08 02:53 . 2010-05-08 02:54 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-08 02:45 . 2010-05-08 02:45 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-05-08 00:07 . 2010-05-08 00:07 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-05-07 15:06 . 2010-05-07 15:06 4710 ----a-r- c:\users\Introfeel\AppData\Roaming\Microsoft\Installer\{DF6DA606-904D-4C18-823F-A4CFC3035E53}\ext.exe
2010-05-06 08:05 . 2010-05-06 08:05 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-05-06 07:57 . 2010-05-06 07:57 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2010-05-06 07:57 . 2010-05-06 07:57 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-05-06 07:57 . 2010-05-06 07:57 243712 ----a-w- c:\windows\system32\rastls.dll
2010-05-06 07:57 . 2010-05-06 07:57 355328 ----a-w- c:\windows\system32\WSDApi.dll
2010-05-06 07:56 . 2010-05-06 07:56 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-05-06 07:56 . 2010-05-06 07:56 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-05-06 07:56 . 2010-05-06 07:56 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-05-06 07:56 . 2010-05-06 07:56 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-05-06 07:56 . 2010-05-06 07:56 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-05-06 07:56 . 2010-05-06 07:56 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-05-06 07:56 . 2010-05-06 07:56 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-05-06 07:56 . 2010-05-06 07:56 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-05-06 07:56 . 2010-05-06 07:56 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-05-06 07:56 . 2010-05-06 07:56 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-05-06 06:35 . 2010-05-06 06:35 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-05-06 06:35 . 2010-05-06 06:35 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-05-06 06:35 . 2010-05-06 06:35 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-05-06 06:33 . 2010-05-06 06:33 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-05-06 06:32 . 2010-05-06 06:32 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-05-06 06:32 . 2010-05-06 06:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-05-06 06:32 . 2010-05-06 06:32 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-05-06 06:32 . 2010-05-06 06:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-05-06 05:26 . 2010-05-06 01:56 680 ----a-w- c:\users\Introfeel\AppData\Local\d3d9caps.dat
2010-05-06 04:50 . 2010-05-06 04:50 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-05-06 04:50 . 2010-05-06 04:50 23552 ----a-w- c:\windows\system32\lpk.dll
2010-05-06 04:50 . 2010-05-06 04:50 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-05-06 04:50 . 2010-05-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-05-06 04:50 . 2010-05-06 04:50 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-05-06 04:50 . 2010-05-06 04:50 272896 ----a-w- c:\windows\system32\polstore.dll
2010-05-06 04:49 . 2010-05-06 04:49 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-05-06 04:49 . 2010-05-06 04:49 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-05-06 04:47 . 2010-05-06 04:47 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-05-06 04:47 . 2010-05-06 04:47 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-05-06 04:47 . 2010-05-06 04:47 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-05-06 04:47 . 2010-05-06 04:47 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-05-06 04:47 . 2010-05-06 04:47 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-05-06 04:47 . 2010-05-06 04:47 17920 ----a-w- c:\windows\system32\netevent.dll
2010-05-06 04:47 . 2010-05-06 04:47 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-05-06 04:47 . 2010-05-06 04:47 105984 ----a-w- c:\windows\system32\netiohlp.dll
2010-05-06 04:47 . 2010-05-06 04:47 10240 ----a-w- c:\windows\system32\finger.exe
2010-05-06 04:46 . 2010-05-06 04:46 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2010-05-06 04:46 . 2010-05-06 04:46 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2010-05-06 04:46 . 2010-05-06 04:46 65024 ----a-w- c:\windows\system32\wlanapi.dll
2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot_2010-07-26_13.28.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-06 04:56 . 2010-07-28 09:31 44052 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-07-28 09:31 60848 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2010-07-28 12:03 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2010-07-26 13:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2010-07-28 12:03 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2010-07-26 13:12 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2010-07-26 13:12 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:02 . 2010-07-28 12:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-05-06 04:56 . 2010-07-28 09:31 9366 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-939453163-656404264-1916229718-1000_UserData.bin
- 2010-07-26 13:08 . 2010-07-26 13:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-28 09:29 . 2010-07-28 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-28 09:29 . 2010-07-28 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-07-26 13:08 . 2010-07-26 13:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-27 14:10 . 2010-07-27 14:10 200192 c:\windows\Installer\3ff2a.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"eFax 4.4"="c:\program files\eFax Messenger 4.4\J2GDllCmd.exe" [2008-10-07 95744]
"Google Update"="c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-05-08 136176]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"googletalk"="c:\users\Introfeel\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"V0270Mon.exe"="c:\windows\V0270Mon.exe" [2007-08-22 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-08 202256]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"TomcatStartup 2.5"="c:\program files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2007-05-19 741376]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

c:\users\Introfeel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
eFax 4.4.lnk - c:\program files\eFax Messenger 4.4\J2GTray.exe [2008-10-7 656896]
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808]
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):12,b1,8c,89,39,f1,ca,01

R2 AMPingService;AMPingService;c:\users\INTROF~1\AppData\Local\Temp\AMPing.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 HPPLSBULK;HPPLSBULK;c:\windows\system32\drivers\hpplsbulk.sys [2005-02-02 9344]
R3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100709.001\BHDrvx86.sys [2010-06-19 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100723.001\IDSvix86.sys [2010-05-28 344112]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\N360\0402000.00C\SYMTDIV.SYS [2010-05-06 339504]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-23 102448]
S3 VF0270Dev;Live! Cam Optia;c:\windows\system32\DRIVERS\V0270Dev.sys [2007-08-20 227488]
S3 VF0270Vfx;VF0270 Video FX;c:\windows\system32\DRIVERS\V0270VFx.sys [2007-03-05 7424]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-939453163-656404264-1916229718-1000Core.job
- c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-08 04:20]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-939453163-656404264-1916229718-1000UA.job
- c:\users\Introfeel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-08 04:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/?cid=NET_mmhpset
uInternet Settings,ProxyOverride = *.local
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.ap.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\users\Introfeel\AppData\Roaming\Mozilla\Firefox\Profiles\jq6w6nho.default\
FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Introfeel\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\Introfeel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 10:23
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

ˇ“|Ŕ"œ|Ŕ̝ [34783353] 0x005F0036
ˇ“|Ŕ"œ|Ŕ̝ [34783353] 0x002C0065
scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2636)
c:\program files\Norton Security Suite\Engine\4.2.0.12\buShell.dll
.
Completion time: 2010-07-28 10:29:57
ComboFix-quarantined-files.txt 2010-07-28 15:29
ComboFix2.txt 2010-07-26 13:35
ComboFix3.txt 2010-07-25 15:42
ComboFix4.txt 2010-07-24 17:12

Pre-Run: 351,089,012,736 bytes free
Post-Run: 351,048,740,864 bytes free

- - End Of File - - 1A951EA8885A84089BD48A7503C4AA01
  • 0

#28
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Category: Scan Results
Date & Time,Risk,Activity,Status,Task Name,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Virus,Cookie,Total Security Risks Resolved,Virus Resolved,Cookie Resolved,Total Security Risks Requiring Attention,Virus Unresolved
7/28/2010 1:57 PM,Info,Full System Scan results,Completed,Full System Scan,0:03:23:55,"1,838,620","1,828,521",320,"5,866","3,906",7,"8,527","47,451",29,4,25,28,3,25,1,1
7/28/2010 1:21 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:03:21,"7,117","1,266",214,"5,469",19,149,"1,036",0,0,,,0,,,0,
7/26/2010 10:17 PM,Info,Idle Full System Scan results,Completed,Idle Full System Scan,0:00:22:16,"289,399","279,306",328,"5,918","3,697",150,"9,253","369,023",4,2,2,2,,2,2,2
7/26/2010 11:53 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:15:58,"1,719,123","1,708,981",320,"5,951","3,864",7,"8,288","47,476",23,2,21,21,,21,2,2
7/26/2010 9:00 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:28,"6,397","1,135",214,"4,880",19,149,959,16,0,,,0,,,0,
7/24/2010 10:35 PM,Info,Full System Scan results,Completed,Full System Scan,0:03:21:11,"1,843,690","1,833,368",305,"6,196","3,814",7,"8,303","47,494",18,2,16,16,,16,2,2
7/24/2010 7:43 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:22,"6,896","1,255",208,"5,265",19,149,"1,078",9,0,,,0,,,0,
7/24/2010 9:05 AM,Info,Full System Scan results,Completed,Full System Scan,0:02:58:08,"1,537,075","1,527,175",326,"5,773","3,794",7,"8,155","91,069",6,2,4,4,,4,2,2
7/24/2010 6:25 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:58,"6,281","1,134",216,"4,759",23,149,956,10,0,,,0,,,0,
7/23/2010 9:47 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:28:06,"1,859,217","1,849,341",324,"5,783","3,762",7,"7,951","47,538",5,2,3,3,,3,2,2
7/23/2010 6:34 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:39,"6,172","1,126",215,"4,663",19,149,936,36,0,,,0,,,0,
7/23/2010 1:36 AM,Info,Full System Scan results,Completed,Full System Scan,0:04:01:00,"1,862,336","1,852,297",324,"5,894","3,814",7,"7,985","47,547",38,2,36,36,,36,2,2
7/22/2010 9:55 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:14,"6,446","1,178",215,"4,885",19,149,982,24,0,,,0,,,0,


Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:37 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 10:08 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 9:56 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 8:41 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 7:18 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 6:12 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 5:29 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/23/2010 6:23 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/22/2010 9:39 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action


Category: Unresolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:52 AM,High,smb.sys.vir (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.
7/26/2010 10:15 PM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.
7/26/2010 10:13 PM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.


Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action


Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Gateway Physical Address,Subnet Identifier,Category
7/28/2010 10:22 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/28/2010 10:13 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/28/2010 4:29 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/28/2010 4:29 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/28/2010 4:18 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/28/2010 4:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/28/2010 4:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/27/2010 9:05 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/27/2010 9:05 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/26/2010 8:28 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/26/2010 8:16 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/26/2010 8:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/26/2010 8:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 10:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 9:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 9:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:35 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:23 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 12:45 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:45 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 12:00 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:00 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 11:47 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 11:47 AM,Info,Connected to a protected network. (192.168.2.0/255.255.255.0),Protected,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 6:05 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 6:05 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 5:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 5:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:27 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:27 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:19 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:19 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:17 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:17 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:15 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:15 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 6:13 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 6:13 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:57 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,"Protecting your connection to a newly detected network on adapter \"Intel® 82562V-2 10/100 Network Connection\" (IP address: 192.168.2.2).",Detected,No Action Required,,,Firewall - Network and Connections
7/23/2010 5:41 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:41 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:27 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:27 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 11:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 11:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:24 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:24 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,


Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category,Program Name,Program Path,Default Action,Action Taken,Local Computer,Traffic Description
7/28/2010 4:30 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:28 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall rules were automatically created for ComboFix-Download.,Protected,No Action Required,,ComboFix-Download,C:\ComboFix\ComboFix-Download.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 49241","Outbound TCP, www-http"
7/28/2010 4:16 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/28/2010 4:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 10:21 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:17 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:10 AM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:10 AM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/27/2010 9:06 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 10:28 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 8:16 AM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 8:16 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/26/2010 8:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:59 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:31 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:22 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 PM,Info,Firewall rules were automatically created for Install.,Protected,No Action Required,,Install,C:\HP Universal Print Driver PostScript v5.1.0.1\Install.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:12 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 49650","Outbound TCP, https"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"fe80::6da9:5b79:ae5d:a12e%8, 64243","Outbound UDP, Port 3702"
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 64242","Outbound UDP, Port 427"
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 64241","Outbound UDP, Port 161"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 49646","Outbound TCP, www-http"
7/25/2010 10:03 PM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:03 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 9:42 PM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:32 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57450","Outbound TCP, https"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57449","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57448","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57447","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 214 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,You created firewall rules to manage how AMPing accesses your network resources.,Custom,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,User configured rules,"192.168.2.2, 57432","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 213 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,You created firewall rules to manage how AMPing accesses your network resources.,Custom,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 212 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 57430","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 211 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,You allowed MSI2140 to access your network resources.,Allowed,No Action Required,,MSI2140,C:\Users\Introfeel\AppData\Local\Temp\MSI2140.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57424","Outbound TCP, https"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 57422","Outbound TCP, www-http"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 209 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57421","Outbound TCP, www-http"
7/25/2010 6:31 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,You allowed InstallManager_BAB_BAB to access your network resources.,Allowed,No Action Required,,InstallManager_BAB_BAB,C:\Users\Introfeel\AppData\Local\Temp\InstallManager_BAB_BAB.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:29 PM,Info,You allowed MSI55 to access your network resources.,Allowed,No Action Required,,MSI55,C:\Users\Introfeel\AppData\Local\Temp\MSI55.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 11:55 AM,Info,Firewall rules were automatically created for iTunes.,Protected,No Action Required,,iTunes,C:\Program Files\iTunes\iTunes.exe,No Action Required,Automatically create rules,"0.0.0.0, 3689","Inbound TCP, Port 3689"
7/25/2010 10:36 AM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:36 AM,Info,Firewall rules were automatically created for IP Configuration Utility.,Protected,No Action Required,,IP Configuration Utility,C:\Windows\System32\ipconfig.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,Firewall rules were automatically created for ComboFix-Download.,Protected,No Action Required,,ComboFix-Download,C:\ComboFix\ComboFix-Download.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 55793","Outbound TCP, www-http"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 4:44 PM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 4:44 PM,Info,Firewall has been enabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:45 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:43 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:00 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:59 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,Firewall has been disabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 7:29 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall rules were automatically created for Services and Controller app.,Protected,No Action Required,,Services and Controller app,C:\Windows\System32\services.exe,No Action Required,Automatically create rules,"0.0.0.0, 49158","Inbound TCP, Port 49158"
7/24/2010 5:12 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 5:12 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 5:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 49342","Outbound TCP, www-http"
7/23/2010 11:50 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:49 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:49 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49320","Outbound TCP, https"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:43 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 49308","Outbound TCP, www-http"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 201 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 200 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49289","Outbound TCP, www-http"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 199 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,You allowed sdsetup_aff[1] to access your network resources.,Allowed,No Action Required,,sdsetup_aff[1],C:\Users\Introfeel\AppData\Local\Temp\is-S2AM5.tmp\sdsetup_aff[1].tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 49286","Outbound TCP, www-http"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 197 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:28 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:12 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:05 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 8:40 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 6:14 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:55 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:52 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 49189","Outbound TCP, www-http"
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 5:41 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:38 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall rules were automatically created for Macrovision FLEXnet Connect Agent.,Protected,No Action Required,,Macrovision FLEXnet Connect Agent,C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe,No Action Required,Automatically create rules,"192.168.2.2, 49239","Outbound TCP, www-http"
7/22/2010 5:28 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 4:55 PM,Info,Firewall rules were automatically created for an application.,Protected,No Action Required,,,C:\Program Files\VideoLAN\VLC\vlc.exe,No Action Required,Automatically create rules,"127.0.0.1, 50403","Inbound TCP, Port 50403"
7/22/2010 11:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 6:19 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 10:56 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49611","Inbound TCP, Port 49611"
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49608","Inbound TCP, Port 49608"


Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,Category
7/28/2010 10:33 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 10:33 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100726.001,Detected,No Action Required,Intrusion Prevention
7/28/2010 10:33 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:17 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention


Category: Download Insight
Date & Time,Risk,Activity,Status
7/25/2010 10:15 PM,Info,Download Insight analyzed upd-5101-ps_winxp_vista[1].exe,Access allowed
7/25/2010 10:02 PM,Info,Download Insight analyzed dlm.exe,Access allowed
7/25/2010 7:40 PM,Info,Download Insight analyzed SystemLook.exe,Access allowed
7/25/2010 6:49 PM,Info,Download Insight analyzed DriverInstaller_DD.exe,Access allowed
7/25/2010 6:28 PM,Info,Download Insight analyzed DriverInstaller_DD[1].exe,Access allowed
7/24/2010 11:39 AM,Info,Download Insight analyzed ComboFix.exe,Access allowed
7/23/2010 3:57 PM,Info,Download Insight analyzed OTL.exe,Access allowed
7/23/2010 11:35 AM,Info,Download Insight analyzed sdsetup_aff[1].exe,Access allowed


Category: AntiSpam
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:33 AM,Info,Updating AntiSpam definitions,Detected,No action required
7/22/2010 9:34 PM,Info,Updating AntiSpam definitions,Detected,No action required


Category: Identity
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 11:38 AM,Info,Using Antiphishing definitions version 20100728.005,Detected,No Action Required
7/28/2010 10:33 AM,Info,Antiphishing definitions version 20100728.005 downloaded,Detected,No Action Required
7/26/2010 9:08 AM,Info,Using Antiphishing definitions version 20100726.004,Detected,No Action Required
7/26/2010 8:37 AM,Info,Antiphishing definitions version 20100726.004 downloaded,Detected,No Action Required
7/24/2010 8:19 PM,Info,Using Antiphishing definitions version 20100724.008,Detected,No Action Required
7/24/2010 7:14 PM,Info,Antiphishing definitions version 20100724.008 downloaded,Detected,No Action Required
7/24/2010 6:29 AM,Info,Using Antiphishing definitions version 20100724.003,Detected,No Action Required
7/24/2010 5:24 AM,Info,Antiphishing definitions version 20100724.003 downloaded,Detected,No Action Required
7/22/2010 10:39 PM,Info,Using Antiphishing definitions version 20100723.001,Detected,No Action Required
7/22/2010 9:34 PM,Info,Antiphishing definitions version 20100723.001 downloaded,Detected,No Action Required


Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details,Detailed Status
7/28/2010 12:18 PM,Info,Sample Submission: gdsmux.exe,Submitted,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Sample Submission: gdsmux.exe,"CSIDL_SYSTEM_DRIVE\windows.old\program files\haali\matroskasplitter\gdsmux.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:15 GMT Product:Norton 360 4.2.0.12",
7/28/2010 11:59 AM,Info,Sample Submission: Adobe Media Player.exe,Submitted,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Sample Submission: Adobe Media Player.exe,"CSIDL_SYSTEM_DRIVE\windows.old\program files\adobe media player\adobe media player.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:12 GMT Product:Norton 360 4.2.0.12",
7/28/2010 11:19 AM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Norton Community Watch Feedback,"Signature ID: DLLMM Signature Set Version: 20100726.001 Application Name: C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annots.api Date Detected: Wed, 28 Jul 2010 16:19:26 GMT Application File Checksum: AA4BECF56873EF3956952619C3DAD711 Application File Information: 9.3.3.177 Flags: 0x00000000 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:10 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:54 AM,Info,Statistical Submission: Trojan Horse,Waiting,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Statistical Submission: Trojan Horse,"gogol\phonbook.class Detection Digest: 03 00 EA AF 01 01 01 02 00 41 A4 7D 3F FE FB 6A .........A.}?..j 00 A8 21 1A 3D 6B EC 34 27 00 00 00 00 2A 56 49 ..!.=k.4'....*VI B0 00 00 00 00 FD 24 00 00 94 04 8E 7E 04 03 00 ......$.....~... 04 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:20:44 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:54 AM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Wednesday, July 28, 2010 1:20 PM",Norton Security Suite,Statistical Submission: Trojan Horse,"gogol\familie.class Detection Digest: 03 00 EA AF 01 01 01 02 00 A7 25 08 B6 98 5F 6A ..........%..._j 64 12 93 1A B6 AE 0D 6A BB 00 00 00 00 2F 17 16 d......j...../.. 80 00 00 00 00 F5 22 00 00 F3 9D D7 A9 04 03 00 ......\"......... 02 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:54 GMT Product:Norton 360 4.2.0.12",
7/28/2010 10:52 AM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Waiting,No Action Required,"Wednesday, July 28, 2010 1:19 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\qoobox\quarantine\c\windows.old\windows\system32\drivers\smb.sys.vir Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:32 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:06 AM,Info,IPS Detection Statistical Submission,Waiting,No Action Required,"Wednesday, July 28, 2010 1:19 PM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 51388 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\COMBOFIX\COMBOFIX-DOWNLOAD.CFXXE Offending URL: download.bleepingcomputer.com/sUBs/ComboFix.exe Date Detected: Wed, 28 Jul 2010 15:06:37 GMT Application File Checksum: CE222401FC3C1BC17E70BCFFF25507F3 Network Data: 434D50520014000078DAEDCBCD0A82401405E0331911549B821641AFA0CF603A618B8AFCD9D842328710D4912CF2F11B827A8296E783CBB917EE39F89E3B1C012B00162084C981996F2ECFC078662E318579C31A0B84F294C828CE02E9FA32CC82631417FAD554FA52D879A5545B36B7ABAEDBE743DD6DB340589FEE1C935F3709774E976C3AC7D375AEB7656FAB5EED53101111111111111111D1FFBC01F7F61E2D Sub-signature ID: 68872 Remote Address: 208.43.120.24 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:10 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/26/2010 10:15 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Tuesday, July 27, 2010 9:16 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Tue, 27 Jul 2010 14:16:56 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, July 28, 2010 6:09 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:29 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:26 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:18:11 GMT Product:Norton 360 4.2.0.12",
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:17:52 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:21 AM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Sunday, July 25, 2010 11:17 AM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 55795 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\COMBOFIX\COMBOFIX-DOWNLOAD.CFXXE Offending URL: download.bleepingcomputer.com/sUBs/ComboFix.exe Date Detected: Sun, 25 Jul 2010 15:21:53 GMT Application File Checksum: CE222401FC3C1BC17E70BCFFF25507F3 Network Data: 434D50520014000078DAEDCBCD0A82401405E0331911549B821641AFA0CF603A618B8AFCD9D842328710D4912CF2F11B827A8296E783CBB917EE39F89E3B1C012B00162084C981996F2ECFC078662E318579C31A0B84F294C828CE02E9FA32CC82631417FAD554FA52D879A5545B36B7ABAEDBE743DD6DB340589FEE1C935F3709774E976C3AC7D375AEB7656FAB5EED53101111111111111111D1FFBC01F7F61E2D Sub-signature ID: 68872 Remote Address: 208.43.120.24 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 16:17:11 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:12 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:25:09 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:11 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:55 GMT Product:Norton 360 4.2.0.12",
7/24/2010 9:36 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Sunday, July 25, 2010 4:25 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:33 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:23 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:18 GMT Product:Norton 360 4.2.0.12",
7/23/2010 8:45 AM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 5:47 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 15:38:23 GMT Product:Norton 360 4.2.0.12",
7/22/2010 11:38 PM,Info,Sample Submission: pcdrtouchscrn.p5x,Submitted,No Action Required,"Friday, July 23, 2010 1:38 AM",Norton Security Suite,Sample Submission: pcdrtouchscrn.p5x,"CSIDL_SYSTEM_DRIVE\windows.old\program files\dell support center\hwdiag\bin\pcdrtouchscrn.p5x OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 06:38:13 GMT Product:Norton 360 4.2.0.12",


Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction,Terminal Session
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,4204,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\HANDLE.CFXXE,5052,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,4924,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,2756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,5484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,6072,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PEV.CFXXE,4272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,200,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,3968,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,3092,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:26 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:26 AM",C:\COMBOFIX\PV.CFXXE,1076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4656,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,2320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,1264,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4044,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,4432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,2476,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\SWREG.CFXXE,5664,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\HANDLE.CFXXE,5516,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,5608,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4908,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4960,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,2184,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,2524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,4588,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,6108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,3972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,2368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5632,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,4260,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,6064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5608,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4424,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3168,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4264,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.EXE,3960,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4060,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4060,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5004,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3360,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:18 AM",C:\COMBOFIX\PEV.CFXXE,3360,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:18 AM",C:\COMBOFIX\PEV.CFXXE,4872,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.EXE,5420,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.CFXXE,3788,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.EXE,220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:15 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:15 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4824,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\HANDLE.CFXXE,4676,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4600,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4732,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\HANDLE.CFXXE,3548,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3868,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5616,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,5876,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,6056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PEV.CFXXE,5440,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PEV.CFXXE,6132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5648,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5804,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,4872,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,2000,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5396,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\HANDLE.CFXXE,4240,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.CFXXE,3992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,1832,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,4480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,5920,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,5108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,5108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,3616,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5212,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\IEXPLORE.EXE,3144,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\CF26551.CFXXE,2776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,6132,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5192,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,3512,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,4972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,5368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,4496,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5408,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5268,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5176,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,2976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,2800,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,3812,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PEV.EXE,4888,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PEV.EXE,4888,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5684,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\HANDLE.CFXXE,4124,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.CFXXE,4436,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,4220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,3812,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,5208,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,3132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,3132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5820,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\PEV.EXE,5256,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\IEXPLORE.EXE,3596,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:40 AM",C:\COMBOFIX\PV.CFXXE,2768,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Resume Thread),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\CF26226.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,5756,Resume Thread,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\PV.CFXXE,4488,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\PV.CFXXE,5352,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:36 AM,Medium,Unauthorized access blocked (Terminate Process),Blocked,No Action Required,"Wednesday, July 28, 2010 4:36 AM",C:\WINDOWS\SYSTEM32\SVCHOST.EXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,6132,Terminate Process,Unauthorized access blocked,
7/28/2010 4:35 AM,Medium,Unauthorized access blocked (Terminate Process),Blocked,No Action Required,"Wednesday, July 28, 2010 4:35 AM",C:\WINDOWS\SYSTEM32\SVCHOST.EXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,5756,Terminate Process,Unauthorized access blocked,
7/28/2010 4:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:35 AM",C:\COMBOFIX\PV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:31 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Wednesday, July 28, 2010 4:31 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2804,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/28/2010 4:30 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:30 AM",C:\COMBOFIX\PV.CFXXE,3928,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PEV.CFXXE,952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,3456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,5448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,4076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,5024,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PV.CFXXE,5624,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PV.CFXXE,4336,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5580,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\SWREG.CFXXE,2836,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\HANDLE.CFXXE,5192,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4452,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5764,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,6136,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,2184,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,3120,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4628,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,2536,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4404,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4804,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5344,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,5296,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,5480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,1752,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,4392,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5416,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5276,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5392,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5332,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5552,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,468,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2376,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2512,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.EXE,5404,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2704,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2704,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4384,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,5288,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,2932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,5488,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:22 AM",C:\COMBOFIX\PEV.EXE,5728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,2676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.EXE,3552,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,956,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5380,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5844,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5648,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\HANDLE.CFXXE,6044,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,1380,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,4932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PV.CFXXE,5564,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\HANDLE.CFXXE,5456,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,5984,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PV.CFXXE,5364,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,284,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,3932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,5032,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,5668,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,4036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,2700,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,4672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,3316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,5056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,2896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,5980,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,5388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PEV.EXE,3524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PEV.EXE,3524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5564,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,5084,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,744,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,3400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,5784,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,4896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,4548,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,4312,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,4312,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,4604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,5212,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5872,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:09 AM,Medium,Unauthorized access blocked (Create Registry
  • 0

#29
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
This virus had been showing up twice in the scans, but now it is only showing up once in the scan and it says that one of them has been quarantined. That's progress. Now how do we get rid of the other one even though it appears to be the exact same virus.
  • 0

#30
Introfeel

Introfeel

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Category: Scan Results
Date & Time,Risk,Activity,Status,Task Name,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Virus,Cookie,Total Security Risks Resolved,Virus Resolved,Cookie Resolved,Total Security Risks Requiring Attention,Virus Unresolved
7/28/2010 1:57 PM,Info,Full System Scan results,Completed,Full System Scan,0:03:23:55,"1,838,620","1,828,521",320,"5,866","3,906",7,"8,527","47,451",29,4,25,28,3,25,1,1
7/28/2010 1:21 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:03:21,"7,117","1,266",214,"5,469",19,149,"1,036",0,0,,,0,,,0,
7/26/2010 10:17 PM,Info,Idle Full System Scan results,Completed,Idle Full System Scan,0:00:22:16,"289,399","279,306",328,"5,918","3,697",150,"9,253","369,023",4,2,2,2,,2,2,2
7/26/2010 11:53 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:15:58,"1,719,123","1,708,981",320,"5,951","3,864",7,"8,288","47,476",23,2,21,21,,21,2,2
7/26/2010 9:00 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:28,"6,397","1,135",214,"4,880",19,149,959,16,0,,,0,,,0,
7/24/2010 10:35 PM,Info,Full System Scan results,Completed,Full System Scan,0:03:21:11,"1,843,690","1,833,368",305,"6,196","3,814",7,"8,303","47,494",18,2,16,16,,16,2,2
7/24/2010 7:43 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:22,"6,896","1,255",208,"5,265",19,149,"1,078",9,0,,,0,,,0,
7/24/2010 9:05 AM,Info,Full System Scan results,Completed,Full System Scan,0:02:58:08,"1,537,075","1,527,175",326,"5,773","3,794",7,"8,155","91,069",6,2,4,4,,4,2,2
7/24/2010 6:25 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:58,"6,281","1,134",216,"4,759",23,149,956,10,0,,,0,,,0,
7/23/2010 9:47 AM,Info,Full System Scan results,Completed,Full System Scan,0:03:28:06,"1,859,217","1,849,341",324,"5,783","3,762",7,"7,951","47,538",5,2,3,3,,3,2,2
7/23/2010 6:34 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:39,"6,172","1,126",215,"4,663",19,149,936,36,0,,,0,,,0,
7/23/2010 1:36 AM,Info,Full System Scan results,Completed,Full System Scan,0:04:01:00,"1,862,336","1,852,297",324,"5,894","3,814",7,"7,985","47,547",38,2,36,36,,36,2,2
7/22/2010 9:55 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:02:14,"6,446","1,178",215,"4,885",19,149,982,24,0,,,0,,,0,


Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:37 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 10:08 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 9:56 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/26/2010 8:41 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 7:18 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 6:12 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/24/2010 5:29 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/23/2010 6:23 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
7/22/2010 9:39 PM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action


Category: Unresolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:52 AM,High,smb.sys.vir (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.
7/26/2010 10:15 PM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.
7/26/2010 10:13 PM,High,smb.sys (Backdoor.Tidserv!inf) detected by Virus scanner,Manual Removal Required,Review risk details on Symantec Web site.


Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action
7/28/2010 10:54 AM,High,Trojan Horse detected by Virus scanner,Quarantined,Resolved - No Action


Category: Firewall - Network and Connections
Date & Time,Risk,Activity,Status,Recommended Action,Gateway Physical Address,Subnet Identifier,Category
7/28/2010 10:22 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/28/2010 10:13 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/28/2010 4:29 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/28/2010 4:29 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/28/2010 4:18 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/28/2010 4:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/28/2010 4:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/27/2010 9:05 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/27/2010 9:05 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/26/2010 8:28 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/26/2010 8:16 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/26/2010 8:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/26/2010 8:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 10:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 9:31 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/25/2010 9:31 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:35 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/25/2010 10:23 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 12:45 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:45 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 12:00 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 12:00 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 11:47 AM,Info,Connected to a shared network. (192.168.2.0/255.255.255.0),Shared,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 11:47 AM,Info,Connected to a protected network. (192.168.2.0/255.255.255.0),Protected,No Action Required,,192.168.2.0/255.255.255.0,
7/24/2010 6:05 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 6:05 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/24/2010 5:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/24/2010 5:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:27 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:27 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:19 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:19 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:17 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:17 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:15 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:15 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 11:07 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 11:07 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 6:13 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 6:13 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:57 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/23/2010 5:57 AM,Info,"Protecting your connection to a newly detected network on adapter \"Intel® 82562V-2 10/100 Network Connection\" (IP address: 192.168.2.2).",Detected,No Action Required,,,Firewall - Network and Connections
7/23/2010 5:41 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/23/2010 5:41 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:27 PM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:27 PM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 11:09 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 11:09 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,
7/22/2010 5:24 AM,Info,Connected to a protected network. (127.0.0.0/255.0.0.0),Protected,No Action Required,,127.0.0.0/255.0.0.0,
7/22/2010 5:24 AM,Info,Connected to a shared network. (00 1C DF 21 40 0B),Shared,No Action Required,00 1C DF 21 40 0B,,


Category: Firewall - Activities
Date & Time,Risk,Activity,Status,Recommended Action,Category,Program Name,Program Path,Default Action,Action Taken,Local Computer,Traffic Description
7/28/2010 4:30 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:28 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall rules were automatically created for ComboFix-Download.,Protected,No Action Required,,ComboFix-Download,C:\ComboFix\ComboFix-Download.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 49241","Outbound TCP, www-http"
7/28/2010 4:16 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/28/2010 4:16 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/28/2010 4:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 10:21 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:17 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:10 AM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/27/2010 9:10 AM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/27/2010 9:06 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 10:28 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 8:16 AM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/26/2010 8:16 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/26/2010 8:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:59 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:31 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:22 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 PM,Info,Firewall rules were automatically created for Install.,Protected,No Action Required,,Install,C:\HP Universal Print Driver PostScript v5.1.0.1\Install.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:14 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:12 PM,Info,You allowed HPISPrinterUtil to access your network resources.,Allowed,No Action Required,,HPISPrinterUtil,C:\Users\Introfeel\AppData\Local\Temp\Low\HPSDD\HPISPrinterUtil.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 49650","Outbound TCP, https"
7/25/2010 10:09 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:09 PM,Info,Firewall rules were automatically created for Task Scheduler Engine.,Protected,No Action Required,,Task Scheduler Engine,C:\Windows\System32\taskeng.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"fe80::6da9:5b79:ae5d:a12e%8, 64243","Outbound UDP, Port 3702"
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 64242","Outbound UDP, Port 427"
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 64241","Outbound UDP, Port 161"
7/25/2010 10:04 PM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:04 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 49646","Outbound TCP, www-http"
7/25/2010 10:03 PM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:03 PM,Info,You created firewall rules to manage how hpjdwnld accesses your network resources.,Custom,No Action Required,,hpjdwnld,C:\Program Files\Hewlett-Packard\HP Download Manager\hpjdwnld.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 9:42 PM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:32 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 9:29 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57450","Outbound TCP, https"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57449","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57448","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 57447","Outbound TCP, www-http"
7/25/2010 6:34 PM,Info,Firewall rules were automatically created for MSNŽ Toolbar.,Protected,No Action Required,,MSNŽ Toolbar,C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 214 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,You created firewall rules to manage how AMPing accesses your network resources.,Custom,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,User configured rules,"192.168.2.2, 57432","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 213 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,You created firewall rules to manage how AMPing accesses your network resources.,Custom,No Action Required,,AMPing,C:\Users\Introfeel\AppData\Local\Temp\AMPing.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 212 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 57430","Outbound TCP, www-http"
7/25/2010 6:33 PM,Info,Firewall configuration updated: 211 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:33 PM,Info,Firewall rules were automatically created for Microsoft SeaPort Search Enhancement Broker.,Protected,No Action Required,,Microsoft SeaPort Search Enhancement Broker,C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,You allowed MSI2140 to access your network resources.,Allowed,No Action Required,,MSI2140,C:\Users\Introfeel\AppData\Local\Temp\MSI2140.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57424","Outbound TCP, https"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 210 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 57422","Outbound TCP, www-http"
7/25/2010 6:32 PM,Info,Firewall configuration updated: 209 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,Firewall configuration updated: 208 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:32 PM,Info,You created firewall rules to manage how WLLoginProxy accesses your network resources.,Custom,No Action Required,,WLLoginProxy,C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 57421","Outbound TCP, www-http"
7/25/2010 6:31 PM,Info,Firewall configuration updated: 207 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 6:31 PM,Info,Firewall rules were automatically created for Driver Detective.,Protected,No Action Required,,Driver Detective,C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:31 PM,Info,You allowed InstallManager_BAB_BAB to access your network resources.,Allowed,No Action Required,,InstallManager_BAB_BAB,C:\Users\Introfeel\AppData\Local\Temp\InstallManager_BAB_BAB.exe,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 6:29 PM,Info,You allowed MSI55 to access your network resources.,Allowed,No Action Required,,MSI55,C:\Users\Introfeel\AppData\Local\Temp\MSI55.tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 11:55 AM,Info,Firewall rules were automatically created for iTunes.,Protected,No Action Required,,iTunes,C:\Program Files\iTunes\iTunes.exe,No Action Required,Automatically create rules,"0.0.0.0, 3689","Inbound TCP, Port 3689"
7/25/2010 10:36 AM,Info,Firewall configuration updated: 206 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:36 AM,Info,Firewall rules were automatically created for IP Configuration Utility.,Protected,No Action Required,,IP Configuration Utility,C:\Windows\System32\ipconfig.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 205 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,Firewall rules were automatically created for ComboFix-Download.,Protected,No Action Required,,ComboFix-Download,C:\ComboFix\ComboFix-Download.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 55793","Outbound TCP, www-http"
7/25/2010 10:21 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/25/2010 10:21 AM,Info,Firewall rules were automatically created for PING.,Protected,No Action Required,,PING,C:\ComboFix\PING.cfxxe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 4:44 PM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 4:44 PM,Info,Firewall has been enabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:45 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:43 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 12:00 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:59 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,"Firewall setting \"Firewall Enable\" changed.",Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 11:44 AM,Info,Firewall has been disabled. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 7:29 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 6:05 AM,Info,Firewall rules were automatically created for Services and Controller app.,Protected,No Action Required,,Services and Controller app,C:\Windows\System32\services.exe,No Action Required,Automatically create rules,"0.0.0.0, 49158","Inbound TCP, Port 49158"
7/24/2010 5:12 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/24/2010 5:12 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/24/2010 5:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,Firewall configuration updated: 204 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 49342","Outbound TCP, www-http"
7/23/2010 11:50 AM,Info,Firewall configuration updated: 203 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:50 AM,Info,You created firewall rules to manage how PCTBDUpdate accesses your network resources.,Custom,No Action Required,,PCTBDUpdate,C:\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:49 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:49 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49320","Outbound TCP, https"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 202 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:43 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 49308","Outbound TCP, www-http"
7/23/2010 11:43 AM,Info,Firewall configuration updated: 201 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how PCTCFFix accesses your network resources.,Custom,No Action Required,,PCTCFFix,C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFFix.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 200 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 49289","Outbound TCP, www-http"
7/23/2010 11:42 AM,Info,Firewall configuration updated: 199 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:42 AM,Info,You created firewall rules to manage how pctsSvc accesses your network resources.,Custom,No Action Required,,pctsSvc,C:\Program Files\Spyware Doctor\pctsSvc.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,You allowed sdsetup_aff[1] to access your network resources.,Allowed,No Action Required,,sdsetup_aff[1],C:\Users\Introfeel\AppData\Local\Temp\is-S2AM5.tmp\sdsetup_aff[1].tmp,No Action Required,Allow,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 49286","Outbound TCP, www-http"
7/23/2010 11:36 AM,Info,Firewall configuration updated: 197 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:36 AM,Info,You created firewall rules to manage how Update accesses your network resources.,Custom,No Action Required,,Update,C:\Program Files\Spyware Doctor\Update.exe,No Action Required,User configured rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 11:28 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:15 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:12 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:08 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 11:05 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 8:40 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 6:14 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:55 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:52 AM,Info,Firewall configuration updated: 196 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 49189","Outbound TCP, www-http"
7/23/2010 5:43 AM,Info,Firewall rules were automatically created for Windows Media Player.,Protected,No Action Required,,Windows Media Player,C:\Program Files\Windows Media Player\wmplayer.exe,No Action Required,Automatically create rules,"192.168.2.2, 0","Outbound UDP, Port 53"
7/23/2010 5:41 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/23/2010 5:38 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall configuration updated: 198 rules.,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:59 PM,Info,Firewall rules were automatically created for Macrovision FLEXnet Connect Agent.,Protected,No Action Required,,Macrovision FLEXnet Connect Agent,C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe,No Action Required,Automatically create rules,"192.168.2.2, 49239","Outbound TCP, www-http"
7/22/2010 5:28 PM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 4:55 PM,Info,Firewall rules were automatically created for an application.,Protected,No Action Required,,,C:\Program Files\VideoLAN\VLC\vlc.exe,No Action Required,Automatically create rules,"127.0.0.1, 50403","Inbound TCP, Port 50403"
7/22/2010 11:09 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 6:19 AM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/22/2010 5:25 AM,Info,User logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 10:56 PM,Info,No user is logged in. ,Detected,No Action Required,Firewall - Activities,,,,,,
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49611","Inbound TCP, Port 49611"
7/21/2010 3:53 PM,Info,Firewall rules were automatically created for BrowserPlusCore.,Protected,No Action Required,,BrowserPlusCore,C:\Users\Introfeel\AppData\Local\Yahoo!\BrowserPlus\2.9.2\BrowserPlusService.exe,No Action Required,Automatically create rules,"127.0.0.1, 49608","Inbound TCP, Port 49608"


Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,Category
7/28/2010 10:33 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 10:33 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100726.001,Detected,No Action Required,Intrusion Prevention
7/28/2010 10:33 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:29 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/28/2010 4:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/27/2010 9:05 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/26/2010 8:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 10:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/25/2010 9:31 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:45 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 12:00 PM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 6:05 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100723.001,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1261 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/24/2010 5:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:27 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:17 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:15 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 11:07 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100721.003,Detected,No Action Required,Intrusion Prevention
7/23/2010 6:18 AM,Info,Intrusion Prevention is monitoring 1262 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:57 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/23/2010 5:41 AM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100720.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 9:34 PM,Info,Intrusion Prevention is monitoring 1255 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:27 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 11:09 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100702.001,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention
7/22/2010 5:24 AM,Info,Intrusion Prevention is monitoring 1248 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention


Category: Download Insight
Date & Time,Risk,Activity,Status
7/25/2010 10:15 PM,Info,Download Insight analyzed upd-5101-ps_winxp_vista[1].exe,Access allowed
7/25/2010 10:02 PM,Info,Download Insight analyzed dlm.exe,Access allowed
7/25/2010 7:40 PM,Info,Download Insight analyzed SystemLook.exe,Access allowed
7/25/2010 6:49 PM,Info,Download Insight analyzed DriverInstaller_DD.exe,Access allowed
7/25/2010 6:28 PM,Info,Download Insight analyzed DriverInstaller_DD[1].exe,Access allowed
7/24/2010 11:39 AM,Info,Download Insight analyzed ComboFix.exe,Access allowed
7/23/2010 3:57 PM,Info,Download Insight analyzed OTL.exe,Access allowed
7/23/2010 11:35 AM,Info,Download Insight analyzed sdsetup_aff[1].exe,Access allowed


Category: AntiSpam
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 10:33 AM,Info,Updating AntiSpam definitions,Detected,No action required
7/22/2010 9:34 PM,Info,Updating AntiSpam definitions,Detected,No action required


Category: Identity
Date & Time,Risk,Activity,Status,Recommended Action
7/28/2010 11:38 AM,Info,Using Antiphishing definitions version 20100728.005,Detected,No Action Required
7/28/2010 10:33 AM,Info,Antiphishing definitions version 20100728.005 downloaded,Detected,No Action Required
7/26/2010 9:08 AM,Info,Using Antiphishing definitions version 20100726.004,Detected,No Action Required
7/26/2010 8:37 AM,Info,Antiphishing definitions version 20100726.004 downloaded,Detected,No Action Required
7/24/2010 8:19 PM,Info,Using Antiphishing definitions version 20100724.008,Detected,No Action Required
7/24/2010 7:14 PM,Info,Antiphishing definitions version 20100724.008 downloaded,Detected,No Action Required
7/24/2010 6:29 AM,Info,Using Antiphishing definitions version 20100724.003,Detected,No Action Required
7/24/2010 5:24 AM,Info,Antiphishing definitions version 20100724.003 downloaded,Detected,No Action Required
7/22/2010 10:39 PM,Info,Using Antiphishing definitions version 20100723.001,Detected,No Action Required
7/22/2010 9:34 PM,Info,Antiphishing definitions version 20100723.001 downloaded,Detected,No Action Required


Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Submitted By,Description,Submission Details,Detailed Status
7/28/2010 12:18 PM,Info,Sample Submission: gdsmux.exe,Submitted,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Sample Submission: gdsmux.exe,"CSIDL_SYSTEM_DRIVE\windows.old\program files\haali\matroskasplitter\gdsmux.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:15 GMT Product:Norton 360 4.2.0.12",
7/28/2010 11:59 AM,Info,Sample Submission: Adobe Media Player.exe,Submitted,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Sample Submission: Adobe Media Player.exe,"CSIDL_SYSTEM_DRIVE\windows.old\program files\adobe media player\adobe media player.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:12 GMT Product:Norton 360 4.2.0.12",
7/28/2010 11:19 AM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Norton Community Watch Feedback,"Signature ID: DLLMM Signature Set Version: 20100726.001 Application Name: C:\Program Files\Adobe\Reader 9.0\Reader\plug_ins\Annots.api Date Detected: Wed, 28 Jul 2010 16:19:26 GMT Application File Checksum: AA4BECF56873EF3956952619C3DAD711 Application File Information: 9.3.3.177 Flags: 0x00000000 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:21:10 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:54 AM,Info,Statistical Submission: Trojan Horse,Waiting,No Action Required,"Wednesday, July 28, 2010 1:21 PM",Norton Security Suite,Statistical Submission: Trojan Horse,"gogol\phonbook.class Detection Digest: 03 00 EA AF 01 01 01 02 00 41 A4 7D 3F FE FB 6A .........A.}?..j 00 A8 21 1A 3D 6B EC 34 27 00 00 00 00 2A 56 49 ..!.=k.4'....*VI B0 00 00 00 00 FD 24 00 00 94 04 8E 7E 04 03 00 ......$.....~... 04 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:20:44 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:54 AM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Wednesday, July 28, 2010 1:20 PM",Norton Security Suite,Statistical Submission: Trojan Horse,"gogol\familie.class Detection Digest: 03 00 EA AF 01 01 01 02 00 A7 25 08 B6 98 5F 6A ..........%..._j 64 12 93 1A B6 AE 0D 6A BB 00 00 00 00 2F 17 16 d......j...../.. 80 00 00 00 00 F5 22 00 00 F3 9D D7 A9 04 03 00 ......\"......... 02 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:54 GMT Product:Norton 360 4.2.0.12",
7/28/2010 10:52 AM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Waiting,No Action Required,"Wednesday, July 28, 2010 1:19 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\qoobox\quarantine\c\windows.old\windows\system32\drivers\smb.sys.vir Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:32 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/28/2010 10:06 AM,Info,IPS Detection Statistical Submission,Waiting,No Action Required,"Wednesday, July 28, 2010 1:19 PM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 51388 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\COMBOFIX\COMBOFIX-DOWNLOAD.CFXXE Offending URL: download.bleepingcomputer.com/sUBs/ComboFix.exe Date Detected: Wed, 28 Jul 2010 15:06:37 GMT Application File Checksum: CE222401FC3C1BC17E70BCFFF25507F3 Network Data: 434D50520014000078DAEDCBCD0A82401405E0331911549B821641AFA0CF603A618B8AFCD9D842328710D4912CF2F11B827A8296E783CBB917EE39F89E3B1C012B00162084C981996F2ECFC078662E318579C31A0B84F294C828CE02E9FA32CC82631417FAD554FA52D879A5545B36B7ABAEDBE743DD6DB340589FEE1C935F3709774E976C3AC7D375AEB7656FAB5EED53101111111111111111D1FFBC01F7F61E2D Sub-signature ID: 68872 Remote Address: 208.43.120.24 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Wed, 28 Jul 2010 18:19:10 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/26/2010 10:15 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Tuesday, July 27, 2010 9:16 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Tue, 27 Jul 2010 14:16:56 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, July 28, 2010 6:09 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:08 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\windows\uninstallrq.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:29 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:28 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:03 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\hpjdwnld.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:27 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 10:02 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Wednesday, July 28, 2010 6:08 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\program files\hewlett-packard\hp download manager\tracesrv.exe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 13:59:26 GMT Product:Norton 360 4.2.0.12",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:18:11 GMT Product:Norton 360 4.2.0.12",
7/25/2010 6:31 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 8:18 PM",Norton Security Suite,Norton Community Watch Feedback,"c:\users\introfeel\appdata\local\temp\msi2140.tmp OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Mon, 26 Jul 2010 01:17:52 GMT Product:Norton 360 4.2.0.12",
7/25/2010 10:21 AM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Sunday, July 25, 2010 11:17 AM",Norton Security Suite,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 55795 Local Port: 80 Protocol: 6 Signature Set Version: 20100723.001 Application Name: \DEVICE\HARDDISKVOLUME3\COMBOFIX\COMBOFIX-DOWNLOAD.CFXXE Offending URL: download.bleepingcomputer.com/sUBs/ComboFix.exe Date Detected: Sun, 25 Jul 2010 15:21:53 GMT Application File Checksum: CE222401FC3C1BC17E70BCFFF25507F3 Network Data: 434D50520014000078DAEDCBCD0A82401405E0331911549B821641AFA0CF603A618B8AFCD9D842328710D4912CF2F11B827A8296E783CBB917EE39F89E3B1C012B00162084C981996F2ECFC078662E318579C31A0B84F294C828CE02E9FA32CC82631417FAD554FA52D879A5545B36B7ABAEDBE743DD6DB340589FEE1C935F3709774E976C3AC7D375AEB7656FAB5EED53101111111111111111D1FFBC01F7F61E2D Sub-signature ID: 68872 Remote Address: 208.43.120.24 OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 16:17:11 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:12 PM,Info,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf Removal Failed,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:25:09 GMT Product:Norton 360 4.2.0.12",
7/24/2010 10:11 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 10:25 PM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\winsxs\x86_microsoft-windows-nbsmb_31bf3856ad364e35_6.0.6002.18005_none_61560a3ff5180c84\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:55 GMT Product:Norton 360 4.2.0.12",
7/24/2010 9:36 PM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Sunday, July 25, 2010 4:25 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sun, 25 Jul 2010 03:24:33 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:23 GMT Product:Norton 360 4.2.0.12",
7/24/2010 11:40 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Sunday, July 25, 2010 1:25 AM",Norton Security Suite,Norton Community Watch Feedback,"c:\32788r22fwjfw\swreg.cfxxe OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Sat, 24 Jul 2010 17:11:18 GMT Product:Norton 360 4.2.0.12",
7/23/2010 8:45 AM,Info,Statistical Submission: Backdoor.Tidserv!inf,Submitted,No Action Required,"Saturday, July 24, 2010 5:47 AM",Norton Security Suite,Statistical Submission: Backdoor.Tidserv!inf,"CSIDL_SYSTEM_DRIVE\windows.old\windows\system32\drivers\smb.sys Detection Digest: 03 00 EA AF 03 01 01 02 00 EF 37 98 3F 07 32 0D ..........7.?.2. 73 BD 3F BB 05 A8 86 3E DB 00 00 00 00 6C 84 C5 s.?....>.....l.. 57 DB D0 43 74 00 00 00 00 64 F3 BB 92 04 03 00 W..Ct....d...... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 15:38:23 GMT Product:Norton 360 4.2.0.12",
7/22/2010 11:38 PM,Info,Sample Submission: pcdrtouchscrn.p5x,Submitted,No Action Required,"Friday, July 23, 2010 1:38 AM",Norton Security Suite,Sample Submission: pcdrtouchscrn.p5x,"CSIDL_SYSTEM_DRIVE\windows.old\program files\dell support center\hwdiag\bin\pcdrtouchscrn.p5x OS-Country:1 OS-Language:English Processor:x86 Family 6 Model 15 Stepping 13 System:Windows Vista build 6002 Service Pack 2 Platform-GUID:E1965B85-58E5-11DF-BA31-001D097A055C DateSubmitted:Fri, 23 Jul 2010 06:38:13 GMT Product:Norton 360 4.2.0.12",


Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction,Terminal Session
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,4204,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\HANDLE.CFXXE,5052,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:30 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:30 AM",C:\COMBOFIX\PEV.CFXXE,4924,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,2756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,5484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,6072,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4660,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:29 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:29 AM",C:\COMBOFIX\PV.CFXXE,4896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PEV.CFXXE,4272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,200,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,3968,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:28 AM",C:\COMBOFIX\PV.CFXXE,3092,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:26 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:26 AM",C:\COMBOFIX\PV.CFXXE,1076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4656,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,2320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,1264,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:22 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:22 AM",C:\COMBOFIX\PV.CFXXE,4044,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PV.CFXXE,4432,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,2476,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4228,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\SWREG.CFXXE,5664,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\HANDLE.CFXXE,5516,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,5608,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4908,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,4960,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,2184,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:21 AM",C:\COMBOFIX\PEV.CFXXE,712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,2524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,4588,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,6108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,3972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,2368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:20 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:20 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5632,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5828,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,4260,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,5316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PV.CFXXE,6064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4508,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5848,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5608,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4424,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3168,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4264,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.EXE,3960,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4060,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4060,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5004,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,4712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:19 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:19 AM",C:\COMBOFIX\PEV.CFXXE,3360,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:18 AM",C:\COMBOFIX\PEV.CFXXE,3360,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:18 AM",C:\COMBOFIX\PEV.CFXXE,4872,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.EXE,5420,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.CFXXE,3788,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:16 AM",C:\COMBOFIX\PEV.EXE,220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:15 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:15 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:15 AM",C:\COMBOFIX\PEV.CFXXE,756,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4824,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4724,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\HANDLE.CFXXE,4676,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4600,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5144,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,4732,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\HANDLE.CFXXE,3548,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3856,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,3868,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PV.CFXXE,5616,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:13 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:13 AM",C:\COMBOFIX\PEV.CFXXE,5876,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,6056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PEV.CFXXE,5440,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PEV.CFXXE,6132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5648,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5804,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,4872,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,2000,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5396,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\HANDLE.CFXXE,4240,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.CFXXE,3992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,1832,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,4480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PV.CFXXE,5920,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,5108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,5108,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\PEV.EXE,3616,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5212,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:12 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:12 AM",C:\32788R22FWJFW\IEXPLORE.EXE,3144,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\CF26551.CFXXE,2776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,6132,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5192,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,3512,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,4972,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PEV.CFXXE,5368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,4496,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5408,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,912,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5268,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,5176,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\COMBOFIX\PV.CFXXE,2976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,2800,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PV.CFXXE,3812,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PEV.EXE,4888,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:07 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:07 AM",C:\32788R22FWJFW\PEV.EXE,4888,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,712,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5684,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5644,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\COMBOFIX\PV.CFXXE,5484,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\HANDLE.CFXXE,4124,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Duplicate Object,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.CFXXE,4436,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,4220,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,3812,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PV.CFXXE,5208,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,3132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:06 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:06 AM",C:\32788R22FWJFW\PEV.EXE,3132,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,5820,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\PEV.EXE,5256,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Access Process Data,Unauthorized access blocked,1
7/28/2010 10:05 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 10:05 AM",C:\32788R22FWJFW\IEXPLORE.EXE,3596,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3148,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:40 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:40 AM",C:\COMBOFIX\PV.CFXXE,2768,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Resume Thread),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\CF26226.CFXXE,3796,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,5756,Resume Thread,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\PV.CFXXE,4488,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:39 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:39 AM",C:\COMBOFIX\PV.CFXXE,5352,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:36 AM,Medium,Unauthorized access blocked (Terminate Process),Blocked,No Action Required,"Wednesday, July 28, 2010 4:36 AM",C:\WINDOWS\SYSTEM32\SVCHOST.EXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,6132,Terminate Process,Unauthorized access blocked,
7/28/2010 4:35 AM,Medium,Unauthorized access blocked (Terminate Process),Blocked,No Action Required,"Wednesday, July 28, 2010 4:35 AM",C:\WINDOWS\SYSTEM32\SVCHOST.EXE,2216,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\cltlmh.exe,5756,Terminate Process,Unauthorized access blocked,
7/28/2010 4:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:35 AM",C:\COMBOFIX\PV.CFXXE,5896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:31 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Wednesday, July 28, 2010 4:31 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,2804,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/28/2010 4:30 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:30 AM",C:\COMBOFIX\PV.CFXXE,3928,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1916,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PEV.CFXXE,952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,3456,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,5448,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,4076,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:28 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:28 AM",C:\COMBOFIX\PV.CFXXE,5024,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PV.CFXXE,5624,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PV.CFXXE,4336,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:27 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:27 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5580,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Set Regietry Security Key),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\SWREG.CFXXE,2836,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Set Regietry Security Key,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\HANDLE.CFXXE,5192,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4452,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5764,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,6136,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,2184,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,3120,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4560,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4976,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4628,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5368,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5356,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,2536,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4404,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,4804,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:26 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:26 AM",C:\COMBOFIX\PEV.CFXXE,5344,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,272,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,5296,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,5480,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,1752,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PV.CFXXE,4392,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5720,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5416,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5276,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5392,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5332,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5552,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4992,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,468,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2376,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5640,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2512,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,5952,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3516,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.EXE,5404,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2704,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,2704,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,3864,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:25 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:25 AM",C:\COMBOFIX\PEV.CFXXE,4384,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,5288,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,2932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:24 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:24 AM",C:\COMBOFIX\PEV.CFXXE,5488,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:22 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:22 AM",C:\COMBOFIX\PEV.EXE,5728,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,2676,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.EXE,3552,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:21 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:21 AM",C:\COMBOFIX\PEV.CFXXE,5540,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,956,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5380,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5064,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5844,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,5648,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\HANDLE.CFXXE,6044,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,1380,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:19 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:19 AM",C:\COMBOFIX\PV.CFXXE,4932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PV.CFXXE,5564,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\HANDLE.CFXXE,5456,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Duplicate Object,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,4400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,5984,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PV.CFXXE,5364,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:18 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:18 AM",C:\COMBOFIX\PEV.CFXXE,284,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,3932,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,5032,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,5668,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PEV.CFXXE,4036,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,5776,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,2700,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,4672,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,3316,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,5056,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\COMBOFIX\PV.CFXXE,2896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,3320,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,5980,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PV.CFXXE,5388,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PEV.EXE,3524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:17 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:17 AM",C:\32788R22FWJFW\PEV.EXE,3524,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5564,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,5084,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,744,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,5080,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\COMBOFIX\PV.CFXXE,3400,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,5784,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,4896,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PV.CFXXE,4548,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Open Process Token,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,4312,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,4312,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\LICENSE\IEXPLORE.EXE,4604,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\PEV.EXE,5212,C:\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,1964,Access Process Data,Unauthorized access blocked,1
7/28/2010 4:16 AM,Medium,Unauthorized access blocked (Post Terminate Message to Window),Blocked,No Action Required,"Wednesday, July 28, 2010 4:16 AM",C:\32788R22FWJFW\IEXPLORE.EXE,5872,\Device\HarddiskVolume3\Program Files\Norton Security Suite\Engine\4.2.0.12\ccsvchst.exe,3168,Post Terminate Message to Window,Unauthorized access blocked,1
7/28/2010 4:09 AM,Medium,Unauthorized access blocked (Create Registry Key),Blocked,No Action Required,"Wednesday, July 28, 2010 4:09 AM",C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE,3860,"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\",0,Create Registry Key,Unauthorized access blocked,1
7/27/2010
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP