I have been attempting to resolve a problem with my computer where when I start up I have no taskbar, desktop icons, or ability to use a explorer window. To do anything I must Ctrl-Alt-Delete and use the New Task button, essentially Run, or use the cmd line. From what I have read and found I beleive that Norton triaged explorer.exe and who knows what else to attempt to stop a virus/malware infection. I think that this started on Monday night when norton started popping up that it had isolated threats probably about 5-6 in the span of 2 minutes, probably from a torrent file(I know, how stupid). Anyways I shut down the computer monday night and on tuesday I had the problem of no windows explorer.
I have since used a linux live cd to create a copy of the Documents and Settings folder on an external drive. Looking for people with similar problems led me here. I have done the 6 steps in the Malware Cleaning Guide and will post the logs below.
I have an original Windows xp disk and disks for most of my software, I am not opposed to doing a total reformat if needed as I have backed all the pertinent files, and it has been a 7+ years i think since the last time windows was installed. my main concern with this is making sure that whatever infection started this would not be created again from the backup files. this would also finally give me a chance to change the drive partions.
With all that in mind here's hoping I can get this resolved fairly quickly.
Here are the log files.... I have also pasted a log from Norton antivirus recent history
MBAM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4447
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
8/19/2010 12:18:16 AM
mbam-log-2010-08-19 (00-18-16).txt
Scan type: Quick scan
Objects scanned: 142588
Time elapsed: 11 minute(s), 49 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
GMER
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-19 09:58:57
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\pxlirpow.sys
---- System - GMER 1.0.15 ----
SSDT 8A176330 ZwAlertResumeThread
SSDT 8A176410 ZwAlertThread
SSDT 8A31FA30 ZwAllocateVirtualMemory
SSDT 8A172E98 ZwAssignProcessToJobObject
SSDT 8A72C890 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xB3A0E210]
SSDT 8A173AA0 ZwCreateMutant
SSDT 8A172BB0 ZwCreateSymbolicLinkObject
SSDT 8A74F2C8 ZwCreateThread
SSDT 8A1732A8 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xB3A0E490]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xB3A0E9F0]
SSDT 8A784060 ZwDuplicateObject
SSDT 8A510738 ZwFreeVirtualMemory
SSDT 8A176A18 ZwImpersonateAnonymousToken
SSDT 8A176AF8 ZwImpersonateThread
SSDT 8A76F1B8 ZwLoadDriver
SSDT 8A752548 ZwMapViewOfSection
SSDT 8A1738A8 ZwOpenEvent
SSDT 8A7801B8 ZwOpenProcess
SSDT 8A179DF8 ZwOpenProcessToken
SSDT 8A1735D8 ZwOpenSection
SSDT 8A766078 ZwOpenThread
SSDT 8A172DA8 ZwProtectVirtualMemory
SSDT 8A21B368 ZwResumeThread
SSDT 8A222B38 ZwSetContextThread
SSDT 8A222BF8 ZwSetInformationProcess
SSDT 8A173388 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xB3A0EC40]
SSDT 8A1737C8 ZwSuspendProcess
SSDT 8A753538 ZwSuspendThread
SSDT 8A74CF90 ZwTerminateProcess
SSDT 8A753618 ZwTerminateThread
SSDT 8A222E10 ZwUnmapViewOfSection
SSDT 8A69D0F8 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!_abnormal_termination + 150 804E27BC 4 Bytes JMP 03F8DB61
? foqd.sys The system cannot find the file specified. !
? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xB9CA7340, 0xFFF3F, 0xF8000020]
.text C:\WINDOWS\System32\nv4_disp.dll section is writeable [0xBF012300, 0x234A20, 0xF8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\SearchIndexer.exe[604] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] ntdll.dll!RtlValidateUnicodeString + 554 7C9163BE 10 Bytes JMP 0260003A
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD135 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254666 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4B6F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4AA1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4B0C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4972 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E49D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E4BD2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4A36 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] ole32.dll!OleInitialize + E37 77500521 7 Bytes JMP 02600326
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 3E2EDB80 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] ole32.dll!CoImpersonateClient + 51 775156C0 7 Bytes JMP 026003DC
.text C:\Program Files\Internet Explorer\iexplore.exe[1340] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3E4EF0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB24 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4B6F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4AA1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4B0C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4972 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E49D4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E4BD2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[4036] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4A36 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdePort0 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdePort1 sdcplh.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f sdcplh.sys
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs B2788400
---- EOF - GMER 1.0.15 ----
OTL
OTL logfile created on: 8/19/2010 10:01:27 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 73.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 10.61 Gb Free Space | 9.49% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 1.91 Gb Total Space | 1.91 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive G: | 149.01 Gb Total Space | 9.21 Gb Free Space | 6.18% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LUKACOVIC
Current User Name: Lukacovic Family
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/19 09:59:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/03/19 14:07:54 | 000,382,320 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
PRC - [2007/12/16 21:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/01/10 21:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2001/08/17 16:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
========== Modules (SafeList) ==========
MOD - [2010/08/19 09:59:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/13 18:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/02/25 18:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe -- (NAV)
SRV - [2010/01/18 13:41:05 | 001,028,432 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/03/19 14:07:54 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2007/12/16 21:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/10 21:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\SiwIo.sys -- (SIWIO)
DRV - [2010/08/09 19:11:05 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\BASHDefs\20100810.004\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/13 18:31:54 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\VirusDefs\20100819.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/13 18:31:54 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\VirusDefs\20100819.003\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/26 20:23:34 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/06/26 20:20:09 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/06/26 20:20:09 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/28 13:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\Definitions\IPSDefs\20100816.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/05 22:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/28 23:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 21:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 20:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 20:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 18:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 21:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/07/03 08:49:08 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008/04/13 12:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005/08/16 12:05:43 | 000,040,576 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sdcplh.sys -- (sdcplh)
DRV - [2004/06/18 00:41:16 | 000,386,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netwg311.sys -- (netwg311)
DRV - [2004/03/11 22:16:32 | 000,062,865 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2003/07/28 15:19:00 | 001,341,339 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/03/04 09:50:00 | 000,073,134 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/03/04 09:50:00 | 000,053,870 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/03/04 09:50:00 | 000,037,804 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS -- (LHidUsb)
DRV - [2003/03/04 09:50:00 | 000,025,214 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS -- (LHidFlt2)
DRV - [2003/01/13 10:19:26 | 000,249,344 | ---- | M] (Roxio) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/01/13 10:19:26 | 000,206,464 | ---- | M] (Roxio) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/01/13 10:19:26 | 000,118,422 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/01/13 10:19:26 | 000,064,208 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/01/13 10:19:26 | 000,024,839 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/01/13 10:19:26 | 000,022,758 | ---- | M] (Roxio) [Kernel | Disabled | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/01/13 10:19:26 | 000,021,654 | ---- | M] (Roxio) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/07/24 13:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 10:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 10:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 10:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 10:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 10:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 10:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/08/23 13:00:00 | 000,022,400 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/17 07:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2001/08/17 07:28:00 | 000,871,388 | ---- | M] (BCM) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMDM.sys -- (BCMModem)
DRV - [2001/08/17 06:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 06:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 06:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 06:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://start.aceweb.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.5.0.127\IPSFFPlgn\ [2010/07/11 18:17:56 | 000,000,000 | ---D | M]
[2005/12/21 01:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions
[2004/07/01 23:01:41 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions\{641d8d09-7dda-4850-8228-ac0ab65e2ac9}
[2004/07/01 23:01:41 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2004/07/02 16:11:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2004/07/02 16:01:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions\{d8bd53e7-7ad6-4fb0-9dea-ee0f111fb4c8}
[2004/07/02 16:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\default.7fg\extensions\{fb0cbf5b-695b-4322-8b49-5dedbfb946fc}
O1 HOSTS File: ([2001/08/23 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QwestTouchPointAgent] C:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exe (Qwest Communications)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [EPSON Stylus NX400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEGA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\RunOnce: [*Restore] C:\WINDOWS\System32\restore\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SCAPI: Flags = 1051650
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} https://ra.qwest.com...ad/tgctlins.cab (SupportSoft Installer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://ra.qwest.com...oad/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} http://a1540.g.akama...meInstaller.exe (Reg Error: Key error.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1264128536140 (MUWebControl Class)
O16 - DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msansspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/06/11 04:58:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{c5fb41db-83a3-11dd-b0b6-dd8215858789}\Shell\AutoRun\command - "" = Autoplay.exe -auto
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecx.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\MPG4C32.DLL (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
========== Files/Folders - Created Within 90 Days ==========
[2010/08/19 09:59:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/08/19 00:28:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\gmer
[2010/08/19 00:03:39 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/08/19 00:02:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/19 00:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/08/19 00:00:26 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt-setup.exe
[2010/08/18 23:52:21 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/08/18 22:55:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\FixO
[2010/08/18 18:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\HJT
[2010/08/18 18:03:59 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/08/18 18:03:16 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/08/18 18:03:14 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/08/18 15:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\ultradefrag-portable-4.3.0.bin.i386
[2010/08/18 15:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\music
[2010/08/18 14:57:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/08/18 11:02:33 | 000,000,000 | ---D | C] -- C:\.Trash-999
[2010/08/17 20:15:25 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/08/17 20:15:25 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/08/17 20:15:23 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/08/17 20:15:15 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/08/17 20:15:09 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/08/17 20:15:08 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/08/17 20:15:00 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/08/17 20:14:59 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/08/17 20:14:58 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/08/17 20:14:56 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/08/17 20:14:49 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/08/17 20:14:47 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/08/17 20:14:47 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/08/17 20:14:33 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/08/17 20:14:08 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/08/17 20:14:03 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/08/17 20:13:57 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/08/17 20:13:55 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/08/17 20:13:55 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/08/17 20:13:53 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/08/17 20:13:53 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/08/17 20:13:53 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/08/17 20:13:52 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/08/17 20:13:50 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/08/17 20:13:41 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/08/17 20:13:41 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/08/17 20:13:39 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/08/17 20:13:24 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/08/17 20:13:23 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/08/17 20:13:23 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/08/17 20:13:22 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/08/17 20:13:22 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/08/17 20:13:22 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/08/17 20:13:21 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/08/17 20:13:20 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/08/17 20:13:16 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/08/17 20:13:15 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/08/17 20:13:02 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/08/17 20:12:55 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/08/17 20:12:47 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/08/17 20:12:46 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/08/17 20:12:46 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/08/17 20:12:46 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/08/17 20:12:45 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/08/17 20:12:43 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/08/17 20:12:42 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/08/17 20:12:42 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/08/17 20:12:41 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/08/17 20:12:40 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/08/17 20:12:40 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/08/17 20:12:11 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/08/17 20:12:10 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/08/17 20:12:10 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/08/17 20:12:10 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/08/17 20:12:09 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/08/17 20:12:09 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/08/17 20:12:08 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/08/17 20:12:07 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/08/17 20:12:05 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/08/17 20:12:05 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/08/17 20:12:04 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/08/17 20:12:03 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/08/17 20:12:03 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/08/17 20:12:02 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/08/17 20:12:02 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/08/17 20:12:01 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/08/17 20:12:01 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/08/17 20:12:00 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/08/17 20:11:54 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/08/17 20:11:53 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/08/17 20:11:52 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/08/17 20:11:52 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/08/17 20:11:51 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/08/17 20:11:50 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/08/17 20:11:50 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/08/17 20:11:25 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/08/17 20:11:22 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/08/17 20:11:16 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/08/17 20:11:01 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/08/17 20:10:58 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/08/17 20:10:57 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/08/17 20:10:57 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/08/17 20:10:57 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/08/17 20:10:56 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/08/17 20:10:54 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/08/17 20:10:53 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/08/17 20:10:50 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/08/17 20:10:48 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/08/17 20:10:47 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/08/17 20:10:46 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/08/17 18:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2010/08/16 16:39:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinRAR
[2010/08/16 16:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/08/16 00:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Windows Server
[2010/08/14 11:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder (2)
[2010/08/05 14:48:10 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/08/05 14:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2010/07/23 14:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\New Folder
[2010/07/20 13:56:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010/07/17 16:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.android
[2010/06/27 23:20:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Jims Photos
[2010/06/26 21:34:49 | 000,361,904 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdi.sys
[2010/06/26 21:34:49 | 000,339,504 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symtdiv.sys
[2010/06/26 21:34:48 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.sys
[2010/06/26 21:34:46 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.sys
[2010/06/26 21:34:45 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.sys
[2010/06/26 21:34:45 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\ironx86.sys
[2010/06/26 21:34:45 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.sys
[2010/06/26 21:34:44 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.sys
[2010/06/26 21:34:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1107000.00C
[2010/06/26 20:23:34 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/06/26 20:23:34 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/06/26 20:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/06/26 20:20:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/06/26 20:16:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2010/06/26 20:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/06/26 20:16:02 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2010/06/26 20:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/06/26 20:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Symantec
[2010/06/26 20:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010/06/26 20:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/06/26 20:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2010/06/26 20:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\Qwest
[2010/06/22 12:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/06/07 23:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2010/06/07 23:16:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2010/06/02 23:39:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/05/31 18:26:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2010/05/31 18:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/05/31 18:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/05/31 18:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/05/31 18:19:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2010/05/31 18:17:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
[2010/05/31 16:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2010/05/29 14:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/05/29 14:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2010/05/29 14:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/05/29 14:42:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010/05/25 18:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/05/24 11:41:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.javaws
[2010/05/24 11:39:26 | 000,000,000 | ---D | C] -- C:\Program Files\PlotSoft
[2010/05/21 22:51:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/05/21 22:44:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/05/21 21:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/05/21 21:51:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/05/21 21:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/05/21 21:47:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/05/21 20:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/05/21 13:20:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/05/21 13:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2008/10/10 14:08:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[2003/06/12 15:11:29 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
========== Files - Modified Within 90 Days ==========
[2010/08/19 09:59:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/08/19 09:57:00 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1757981266-682003330-500UA.job
[2010/08/19 09:25:00 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/19 09:25:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/19 00:25:05 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/08/19 00:21:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/19 00:21:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/19 00:21:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/19 00:19:37 | 008,912,896 | ---- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/08/19 00:19:37 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/08/19 00:04:50 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/19 00:03:47 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/08/19 00:01:31 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/19 00:01:31 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/08/19 00:00:28 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt-setup.exe
[2010/08/18 23:52:22 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/08/18 22:54:40 | 000,064,781 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FixO.exe
[2010/08/18 20:55:59 | 000,001,212 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/18 20:55:59 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/08/18 20:55:59 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/18 19:07:17 | 000,002,016 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/08/18 16:51:46 | 000,009,187 | ---- | M] () -- C:\fraglist.luar
[2010/08/18 15:58:33 | 000,361,993 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ultradefrag-portable-4.3.0.bin.i386.zip
[2010/08/18 15:29:40 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/17 13:57:00 | 000,000,964 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1757981266-682003330-500Core.job
[2010/08/17 00:37:54 | 000,099,840 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/16 19:42:25 | 000,069,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\96mls2.xls
[2010/08/16 16:05:29 | 001,298,944 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\soccerdbmls.xls
[2010/08/14 18:42:16 | 000,886,932 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010/08/13 04:33:18 | 000,259,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/13 04:11:20 | 000,541,482 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/13 04:11:20 | 000,469,654 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/13 04:11:20 | 000,081,438 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/12 15:36:01 | 000,027,310 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MLSopenarchive.odb
[2010/08/12 15:30:14 | 140,467,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OOo_3.2.1_Win_x86_install_en-US.exe
[2010/08/10 19:57:48 | 000,002,470 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2010/08/10 19:57:48 | 000,002,322 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/08/04 00:10:36 | 001,332,953 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NINE MILEskp.skp
[2010/08/02 03:53:59 | 001,342,951 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NINE MILEskp.skb
[2010/08/02 03:11:00 | 000,305,399 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\nine north.jpg
[2010/07/31 01:43:02 | 000,977,341 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\USSoccer_Best_Practices.pdf
[2010/07/30 01:46:06 | 012,179,456 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\programModels.mpg
[2010/07/26 14:41:49 | 006,884,309 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\jlukacovic_portfolio.pdf
[2010/07/25 17:14:55 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\iTunes.lnk
[2010/07/23 16:13:34 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/07/22 16:12:02 | 000,301,011 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\nine w.jpg
[2010/07/22 16:10:23 | 000,291,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\nine e.jpg
[2010/07/11 18:27:09 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/07/11 18:06:38 | 000,001,899 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus Online.LNK
[2010/06/26 21:19:32 | 002,208,617 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RtR_2010.pdf
[2010/06/26 20:23:34 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/06/26 20:23:34 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/06/26 20:23:34 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/06/26 20:23:34 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/06/22 14:54:38 | 001,566,378 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\modeling_a_city.pdf
[2010/06/22 13:06:56 | 015,463,918 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Colorado Center.skp
[2010/06/07 23:17:20 | 000,063,216 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/07 23:11:43 | 000,822,562 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/02 14:16:09 | 000,607,609 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PDF_admnts53450018005.pdf
[2010/06/01 19:35:19 | 000,064,733 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Bicycle-Transit-Center-1.jpg
[2010/05/31 18:27:15 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\OpenOffice.org 3.2.lnk
[2010/05/31 18:22:48 | 000,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/05/31 17:15:04 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/05/29 14:46:23 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/29 14:46:23 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/29 14:42:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/05/29 10:48:46 | 003,153,920 | ---- | M] () -- C:\WINDOWS\System32\secsetup.sdb
[2010/05/24 17:38:26 | 000,000,453 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/24 11:54:18 | 000,033,240 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\jlukacovic_cv.pdf
[2010/05/22 20:50:50 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Wrigley at the Lukacovic's.doc
[2010/05/21 23:01:14 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WORD.lnk
========== Files Created - No Company Name ==========
[2067/02/24 15:21:18 | 000,079,947 | ---- | C] () -- C:\WINDOWS\fw20.vxd
[2010/08/19 00:24:56 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/08/19 00:04:50 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/19 00:01:31 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/08/19 00:01:31 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/08/18 22:54:39 | 000,064,781 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\FixO.exe
[2010/08/18 20:56:47 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Startup\OpenOffice.org 3.2.lnk
[2010/08/18 19:07:17 | 000,002,016 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\HiJackThis.lnk
[2010/08/18 18:03:15 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/08/18 18:03:15 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/08/18 18:03:14 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/08/18 18:03:13 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/08/18 18:03:12 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/08/18 16:51:46 | 000,009,187 | ---- | C] () -- C:\fraglist.luar
[2010/08/18 15:58:31 | 000,361,993 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ultradefrag-portable-4.3.0.bin.i386.zip
[2010/08/18 14:43:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/17 20:13:55 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/08/17 20:13:54 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/08/17 20:13:54 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/08/17 20:12:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/08/17 20:12:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/17 20:12:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/08/17 20:12:31 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/17 20:12:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/08/17 20:12:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/08/17 20:12:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/08/17 20:12:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/17 20:12:28 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/17 20:12:28 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/17 20:12:28 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/17 20:12:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/17 20:12:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/17 20:12:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/17 20:12:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/17 20:12:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/17 20:12:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/17 20:12:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/17 20:12:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/17 20:12:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/17 20:12:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/17 20:12:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/17 20:12:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/17 20:12:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/17 20:12:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/17 20:12:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/17 20:12:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/17 20:12:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/17 20:12:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/17 20:12:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/17 20:12:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/17 20:12:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/17 20:12:21 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/17 20:12:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/17 20:12:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/17 20:12:20 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/17 20:12:20 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/17 20:12:20 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/17 20:12:20 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/17 20:12:19 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/17 20:12:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/17 20:12:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/17 20:12:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/17 20:12:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/17 20:12:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/17 20:12:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/17 20:12:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/17 20:12:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/17 20:12:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/17 20:12:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/17 20:12:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/17 20:12:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/08/17 20:12:14 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/17 20:12:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/08/17 20:12:14 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/08/17 20:12:13 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/17 20:12:13 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/17 20:12:13 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/17 20:12:00 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/17 20:11:58 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/17 20:11:41 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/08/17 20:11:41 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/08/17 20:11:41 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/08/17 20:11:40 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/08/17 20:11:40 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/08/17 20:11:39 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/08/17 20:11:39 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/08/17 20:11:38 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/08/17 20:11:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/08/17 20:11:28 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/08/16 16:05:29 | 001,298,944 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\soccerdbmls.xls
[2010/08/12 21:51:15 | 000,069,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\96mls2.xls
[2010/08/12 15:26:12 | 140,467,400 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\OOo_3.2.1_Win_x86_install_en-US.exe
[2010/08/11 11:41:26 | 000,027,310 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\MLSopenarchive.odb
[2010/08/02 03:11:00 | 000,305,399 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\nine north.jpg
[2010/07/31 01:43:02 | 000,977,341 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\USSoccer_Best_Practices.pdf
[2010/07/30 01:45:19 | 012,179,456 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\programModels.mpg
[2010/07/26 14:41:49 | 006,884,309 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\jlukacovic_portfolio.pdf
[2010/07/26 03:10:10 | 001,342,951 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NINE MILEskp.skb
[2010/07/23 16:13:34 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/07/22 18:30:00 | 001,332,953 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NINE MILEskp.skp
[2010/07/22 16:12:01 | 000,301,011 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\nine w.jpg
[2010/07/22 16:03:08 | 000,291,344 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\nine e.jpg
[2010/07/11 18:05:22 | 000,886,932 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\Cat.DB
[2010/06/26 21:34:49 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.cat
[2010/06/26 21:34:49 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnetv.inf
[2010/06/26 21:34:48 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.cat
[2010/06/26 21:34:48 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symnet.inf
[2010/06/26 21:34:46 | 000,007,873 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.cat
[2010/06/26 21:34:46 | 000,007,425 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.cat
[2010/06/26 21:34:46 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symefa.inf
[2010/06/26 21:34:46 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\symds.inf
[2010/06/26 21:34:45 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.cat
[2010/06/26 21:34:45 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.cat
[2010/06/26 21:34:45 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtspx.inf
[2010/06/26 21:34:45 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\srtsp.inf
[2010/06/26 21:34:44 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.cat
[2010/06/26 21:34:44 | 000,007,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.cat
[2010/06/26 21:34:44 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\cchpx86.inf
[2010/06/26 21:34:44 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\iron.inf
[2010/06/26 21:34:07 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1107000.00C\isolate.ini
[2010/06/26 21:19:28 | 002,208,617 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RtR_2010.pdf
[2010/06/26 20:23:34 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/06/26 20:23:34 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/06/26 20:23:14 | 000,001,899 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus Online.LNK
[2010/06/22 14:54:38 | 001,566,378 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\modeling_a_city.pdf
[2010/06/22 12:53:08 | 015,463,918 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Colorado Center.skp
[2010/06/07 23:10:49 | 000,088,566 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2010/06/07 23:10:48 | 000,017,056 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2010/06/02 14:16:08 | 000,607,609 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PDF_admnts53450018005.pdf
[2010/06/01 19:35:19 | 000,064,733 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Bicycle-Transit-Center-1.jpg
[2010/05/31 18:22:48 | 000,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/05/29 14:42:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010/05/29 10:48:44 | 003,153,920 | ---- | C] () -- C:\WINDOWS\System32\secsetup.sdb
[2010/05/24 11:38:53 | 000,033,240 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\jlukacovic_cv.pdf
[2010/05/21 23:01:14 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WORD.lnk
[2010/05/21 13:15:31 | 000,000,906 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/21 13:15:31 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/03/27 19:06:57 | 000,000,044 | ---- | C] () -- C:\WINDOWS\EPSNX400.ini
[2009/02/08 15:31:39 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2008/10/10 14:08:30 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.log
[2008/10/10 14:08:17 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2008/10/10 14:08:17 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2008/10/10 14:08:17 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
[2008/07/28 12:22:55 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/03/10 18:43:03 | 000,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007/03/10 18:42:40 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007/01/11 17:29:15 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/20 12:27:32 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2006/10/22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/06/09 17:19:14 | 000,000,069 | ---- | C] () -- C:\WINDOWS\bfcomega.ini
[2005/11/01 03:16:20 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/25 18:44:17 | 000,040,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdcplh.sys
[2005/07/05 22:34:57 | 000,000,099 | ---- | C] () -- C:\WINDOWS\WSIMFARM.INI
[2005/07/05 22:34:56 | 000,000,130 | ---- | C] () -- C:\WINDOWS\CLASSIC2.INI
[2005/07/05 22:34:52 | 000,027,136 | ---- | C] () -- C:\WINDOWS\VERMONT1.DLL
[2005/07/05 22:34:45 | 000,136,448 | ---- | C] () -- C:\WINDOWS\RMTOOLS.DLL
[2004/12/26 12:44:09 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2004/11/29 10:41:17 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/09/05 21:26:26 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/09/05 21:14:19 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2004/09/05 21:14:04 | 000,098,304 | R--- | C] () -- C:\WINDOWS\StiRegstEng.dll
[2004/09/05 21:10:38 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2004/09/05 21:10:38 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2004/09/05 21:09:41 | 000,000,043 | ---- | C] () -- C:\WINDOWS\EP4180.ini
[2004/05/23 14:52:45 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini
[2004/03/04 17:54:21 | 000,000,083 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2004/02/17 21:33:18 | 000,000,041 | ---- | C] () -- C:\WINDOWS\loc2.INI
[2004/02/17 21:33:14 | 000,000,041 | ---- | C] () -- C:\WINDOWS\FindServ.INI
[2004/02/17 21:26:20 | 000,000,011 | ---- | C] () -- C:\WINDOWS\Topo4.ini
[2003/12/27 14:26:00 | 000,000,016 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2003/12/20 03:16:31 | 000,001,447 | ---- | C] () -- C:\WINDOWS\System32\Px.ini
[2003/07/28 16:35:01 | 000,000,038 | ---- | C] () -- C:\WINDOWS\KA.INI
[2003/07/10 15:02:49 | 000,003,080 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/06/22 03:52:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/06/18 22:26:17 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2003/06/16 17:00:47 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3m.DLL
[2003/06/16 02:38:47 | 000,000,192 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2003/06/16 00:31:50 | 000,000,717 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2003/06/12 15:38:35 | 000,099,840 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/06/12 15:16:11 | 000,000,041 | ---- | C] () -- C:\WINDOWS\winampa.ini
[2003/06/12 15:11:54 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2003/06/12 15:11:54 | 000,000,128 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2003/06/12 15:11:31 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2003/06/12 15:11:31 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2003/06/12 15:11:29 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2003/06/11 05:54:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/06/11 05:19:08 | 000,000,453 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/01/13 14:21:58 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2001/08/23 13:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
========== LOP Check ==========
[2008/01/20 01:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\acccore
[2005/02/14 18:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DeductionPro 2004-05
[2004/09/12 19:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EPSON
[2004/01/05 21:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FUJIFILM
[2009/09/14 22:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtopala
[2004/02/11 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2009/02/08 15:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nikon
[2007/03/10 21:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OfficeUpdate12
[2010/05/31 18:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2008/07/28 12:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\pdf995
[2004/09/05 21:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Smart Panel
[2010/04/09 19:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TaxCut
[2008/11/27 07:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thunderbird
[2010/08/17 18:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2010/08/17 00:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2009/01/30 23:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vso
[2010/05/29 14:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/05/31 16:59:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2010/01/02 18:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2010/05/21 20:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/02/08 15:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2009/03/27 19:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/07/28 12:24:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/06/26 20:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Qwest
[2010/04/09 19:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2009/02/08 15:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/01/30 17:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/03/11 17:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2005/01/05 00:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{70FE9869-8D38-4EB3-8541-A735C2285CF7}
[2009/09/12 07:47:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010/08/19 00:20:57 | 000,023,424 | ---- | M] () -- C:\aaw7boot.log
[2003/06/11 04:58:48 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/18 20:55:59 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/18 23:09:16 | 000,000,590 | ---- | M] () -- C:\check.txt
[2003/06/11 04:58:48 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/08/14 19:29:48 | 000,002,818 | ---- | M] () -- C:\Facilitator.log
[2010/08/18 16:51:46 | 000,009,187 | ---- | M] () -- C:\fraglist.luar
[2010/08/18 16:51:46 | 000,007,066 | ---- | M] () -- C:\fraglist.txt
[2003/06/11 04:58:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/01/02 18:49:24 | 000,001,880 | -H-- | M] () -- C:\IPH.PH
[2003/06/11 04:58:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/11/30 23:39:58 | 002,375,680 | ---- | M] () -- C:\My Money.mny
[2004/10/20 18:03:37 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/08/20 21:36:14 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/19 00:20:58 | 2146,746,368 | -HS- | M] () -- C:\pagefile.sys
[2010/06/26 20:35:55 | 000,000,062 | ---- | M] () -- C:\QwestInstaller.log
[2005/11/12 15:39:40 | 000,000,031 | ---- | M] () -- C:\ripvinyl.mix
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2003/06/11 04:58:24 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2002/02/11 22:00:00 | 000,013,824 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD3m.DLL
[2002/02/11 22:00:00 | 000,043,008 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP3m.DLL
[2008/07/06 06:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 04:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2007/02/09 16:09:06 | 000,001,690 | -H-- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2003/06/10 22:01:38 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/06/10 22:01:38 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/06/10 22:01:38 | 000,393,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/08/20 21:45:59 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2004/10/20 20:30:32 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/10/20 20:30:32 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/08/19 00:00:28 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt-setup.exe
[2010/08/18 22:54:40 | 000,064,781 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\FixO.exe
[2010/08/19 00:03:47 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/08/12 15:30:14 | 140,467,400 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\OOo_3.2.1_Win_x86_install_en-US.exe
[2010/08/19 09:59:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/08/18 23:52:22 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
[2008/01/18 19:59:51 | 000,061,480 | ---- | M] () -- C:\WINDOWS\java\GoToAssistDownloadHelper.exe
[1 C:\WINDOWS\Java\*.tmp files -> C:\WINDOWS\Java\*.tmp -> ]
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-13 10:16:14
< End of report >
Norton Antivirus Recent history log
Category: Scan Results
Date & Time,Risk,Activity,Status,Task Name,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Total Security Risks Resolved,Total Security Risks Requiring Attention,Virus,Cookie,Virus Resolved,Cookie Resolved
8/19/2010 8:30 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:27,"4,200",855,309,"2,862",23,151,687,0,0,0,0,,,,
8/19/2010 4:33 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:35,"4,227",856,309,"2,888",23,151,688,0,0,0,0,,,,
8/18/2010 11:06 PM,Info,Custom scan results,Completed,Custom scan,0:00:00:04,5,5,0,0,0,0,0,0,0,0,0,,,,
8/18/2010 9:19 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:23,"3,780",826,313,"2,467",23,151,660,0,0,0,0,,,,
8/18/2010 6:35 PM,Info,Quick Scan results,Stopped,Quick Scan,0:00:15:43,0,0,0,0,0,0,0,0,0,0,0,,,,
8/18/2010 5:11 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:28,"4,763",863,313,"3,413",23,151,690,0,0,0,0,,,,
8/17/2010 2:56 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:39,"3,644",809,311,"2,350",23,151,645,22,0,0,0,,,,
8/17/2010 6:59 AM,Info,Idle Full System Scan results,Completed,Idle Full System Scan,0:03:02:54,"200,495","195,938",442,"3,186",777,152,"4,675",501,5,5,0,4,1,4,1
8/16/2010 7:56 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:59,"4,309",875,311,"2,949",23,151,703,0,0,0,0,,,,
8/14/2010 2:01 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:01:01,"4,716",947,310,"3,285",23,151,783,0,0,0,0,,,,
8/14/2010 2:20 AM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:37,"4,570",933,310,"3,153",23,151,770,0,0,0,0,,,,
8/13/2010 4:14 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:37,"4,345",860,310,"3,001",23,151,699,0,0,0,0,,,,
8/12/2010 7:03 PM,Info,Idle Quick Scan results,Completed,Idle Quick Scan,0:00:00:40,"4,524",884,310,"3,156",23,151,723,0,0,0,0,,,,
Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action
8/18/2010 11:06 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 11:06 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 11:05 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 11:05 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 11:02 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 10:55 PM,High,fixo.bat (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 8:22 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 8:21 PM,High,explorer.exe (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 7:07 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 7:07 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 6:03 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Blocked,Resolved - No Action
8/18/2010 6:02 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 4:33 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:54 AM,Low,Tracking Cookies detected by Virus scanner,Removed,Resolved - No Action
8/16/2010 12:59 AM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/16/2010 12:58 AM,High,axromecsnw.tmp (Trojan Horse) detected by Auto-Protect,Blocked,Resolved - No Action
8/16/2010 12:57 AM,High,moercsaxwn.tmp (Downloader.Harnig!gen1) detected by Auto-Protect,Blocked,Resolved - No Action
8/16/2010 12:57 AM,High,321.tmp (Backdoor.Tidserv) detected by Auto-Protect,Blocked,Resolved - No Action
8/16/2010 12:57 AM,Medium,amsxwnorce.tmp (CoreGuardAntivirus2009) detected by Auto-Protect,Blocked,Resolved - No Action
8/16/2010 12:57 AM,High,322.tmp (Backdoor.Tidserv) detected by Auto-Protect,Blocked,Resolved - No Action
8/16/2010 12:57 AM,High,320.tmp (Backdoor.Tidserv) detected by Auto-Protect,Blocked,Resolved - No Action
Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action
8/18/2010 8:22 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 8:21 PM,High,explorer.exe (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 7:07 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 6:02 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/18/2010 4:33 PM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/17/2010 3:55 AM,High,Downloader detected by Virus scanner,Quarantined,Resolved - No Action
8/16/2010 12:59 AM,High,temp.tmp (Suspicious.Mystic) detected by Auto-Protect,Quarantined,Resolved - No Action
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,Category,Risk Name,Attacking Computer,Destination Address,Source Address,Traffic Description,Attacker URL
8/19/2010 12:21 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/19/2010 12:21 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/19/2010 12:21 AM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 11:56 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 11:56 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 11:56 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:58 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:58 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:58 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:40 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:40 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:40 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:35 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:35 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:35 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:25 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:25 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:25 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:19 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:19 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 8:19 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:11 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:11 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:11 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:04 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:04 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:04 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:01 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:01 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 7:01 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 6:57 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 6:57 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 6:57 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 4:29 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 4:29 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/18/2010 4:29 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 9:00 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 9:00 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 9:00 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:51 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:51 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:51 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:48 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:48 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:48 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:41 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:41 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 8:41 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:57 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:57 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:57 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:20 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:20 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:20 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:19 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:19 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100816.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:19 PM,Info,Intrusion Prevention is monitoring 1269 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:01 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:01 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 7:01 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:18 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:18 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:18 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:15 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:15 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 6:15 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:30 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:30 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:30 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:10 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:10 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 5:10 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 2:39 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 2:39 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/17/2010 2:39 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/16/2010 12:57 AM,High,An intrusion attempt by 61.61.20.132 was blocked.,Blocked,No Action Required,,HTTPS Tidserv Request 2,"61.61.20.132, 443","LUKACOVIC (192.168.0.4, 1821)",61.61.20.132,"TCP, https",
8/14/2010 6:50 PM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/14/2010 6:50 PM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/14/2010 6:50 PM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/14/2010 2:18 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/14/2010 2:18 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100813.004,Detected,No Action Required,Intrusion Prevention,,,,,,
8/14/2010 2:18 AM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
8/13/2010 10:52 PM,High,An intrusion attempt by 85.234.190.57 was blocked.,Blocked,No Action Required,,HTTP Eleonore Executable Download,"85.234.190.57, 80","LUKACOVIC (192.168.0.4, 3728)",85.234.190.57,"TCP, www-http",ccdfr.com/fm/x/l.php?s=0day&
8/13/2010 4:34 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,Intrusion Prevention,,,,,,
8/13/2010 4:34 AM,Info,Intrusion Prevention Engine version: 4.6.0.26 Definitions Set version: 20100809.001,Detected,No Action Required,Intrusion Prevention,,,,,,
8/13/2010 4:34 AM,Info,Intrusion Prevention is monitoring 1268 signatures. Driver version: 9.2.0.98,Detected,No Action Required,Intrusion Prevention,,,,,,
Category: Download Insight
Date & Time,Risk,Activity,Status
8/19/2010 9:59 AM,Low,Download Insight analyzed OTL.exe,Access allowed
8/19/2010 12:03 AM,Info,Download Insight analyzed mbam-setup.exe,Access allowed
8/19/2010 12:00 AM,Info,Download Insight analyzed erunt-setup.exe,Access allowed
8/18/2010 11:52 PM,Info,Download Insight analyzed TFC.exe,Access allowed
8/18/2010 11:52 PM,Info,Download Insight analyzed TFC[1].exe,Access allowed
8/18/2010 6:40 PM,Info,Download Insight analyzed HiJackThis.msi,Access allowed
8/17/2010 6:42 PM,Info,Download Insight analyzed registrybooster[1].exe,Access allowed
Category: Norton Community Watch
Date & Time,Risk,Activity,Status,Recommended Action,Date Updated,Detailed Status,Submitted By,Description,Submission Details
8/19/2010 12:28 AM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Thursday, August 19, 2010 1:09 AM",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.,Norton AntiVirus Online,Norton Community Watch Feedback,"c:\documents and settings\administrator\desktop\gmer\gmer.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 07:09:10 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 11:51 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Thursday, August 19, 2010 12:58 AM",,Norton AntiVirus Online,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 2425 Local Port: 80 Protocol: 6 Signature Set Version: 20100816.001 Application Name: \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE Offending URL: oldtimer.geekstogo.com/TFC.exe Date Detected: Thu, 19 Aug 2010 05:51:48 GMT Application File Checksum: B60DDDD2D63CE41CB8C487FCFBB6419E Application File Information: 8.0.6001.18702 Network Data: 434D50520014000078DAEDCBB10AC2301804E08B9522A893D0C18788AB6B69237550314D973A74D09F225A02DAC1C7370AF50DDCEE83E3B8E1F679968E6360092002940A3D0A193A3901EB79586A86F8B3B18035C7CA94AE294C9A1BDB1487D2F9FBA5BF76F2D0ADC8EDD9FBD6EBB3EFA0A2EF6982E9EF54D9EDCA6D322D2FD9D5202222222222222222A23F7A03D8B11781 Sub-signature ID: 68920 Remote Address: 208.43.44.138 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:58:04 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 11:44 PM,Info,Norton Community Watch Feedback,Waiting,No Action Required,"Thursday, August 19, 2010 12:58 AM",Your item could not be submitted to Symantec at this time. Another attempt will be made shortly.,Norton AntiVirus Online,Norton Community Watch Feedback,"c:\documents and settings\administrator\local settings\temp\rar$ex00.156\gmer.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:58:02 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 11:06 PM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Thursday, August 19, 2010 12:52 AM",,Norton AntiVirus Online,Statistical Submission: Trojan Horse,"CSIDL_PROFILE\local settings\temp\rar$di28.453\fixo.batDetection Digest: 03 00 EA AF 01 01 01 03 00 18 C3 79 57 F5 4A A1 ...........yW.J. 3F 85 F7 A9 F4 26 B4 75 ED 00 00 00 00 49 20 1B ?....&.u.....I . DC 00 00 00 00 D5 2C 00 00 03 21 5D 63 04 03 00 ......,...!]c... 03 32 19 03 05 00 01 02 02 02 01 05 0A 00 57 69 .2............Wi 6E 52 41 52 2E 65 78 65 nRAR.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:51:49 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 11:05 PM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Thursday, August 19, 2010 7:10 AM",,Norton AntiVirus Online,Statistical Submission: Trojan Horse,"CSIDL_PROFILE\local settings\temp\rar$di21.343\fixo.batDetection Digest: 03 00 EA AF 01 01 01 03 00 18 C3 79 57 F5 4A A1 ...........yW.J. 3F 85 F7 A9 F4 26 B4 75 ED 00 00 00 00 49 20 1B ?....&.u.....I . DC 00 00 00 00 D5 2C 00 00 03 21 5D 63 04 03 00 ......,...!]c... 01 32 19 03 05 00 01 02 02 02 01 05 0A 00 57 69 .2............Wi 6E 52 41 52 2E 65 78 65 nRAR.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:51:06 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 11:02 PM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Thursday, August 19, 2010 7:10 AM",,Norton AntiVirus Online,Statistical Submission: Trojan Horse,"CSIDL_PROFILE\desktop\fixo\fixo\fixo.batDetection Digest: 03 00 EA AF 01 01 01 03 00 18 C3 79 57 F5 4A A1 ...........yW.J. 3F 85 F7 A9 F4 26 B4 75 ED 00 00 00 00 49 20 1B ?....&.u.....I . DC 00 00 00 00 D5 2C 00 00 03 21 5D 63 04 03 00 ......,...!]c... 00 32 19 03 05 00 01 02 02 02 01 05 0A 00 57 69 .2............Wi 6E 52 41 52 2E 65 78 65 nRAR.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:50:23 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 10:55 PM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Thursday, August 19, 2010 7:10 AM",,Norton AntiVirus Online,Statistical Submission: Trojan Horse,"CSIDL_PROFILE\desktop\fixo\fixo.batDetection Digest: 03 00 EA AF 01 01 01 02 00 18 C3 79 57 F5 4A A1 ...........yW.J. 3F 85 F7 A9 F4 26 B4 75 ED 00 00 00 00 49 20 1B ?....&.u.....I . DC 00 00 00 00 D5 2C 00 00 03 21 5D 63 04 03 00 ......,...!]c... 00 32 19 03 05 00 01 02 02 02 01 .2......... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 06:50:01 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 7:07 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:17 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:17:21 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 7:05 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:17 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:17:18 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 7:01 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:17 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:17:08 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 6:57 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:17 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:16:57 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 6:03 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:16 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:16:55 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 6:01 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 9:16 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 03 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 05 00 01 02 02 02 01 05 0C 00 77 69 .2............wi 6E 6C 6F 67 6F 6E 2E 65 78 65 nlogon.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Thu, 19 Aug 2010 03:16:43 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 4:38 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, August 18, 2010 4:42 PM",,Norton AntiVirus Online,Norton Community Watch Feedback,"c:\documents and settings\administrator\desktop\ultradefrag-portable-4.3.0.bin.i386\ultradefrag-portable-4.3.0.i386\udefrag-gui-config.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:49 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 4:33 PM,Info,Sample Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Sample Submission: Suspicious.Mystic,"CSIDL_SYSTEM\dllcache\explorer.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:45 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 4:33 PM,Info,Sample Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Sample Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmp OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:38 GMT Product:Norton AntiVirus 17.7.0.12"
8/18/2010 4:30 PM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Norton Community Watch Feedback,"c:\documents and settings\administrator\desktop\ultradefrag-portable-4.3.0.bin.i386\ultradefrag-portable-4.3.0.i386\ultradefrag.exe OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:11 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 9:15 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 02 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:08 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 9:00 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 02 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:02 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 8:53 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 02 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:01 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 8:15 PM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Wednesday, August 18, 2010 4:41 PM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_SYSTEM\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 02 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 30 A2 66 1D 04 03 00 ...M#....0.f.... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Wed, 18 Aug 2010 22:41:01 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 3:55 AM,Info,Statistical Submission: Downloader,Submitted,No Action Required,"Tuesday, August 17, 2010 10:18 AM",,Norton AntiVirus Online,Statistical Submission: Downloader,"javaupdatemanager.class Detection Digest: 03 00 EA AF 01 01 01 02 00 DB C0 AD B9 A3 7A 7D ..............z} 6D F2 1C 88 9B B8 2F FC 51 00 00 00 00 06 3B E7 m...../.Q.....;. C6 00 00 00 00 78 15 00 00 E5 26 9A 67 04 03 00 .....x....&.g... 01 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Tue, 17 Aug 2010 10:14:45 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 3:55 AM,Info,Statistical Submission: Downloader,Submitted,No Action Required,"Tuesday, August 17, 2010 10:18 AM",,Norton AntiVirus Online,Statistical Submission: Downloader,"javaupdateapplication.class Detection Digest: 03 00 EA AF 01 01 01 02 00 65 18 D0 BC FD C8 F7 .........e...... 40 03 F8 95 A7 F8 BA 85 8C 00 00 00 00 B7 1A 37 @..............7 F5 00 00 00 00 6E 02 00 00 B5 10 B9 81 04 03 00 .....n.......... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Tue, 17 Aug 2010 10:15:05 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 3:55 AM,Info,Statistical Submission: Downloader,Submitted,No Action Required,"Tuesday, August 17, 2010 4:14 AM",,Norton AntiVirus Online,Statistical Submission: Downloader,"javaupdatemanager.class Detection Digest: 03 00 EA AF 01 01 01 02 00 DB C0 AD B9 A3 7A 7D ..............z} 6D F2 1C 88 9B B8 2F FC 51 00 00 00 00 06 3B E7 m...../.Q.....;. C6 00 00 00 00 78 15 00 00 E5 26 9A 67 04 03 00 .....x....&.g... 01 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Tue, 17 Aug 2010 10:14:40 GMT Product:Norton AntiVirus 17.7.0.12"
8/17/2010 3:55 AM,Info,Statistical Submission: Downloader,Submitted,No Action Required,"Tuesday, August 17, 2010 4:14 AM",,Norton AntiVirus Online,Statistical Submission: Downloader,"javaupdateapplication.class Detection Digest: 03 00 EA AF 01 01 01 02 00 65 18 D0 BC FD C8 F7 .........e...... 40 03 F8 95 A7 F8 BA 85 8C 00 00 00 00 B7 1A 37 @..............7 F5 00 00 00 00 6E 02 00 00 B5 10 B9 81 04 03 00 .....n.......... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Tue, 17 Aug 2010 10:14:31 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 4:39 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Tuesday, August 17, 2010 4:18 AM",,Norton AntiVirus Online,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 2174 Local Port: 80 Protocol: 6 Signature Set Version: 20100813.004 Application Name: \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\APPLICATION\CHROME.EXE Offending URL: software-files-l.cnet.com/s/software/11/32/83/46/wrar393.exe?e=1282019942&h=e9fe7218a8f45d59471caba90c0571c8&lop=link&ptype=1901&ontid=2250&siteId=4&edId=3&spi=cb1720272c479d46cd76402a262bb519&pid=11328346&psid=10007677&fileName=wrar393.exe Date Detected: Mon, 16 Aug 2010 22:39:10 GMT Application File Checksum: AE4FDCD118E80F22F122AAAD87E92769 Application File Information: 0.0.0.0 Network Data: 434D50520014000078DAEDD0CB4AC3401406E0131537DE1682A00F30BB762E99643242284523EDC25BAA08BA286932A5C1B4094DA0FA5EBE8BAFE3B46811572EDC08E783E164203F877FAECECFBA5BDB002700B009E038766ED8B39C5BF61C3D01F87BF6E6EC81FD0D1EE008E2E8F63E1ADC0D7B51F73C8A87717411C5513C699AEA94D2AC5CCC8A32C9DAE9CC34EDB49C529731DE12C26343D9E28C31E52BD59E34D3A2535779988EB8124C28914AA533E9A799F2251389F0C568E4710DCEEE6AF1311CFE5CDCBB1EDCD5E5B8592473D31AE785A95BC57A2D3807ABDC1BECAF7337DDB87B39E898908B4030AEB51464121A3D364AF02009C6D2CB3C2D154F9351A259CA3CFB1990A2ACC2229F3D93AA79AD6C58334ECA599367E1B215A9F3C6F4B3501293D9E192DFB422954D73EE8AC0953EA9EAE5EDF369C8B2C9553235E1629ECC5DEDB6CD8B016773D5E61D76D66DEEE33EADE9D70350CEA92B68E052E9D36FC9FFD8F6F21110420821841042082184D0DFF8008C42ADA9 Sub-signature ID: 68918 Remote Address: 68.142.122.114 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Tue, 17 Aug 2010 01:53:08 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:59 AM,Info,Sample Submission: Suspicious.Mystic,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Sample Submission: Suspicious.Mystic,"CSIDL_WINDOWS\temp.tmp OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:19 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:58 AM,Info,Statistical Submission: Trojan Horse,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Trojan Horse,"CSIDL_PROFILE\local settings\temp\axromecsnw.tmpDetection Digest: 03 00 EA AF 01 01 01 02 00 05 05 37 1F 3A 0F 9A ...........7.:.. 0C 26 06 F8 A6 EF 53 5C CF 00 00 00 00 52 2B F7 .&....S\.....R+. F7 05 56 A7 3E 00 00 00 00 E9 4D 69 08 04 03 00 ..V.>.....Mi.... 01 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:19 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: Suspicious.Mystic,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Suspicious.Mystic,"CSIDL_WINDOWS\temp.tmpDetection Digest: 03 00 EA AF 0A 01 00 02 00 00 00 00 00 83 AC 71 ...............q 92 E8 8B 4D 23 00 00 00 00 5E 3F DF 74 04 03 00 ...M#....^?.t... 05 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:18 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: Downloader.Harnig!gen1,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Downloader.Harnig!gen1,"CSIDL_PROFILE\local settings\temp\moercsaxwn.tmpDetection Digest: 03 00 EA AF 04 01 00 02 00 00 00 00 00 CE 8B C8 ................ 9C ED EF 93 82 00 00 00 00 B1 9F 00 8D 04 03 00 ................ 04 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:09 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,IPS Detection Statistical Submission,"Signature ID: 23615 Local or Remote Attacker: 2 Remote Port: 443 Local Port: 1821 Protocol: 6 Signature Set Version: 20100813.004 Application Name: \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WAMXSREOCN.TMP Offending URL: Date Detected: Mon, 16 Aug 2010 06:57:47 GMT Network Data: 4E444341040600001A00000003000001010000008C00000001000000000000003F5C0000A90E010030818902818100B37CCD3C94B837849CD26474FBC6494630E17E99D7C43B2DC4876DC33EEC7E52612166C8B7CB2DBE4FDA5183DFDF7F561F97B2377140F1014D2DF8ECA80C1F5D50152AF28BC6BAB557B843B0A5C84E35D628DC01B65578EC7A1CBC5FA9B1A18757F3DFEA6219D1A4B82A9150BBAEA3D54158ED02E912C628B012F6F2E619A3450203010001 Sub-signature ID: 69289 Remote Address: 61.61.20.132 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:04 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: Backdoor.Tidserv,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Backdoor.Tidserv,"CSIDL_PROFILE\local settings\temp\320.tmpDetection Digest: 03 00 EA AF 01 01 01 02 00 FA F3 DA 7C B4 B2 6B ............|..k F7 75 EE 40 BA D5 91 07 BA 00 00 00 00 83 AC 71 [email protected] 92 10 D9 B3 57 00 00 00 00 CE 72 C1 73 04 03 00 ....W.....r.s... 01 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:03 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: Backdoor.Tidserv,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Backdoor.Tidserv,"CSIDL_PROFILE\local settings\temp\322.tmpDetection Digest: 03 00 EA AF 01 01 01 02 00 FA F3 DA 7C B4 B2 6B ............|..k F7 75 EE 40 BA D5 91 07 BA 00 00 00 00 83 AC 71 [email protected] 92 10 D9 B3 57 00 00 00 00 CE 72 C1 73 04 03 00 ....W.....r.s... 01 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:03 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: Backdoor.Tidserv,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: Backdoor.Tidserv,"CSIDL_PROFILE\local settings\temp\321.tmpDetection Digest: 03 00 EA AF 01 01 01 02 00 FA F3 DA 7C B4 B2 6B ............|..k F7 75 EE 40 BA D5 91 07 BA 00 00 00 00 83 AC 71 [email protected] 92 10 D9 B3 57 00 00 00 00 CE 72 C1 73 04 03 00 ....W.....r.s... 03 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:02 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Statistical Submission: CoreGuardAntivirus2009,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Statistical Submission: CoreGuardAntivirus2009,"CSIDL_PROFILE\local settings\temp\amsxwnorce.tmpDetection Digest: 03 00 EA AF 09 02 01 02 00 B1 7D BB 66 34 24 D5 ..........}.f4$. 8E 82 84 72 59 D9 F4 E4 1F 00 00 00 00 22 54 5A ...rY........\"TZ 62 15 38 CA 32 00 00 00 00 11 60 17 8C 04 03 00 b.8.2.....`..... 00 32 19 03 03 00 01 02 02 .2....... OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:02:01 GMT Product:Norton AntiVirus 17.7.0.12"
8/16/2010 12:57 AM,Info,Norton Community Watch Feedback,Submitted,No Action Required,"Monday, August 16, 2010 2:02 AM",,Norton AntiVirus Online,Norton Community Watch Feedback,"c:\documents and settings\administrator\local settings\temp\wamxsreocn.tmp OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Mon, 16 Aug 2010 08:01:59 GMT Product:Norton AntiVirus 17.7.0.12"
8/13/2010 10:52 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Saturday, August 14, 2010 2:18 AM",,Norton AntiVirus Online,IPS Detection Statistical Submission,"Signature ID: 23511 Local or Remote Attacker: 2 Remote Port: 80 Local Port: 3728 Protocol: 6 Signature Set Version: 20100809.001 Application Name: \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\JAVA\JRE6\BIN\JAVAW.EXE Offending URL: ccdfr.com/fm/x/l.php?s=0day& Date Detected: Sat, 14 Aug 2010 04:52:39 GMT Application File Checksum: B427962BDB196D132AF50F6C7B78380D Application File Information: 6.0.180.7 Network Data: 434D50520014000078DAEDCA410A824018C5F137295114B570D7015A3A1DA08821076C61E5A89B5A4828D222496A5327ED3A0D465EA0EDFBC1C7C783FF2ED828B70FCC00388010F6F7EC89EFC6FB042C5DBBC41836C3101E8C8E339DA479A855A04D1EEE93B428CAEAEE17B71A62DA76034CBAEEA08C8A92F563B528CFAF3984D3161E465D9199ADAC6AF99457BFB934BF323A82888888888888888888FEF001BAD31DA4 Sub-signature ID: 66620 Remote Address: 85.234.190.57 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Sat, 14 Aug 2010 08:18:33 GMT Product:Norton AntiVirus 17.7.0.12"
8/13/2010 10:52 PM,Info,IPS Detection Statistical Submission,Submitted,No Action Required,"Saturday, August 14, 2010 2:18 AM",,Norton AntiVirus Online,IPS Detection Statistical Submission,"Signature ID: 23318 Local or Remote Attacker: 1 Remote Port: 3728 Local Port: 80 Protocol: 6 Signature Set Version: 20100809.001 Application Name: \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\JAVA\JRE6\BIN\JAVAW.EXE Offending URL: ccdfr.com/fm/x/l.php?s=0day& Date Detected: Sat, 14 Aug 2010 04:52:39 GMT Application File Checksum: B427962BDB196D132AF50F6C7B78380D Application File Information: 6.0.180.7 Network Data: 434D50520014000078DAEDCACD0A82401885E1331951F4B7105A74012DB5659B8821076C61D68C6E6A21A1488B24A94DDD7D839137D0F63CF0F171E0DD075BD9ED0173000E2084FD1D7BE2BB313B03ABB15D62049B6100175A1D5365922C5432503A0B6393E479513EBCFC5E414C9BAE8F49DB1DA49691D93CD7CBE2F25E40384DE162D816A9DEF965E5BFFC9B575FEB5F199D404444444444444444447FF80021641CE8 Sub-signature ID: 68920 Remote Address: 85.234.190.57 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Sat, 14 Aug 2010 08:18:29 GMT Product:Norton AntiVirus 17.7.0.12"
8/13/2010 5:37 AM,Info,IPS Statistical Submission,Submitted,No Action Required,"Friday, August 13, 2010 6:06 AM",,Norton AntiVirus Online,IPS Statistical Submission,"Signature ID: DLLMM Signature Set Version: 20100809.001 Application Name: C:\WINDOWS\system32\mshtml.dll Date Detected: Fri, 13 Aug 2010 11:37:45 GMT Application File Checksum: D4DF8DBDB4D0E4B2807E30B42C8E9979 Application File Information: 8.0.6001.18939 Flags: 0x00000001 OS-Country:1 OS-Language:English Processor:x86 Family 15 Model 2 Stepping 4 System:Windows XP build 2600 Service Pack 3 Platform-GUID:EE290B34-8191-11DF-B155-000347E699B7 DateSubmitted:Fri, 13 Aug 2010 12:06:47 GMT Product:Norton AntiVirus 17.7.0.12"
Category: Norton Product Tamper Protection
Date & Time,Risk,Activity,Status,Recommended Action,Date,Actor,Actor PID,Target,Target PID,Action,Reaction
8/19/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2132,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2776,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4028,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3580,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2428,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,464,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1252,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1804,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3896,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3992,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 12:28 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, August 19, 2010 12:28 AM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\GMER\GMER.EXE,3864,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Access Process Data,Unauthorized access blocked
8/19/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2776,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,836,Open Process Token,Unauthorized access blocked
8/19/2010 12:21 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Thursday, August 19, 2010 12:21 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,924,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2432,Duplicate Object,Unauthorized access blocked
8/19/2010 12:08 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, August 19, 2010 12:08 AM",C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM.EXE,3004,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,368,Access Process Data,Unauthorized access blocked
8/19/2010 12:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, August 19, 2010 12:05 AM",C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM.EXE,3004,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3640,Access Process Data,Unauthorized access blocked
8/19/2010 12:05 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Thursday, August 19, 2010 12:05 AM",C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM.EXE,3004,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,368,Access Process Data,Unauthorized access blocked
8/19/2010 12:00 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 19, 2010 12:00 AM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,2564,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3640,Open Process Token,Unauthorized access blocked
8/18/2010 11:57 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, August 18, 2010 11:57 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,920,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3640,Duplicate Object,Unauthorized access blocked
8/18/2010 11:57 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 11:57 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3700,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,368,Open Process Token,Unauthorized access blocked
8/18/2010 11:57 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 11:57 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,380,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,368,Open Process Token,Unauthorized access blocked
8/18/2010 11:54 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:54 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\TFC.EXE,3788,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 11:52 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 11:52 PM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,2212,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2624,Open Process Token,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2624,Access Process Data,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2624,Access Process Data,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\mcui32.exe,3376,Access Process Data,Unauthorized access blocked
8/18/2010 11:46 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:46 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\mcui32.exe,3376,Access Process Data,Unauthorized access blocked
8/18/2010 11:44 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 11:44 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\RAR$EX00.156\GMER.EXE,2688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2768,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Open Process Token,Unauthorized access blocked
8/18/2010 10:56 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 10:56 PM",C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\FIXO\PROCESS.EXE,2524,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Open Process Token,Unauthorized access blocked
8/18/2010 10:36 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 10:36 PM",C:\WINDOWS\INSTALLER\MSI13.TMP,2484,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 10:35 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 10:35 PM",C:\WINDOWS\INSTALLER\MSI13.TMP,2484,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 10:35 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 10:35 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,3392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 10:35 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 10:35 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,3392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 10:35 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Wednesday, August 18, 2010 10:35 PM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,3392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Access Process Data,Unauthorized access blocked
8/18/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2332,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Open Process Token,Unauthorized access blocked
8/18/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1504,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1132,Open Process Token,Unauthorized access blocked
8/18/2010 8:58 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, August 18, 2010 8:58 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,920,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2624,Duplicate Object,Unauthorized access blocked
8/18/2010 7:05 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 7:05 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3848,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,576,Open Process Token,Unauthorized access blocked
8/18/2010 7:05 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, August 18, 2010 7:05 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,912,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3504,Duplicate Object,Unauthorized access blocked
8/18/2010 6:53 PM,Medium,Unauthorized access blocked (Send Terminate Message to Window),Blocked,No Action Required,"Wednesday, August 18, 2010 6:53 PM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,2104,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,592,Send Terminate Message to Window,Unauthorized access blocked
8/18/2010 6:40 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 6:40 PM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,2104,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,592,Open Process Token,Unauthorized access blocked
8/18/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3632,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,820,Open Process Token,Unauthorized access blocked
8/18/2010 5:54 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, August 18, 2010 5:54 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,928,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,592,Duplicate Object,Unauthorized access blocked
8/18/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2828,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,820,Open Process Token,Unauthorized access blocked
8/18/2010 4:29 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Wednesday, August 18, 2010 4:29 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,928,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,592,Duplicate Object,Unauthorized access blocked
8/18/2010 4:29 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Wednesday, August 18, 2010 4:29 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1312,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,820,Open Process Token,Unauthorized access blocked
8/17/2010 9:16 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Tuesday, August 17, 2010 9:16 PM",C:\WINDOWS\SYSTEM32\DRWTSN32.EXE,336,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,816,Access Process Data,Unauthorized access blocked
8/17/2010 9:14 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 9:14 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1716,Duplicate Object,Unauthorized access blocked
8/17/2010 9:14 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 9:14 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1204,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,816,Open Process Token,Unauthorized access blocked
8/17/2010 9:00 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 9:00 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,564,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,444,Open Process Token,Unauthorized access blocked
8/17/2010 8:53 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 8:53 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2464,Duplicate Object,Unauthorized access blocked
8/17/2010 8:53 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Tuesday, August 17, 2010 8:53 PM",C:\WINDOWS\SYSTEM32\DRWTSN32.EXE,3400,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,840,Access Process Data,Unauthorized access blocked
8/17/2010 8:51 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 8:51 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2464,Duplicate Object,Unauthorized access blocked
8/17/2010 8:48 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 8:48 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2540,Duplicate Object,Unauthorized access blocked
8/17/2010 8:41 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 8:41 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,912,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2468,Duplicate Object,Unauthorized access blocked
8/17/2010 8:17 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Tuesday, August 17, 2010 8:17 PM",C:\WINDOWS\SYSTEM32\DRWTSN32.EXE,1828,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1108,Access Process Data,Unauthorized access blocked
8/17/2010 8:09 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 8:09 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2532,Duplicate Object,Unauthorized access blocked
8/17/2010 7:57 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 7:57 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2532,Duplicate Object,Unauthorized access blocked
8/17/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3384,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1048,Open Process Token,Unauthorized access blocked
8/17/2010 7:24 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 7:24 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2484,Duplicate Object,Unauthorized access blocked
8/17/2010 7:21 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 7:21 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2484,Duplicate Object,Unauthorized access blocked
8/17/2010 7:01 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 7:01 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2512,Duplicate Object,Unauthorized access blocked
8/17/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3788,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1104,Open Process Token,Unauthorized access blocked
8/17/2010 6:18 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 6:18 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2596,Duplicate Object,Unauthorized access blocked
8/17/2010 6:15 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 6:15 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2600,Duplicate Object,Unauthorized access blocked
8/17/2010 5:30 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 5:30 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2576,Duplicate Object,Unauthorized access blocked
8/17/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2716,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1104,Open Process Token,Unauthorized access blocked
8/17/2010 5:10 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 5:10 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2052,Duplicate Object,Unauthorized access blocked
8/17/2010 4:52 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 4:52 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2656,Duplicate Object,Unauthorized access blocked
8/17/2010 4:49 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 4:49 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2672,Duplicate Object,Unauthorized access blocked
8/17/2010 4:40 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 4:40 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2672,Duplicate Object,Unauthorized access blocked
8/17/2010 4:35 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 4:35 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2672,Duplicate Object,Unauthorized access blocked
8/17/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,676,Open Process Token,Unauthorized access blocked
8/17/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4088,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,676,Open Process Token,Unauthorized access blocked
8/17/2010 2:40 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 2:40 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2100,Duplicate Object,Unauthorized access blocked
8/17/2010 2:40 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 2:40 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,708,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,676,Open Process Token,Unauthorized access blocked
8/17/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3256,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,636,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4000,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2504,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4016,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,128,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2296,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3320,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3684,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3008,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3144,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2992,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2448,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1696,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,364,Open Process Token,Unauthorized access blocked
8/17/2010 1:03 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Tuesday, August 17, 2010 1:03 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,908,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,2996,Duplicate Object,Unauthorized access blocked
8/17/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Tuesday, August 17, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2324,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2776,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1960,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3940,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 8:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 8:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3392,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1872,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2620,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1820,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,604,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2520,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2184,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1580,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2800,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,596,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2704,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2836,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2548,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2800,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3724,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1044,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2900,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3592,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2204,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3864,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3892,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/16/2010 12:58 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 12:58 AM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,3012,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3684,Open Process Token,Unauthorized access blocked
8/16/2010 12:58 AM,Medium,Unauthorized access blocked (Send Terminate Message to Window),Blocked,No Action Required,"Monday, August 16, 2010 12:58 AM",C:\WINDOWS\SYSTEM32\CTFMON.EXE,3012,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3684,Send Terminate Message to Window,Unauthorized access blocked
8/16/2010 12:43 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Monday, August 16, 2010 12:43 AM",C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE,3520,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Access Process Data,Unauthorized access blocked
8/16/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Monday, August 16, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,776,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3004,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2180,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2992,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 8:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 8:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2504,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3164,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1340,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1620,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2980,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3520,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2544,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3376,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1480,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2940,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3820,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3528,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2952,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2396,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3108,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,744,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3792,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2176,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1900,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,688,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1140,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/15/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Sunday, August 15, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3136,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3064,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2228,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3696,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 8:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 8:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3124,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2976,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 6:51 PM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Saturday, August 14, 2010 6:51 PM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,904,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3684,Duplicate Object,Unauthorized access blocked
8/14/2010 6:51 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 6:51 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3820,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,420,Open Process Token,Unauthorized access blocked
8/14/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1936,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3944,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2836,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1268,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2292,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3824,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3244,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2636,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2548,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3344,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3996,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3232,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3456,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2608,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1372,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3556,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3332,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2140,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2660,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/14/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Saturday, August 14, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1564,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2456,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3108,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 9:48 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 9:48 PM",C:\WINDOWS\SYSTEM32\DRWTSN32.EXE,420,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Access Process Data,Unauthorized access blocked
8/13/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3152,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 8:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 8:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2472,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1352,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 7:17 PM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 7:17 PM",C:\WINDOWS\SYSTEM32\DRWTSN32.EXE,2576,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Access Process Data,Unauthorized access blocked
8/13/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2784,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,416,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3236,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1604,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2088,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,4024,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3932,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3868,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 10:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 10:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1272,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3992,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 9:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 9:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,892,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 8:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 8:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2064,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 7:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 7:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3944,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 6:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 6:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,1272,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 5:36 AM,Medium,Unauthorized access blocked (Duplicate Object),Blocked,No Action Required,"Friday, August 13, 2010 5:36 AM",C:\WINDOWS\SYSTEM32\SERVICES.EXE,912,\Device\HarddiskVolume1\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,1424,Duplicate Object,Unauthorized access blocked
8/13/2010 5:35 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 5:35 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2076,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 5:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 5:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3792,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,396,Open Process Token,Unauthorized access blocked
8/13/2010 4:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 4:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3240,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/13/2010 4:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:09 AM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,1656,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 4:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:09 AM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,1656,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 4:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:09 AM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,1656,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 4:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:09 AM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,1656,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,3700,Access Process Data,Unauthorized access blocked
8/13/2010 4:09 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:09 AM",C:\WINDOWS\SYSTEM32\MSIEXEC.EXE,1656,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 4:03 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:03 AM",C:\WINDOWS\SYSTEM32\MRT.EXE,684,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 4:03 AM,Medium,Unauthorized access blocked (Access Process Data),Blocked,No Action Required,"Friday, August 13, 2010 4:03 AM",C:\WINDOWS\SYSTEM32\MRT.EXE,684,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Access Process Data,Unauthorized access blocked
8/13/2010 3:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 3:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,984,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/13/2010 2:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 2:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3492,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/13/2010 1:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 1:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2144,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/13/2010 12:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Friday, August 13, 2010 12:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3444,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 11:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 11:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3564,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 10:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 10:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,604,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 9:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 9:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3428,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 8:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 8:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3664,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 7:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 7:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,524,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 6:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 6:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2340,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 5:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 5:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,312,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 4:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 4:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,2324,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 3:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 3:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3992,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 2:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 2:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3752,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 1:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 1:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,284,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 12:25 PM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 12:25 PM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,252,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
8/12/2010 11:25 AM,Medium,Unauthorized access blocked (Open Process Token),Blocked,No Action Required,"Thursday, August 12, 2010 11:25 AM",C:\PROGRAM FILES\GOOGLE\UPDATE\GOOGLEUPDATE.EXE,3564,C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe,424,Open Process Token,Unauthorized access blocked
Category: Silent Mode
Date & Time,Risk,Activity,Status
8/17/2010 12:59 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/17/2010 12:38 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/17/2010 12:31 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/17/2010 12:10 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/17/2010 12:10 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 11:48 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 11:48 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 11:24 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 5:30 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 5:07 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 5:03 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 4:42 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 4:37 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 4:11 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 4:11 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 4:07 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 1:49 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 1:33 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 1:33 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 1:28 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 12:28 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/16/2010 12:07 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/16/2010 12:06 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 11:45 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 11:45 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 11:24 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 11:24 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 11:01 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 10:59 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 10:59 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 8:43 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 8:37 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 8:36 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 8:32 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 1:52 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/15/2010 1:31 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/15/2010 12:16 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 11:55 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 11:54 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 11:36 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 11:32 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 11:32 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 11:32 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 11:10 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 4:58 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 4:46 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 4:44 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 4:22 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 4:21 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 4:21 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:57 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 1:36 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:35 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 1:14 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:10 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 12:47 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 12:46 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 12:22 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 12:17 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 11:56 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:54 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 1:31 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:31 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 1:09 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 1:09 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/14/2010 12:45 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/14/2010 12:10 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 11:48 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 11:17 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 11:14 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 11:13 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:54 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 10:54 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:54 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 10:50 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:30 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 10:29 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:10 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 10:10 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:10 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 10:10 PM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 10:07 PM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 1:56 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 1:40 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 1:40 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 1:38 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 1:37 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 1:35 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed
8/13/2010 1:35 AM,Info,A program exited full-screen mode. Silent Mode is off.,Completed
8/13/2010 1:34 AM,Info,A program entered full-screen mode. Silent Mode is on.,Completed