Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost.exe


  • This topic is locked This topic is locked
11 replies to this topic

#1 tystik

tystik

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 02:49 PM

i recently picked up a svchost.exe. in my startup folder that will not allow me to shut limewire down. no sooner than i close it out it opens again on its own. i have checked all the settings to make sure the program didnt get set to start automatically. i also uninstalled and reinstalled to no avail. i did get it to cut and paste out of the start up folder. i can no longer get my task manager to come up either. my computer seems to work fine otherwise. its just the limewire program and the pesky svchost file i now have on my desktop. i ran hijack this . below is a copy. i would greatly appreciate some advice as to what caused this and how can i get rid of it or put it back where it belongs...i am not sure this was the right place to post this if not please direct me to the righ topic.. thanks

i run zone alarm, xoftspy se, adware se , windows defender, regcure, plus nortons corp edition antivirus.

Logfile of HijackThis v1.99.1
Scan saved at 2:44:00 PM, on 12/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\ActivCard\acachsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe
C:\Program Files\Common Files\ActivCard\acautoreg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\Ty\My Documents\Downloads\Programs\Spyware fixes\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/explore.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/explore.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [masqform.exe] C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -UpdateCurrentUser
O4 - HKLM\..\Run: [EPSON Stylus CX4600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9AA.EXE /P26 "EPSON Stylus CX4600 Series" /O6 "USB001" /M "Stylus CX4600"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [acEventServ] "C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: ActivCard Gold Smart Card Agent.lnk = C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://filelodge.bolt.com/ImageUploader3.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/Fuj...ploadClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: acAuth - C:\WINDOWS\SYSTEM32\acauth.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ActivCard Authentication Service (ACachSrv) - ActivCard - C:\Program Files\Common Files\ActivCard\acachsrv.exe
O23 - Service: ActivCard Gold Autoregister (acautoreg) - ActivCard S.A. - C:\Program Files\Common Files\ActivCard\acautoreg.exe
O23 - Service: ActivCard Gold service (Accoca) - ActivCard - C:\Program Files\Common Files\ActivCard\accoca.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\PROGRA~1\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Edited by tystik, 26 December 2006 - 02:53 PM.


BC AdBot (Login to Remove)

 


m

#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:43 PM

Posted 26 December 2006 - 04:35 PM

Hello tystik and welcome to the BC HijackThis forum. I do not see anything in this log that would start a rouge svchost.exe. Let's try a different scanner and see what it shows us.

Download WinPFind3U.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind3u on your desktop.
  • Open the WinPFind3u folder and double-click on WinPFind3U.exe to start the program.
    • In the Processes group click All
    • In the Win32 Services group select All
    • In the Files Created Within group click 30 days
    • In the Files Modified Within group select 30 days
    • In the File String Search group select Non-Microsoft
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. If the log is too big to fit into a single post then split it into 2 posts.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#3 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 06:29 PM

Old Timer - Here is the first part of the log:

WinPFind3 logfile created on: 12/26/2006 6:20:38 PM
WinPFind3U by OldTimer - Version 1.0.3 Folder = C:\Documents and Settings\Ty\Desktop\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)


[Processes - All]
smss.exe -> C:\WINDOWS\system32\smss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50688 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
csrss.exe -> C:\WINDOWS\system32\csrss.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6144 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
winlogon.exe -> C:\WINDOWS\system32\winlogon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 502272 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
services.exe -> C:\WINDOWS\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
lsass.exe -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K DCOMLAUNCH] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\system32\rpcss.dll [DcomLaunch] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:50 PM | Attr = ]
-> C:\WINDOWS\System32\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\termsrv.dll [TermService] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 295424 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST -K RPCSS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\system32\rpcss.dll [RpcSs] -> Microsoft Corporation [Ver = 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) | Size = 397824 bytes | Modified Date = 7/25/2005 11:39:50 PM | Attr = ]
msmpeng.exe -> C:\Program Files\Windows Defender\MsMpEng.exe -> Microsoft Corporation [Ver = 1.1.1593.0 | Size = 13592 bytes | Modified Date = 11/3/2006 6:19:58 PM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETSVCS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\System32\appmgmts.dll [AppMgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 167936 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\audiosrv.dll [AudioSrv] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 42496 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\qmgr.dll [BITS] -> Microsoft Corporation [Ver = 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 382464 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\browser.dll [Browser] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 77312 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\cryptsvc.dll [CryptSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 60416 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\dhcpcsvc.dll [Dhcp] -> Microsoft Corporation [Ver = 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) | Size = 111616 bytes | Modified Date = 5/19/2006 7:59:42 AM | Attr = ]
-> C:\WINDOWS\System32\dmserver.dll [dmserver] -> Microsoft Corp. [Ver = 2600.2180.503.0 | Size = 23552 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\ersvc.dll [ERSvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 23040 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\es.dll [EventSystem] -> Microsoft Corporation [Ver = 2001.12.4414.308 | Size = 243200 bytes | Modified Date = 7/25/2005 11:39:46 PM | Attr = ]
-> C:\WINDOWS\System32\shsvcs.dll [FastUserSwitchingCompatibility] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll [helpsvc] -> File not found
-> C:\WINDOWS\System32\hidserv.dll [HidServ] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 21504 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\srvsvc.dll [lanmanserver] -> Microsoft Corporation [Ver = 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729) | Size = 96768 bytes | Modified Date = 12/7/2004 2:32:34 PM | Attr = ]
-> C:\WINDOWS\System32\wkssvc.dll [lanmanworkstation] -> Microsoft Corporation [Ver = 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106) | Size = 132096 bytes | Modified Date = 8/17/2006 7:28:28 AM | Attr = ]
-> C:\WINDOWS\System32\msgsvc.dll [Messenger] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33792 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\netman.dll [Netman] -> Microsoft Corporation [Ver = 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525) | Size = 197632 bytes | Modified Date = 8/22/2005 1:29:46 PM | Attr = ]
-> C:\WINDOWS\System32\mswsock.dll [Nla] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 245248 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\system32\ntmssvc.dll [NtmsSvc] -> Microsoft Corporation [Ver = 5.1.2400.2180 | Size = 435200 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\rasauto.dll [RasAuto] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89088 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\rasmans.dll [RasMan] -> Microsoft Corporation [Ver = 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343) | Size = 181248 bytes | Modified Date = 5/14/2006 3:44:08 AM | Attr = ]
-> C:\WINDOWS\System32\mprdim.dll [RemoteAccess] -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 49152 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
-> C:\WINDOWS\system32\schedsvc.dll [Schedule] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 190976 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\seclogon.dll [seclogon] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18944 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\system32\sens.dll [SENS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 38912 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\ipnathlp.dll [SharedAccess] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\shsvcs.dll [ShellHWDetection] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\srsvc.dll [srservice] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 170496 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\tapisrv.dll [TapiSrv] -> Microsoft Corporation [Ver = 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657) | Size = 249344 bytes | Modified Date = 7/8/2005 11:27:56 AM | Attr = ]
-> C:\WINDOWS\System32\shsvcs.dll [Themes] -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 134656 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\system32\trkwks.dll [TrkWks] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 90624 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\w32time.dll [W32Time] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 174592 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\system32\wbem\WMIsvc.dll [winmgmt] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\system32\MsPMSNSv.dll [WmdmPmSN] -> Microsoft Corporation [Ver = 11.0.5721.5145 | Size = 27136 bytes | Modified Date = 10/18/2006 9:47:16 PM | Attr = ]
-> C:\WINDOWS\System32\advapi32.dll [Wmi] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 616960 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\system32\wscsvc.dll [wscsvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 81408 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\system32\wuauserv.dll [wuauserv] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\wzcsvc.dll [WZCSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 359936 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\xmlprov.dll [xmlprov] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
incdsrv.exe -> C:\Program Files\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 4:06:38 PM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K NETWORKSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\System32\dnsrslvr.dll [Dnscache] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 45568 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K LOCALSERVICE] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\system32\alrsvc.dll [Alerter] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 17408 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\System32\lmhsvc.dll [LmHosts] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13824 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
-> C:\WINDOWS\system32\regsvc.dll [RemoteRegistry] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 59904 bytes | Modified Date = 8/4/2004 2:56:44 AM | Attr = ]
-> C:\WINDOWS\System32\ssdpsrv.dll [SSDPSRV] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 71680 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
-> C:\WINDOWS\System32\upnphost.dll [upnphost] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 185344 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]

#4 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 06:30 PM

Here's another part:

-> C:\WINDOWS\System32\webclnt.dll [WebClient] -> Microsoft Corporation [Ver = 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536) | Size = 68096 bytes | Modified Date = 1/3/2006 10:35:06 PM | Attr = ]
ccsetmgr.exe -> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 169632 bytes | Modified Date = 3/7/2006 12:03:02 PM | Attr = ]
explorer.exe -> C:\WINDOWS\explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1032192 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
ccevtmgr.exe -> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 192160 bytes | Modified Date = 3/7/2006 12:02:34 PM | Attr = ]
spoolsv.exe -> C:\WINDOWS\system32\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 6:53:32 PM | Attr = ]
scardsvr.exe -> C:\WINDOWS\system32\scardsvr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95744 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
incd.exe -> C:\Program Files\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 4:06:50 PM | Attr = ]
rundll32.exe -> C:\WINDOWS\system32\rundll32.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
type32.exe -> C:\Program Files\Microsoft IntelliType Pro\type32.exe -> Microsoft Corporation [Ver = 5.20.413.0 | Size = 172032 bytes | Modified Date = 6/3/2004 3:51:28 AM | Attr = ]
logitray.exe -> C:\Program Files\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 217088 bytes | Modified Date = 1/18/2005 4:37:30 PM | Attr = ]
ccapp.exe -> C:\Program Files\Common Files\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 53408 bytes | Modified Date = 3/7/2006 12:02:14 PM | Attr = ]
vptray.exe -> C:\Program Files\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 124656 bytes | Modified Date = 3/17/2006 5:34:30 AM | Attr = ]
rundll32.exe -> C:\WINDOWS\system32\rundll32.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
ituneshelper.exe -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 278528 bytes | Modified Date = 12/20/2005 7:54:48 PM | Attr = ]
icqlite.exe -> C:\Program Files\ICQLite\ICQLite.exe -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 5:06:40 AM | Attr = ]
acachsrv.exe -> C:\Program Files\Common Files\ActivCard\acachsrv.exe -> ActivCard [Ver = 1, 0, 34, 0 | Size = 135168 bytes | Modified Date = 12/17/2002 7:38:20 AM | Attr = ]
opwarese2.exe -> C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe -> ScanSoft, Inc. [Ver = 12.0 | Size = 49152 bytes | Modified Date = 5/8/2003 10:00:58 AM | Attr = ]
lvcomsx.exe -> C:\WINDOWS\system32\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 10/8/2004 10:52:32 AM | Attr = ]
acautoreg.exe -> C:\Program Files\Common Files\ActivCard\acautoreg.exe -> ActivCard S.A. [Ver = 2, 0, 4, 0 | Size = 53248 bytes | Modified Date = 11/29/2002 1:43:58 PM | Attr = ]
zlclient.exe -> C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 6.5.737.000 | Size = 968696 bytes | Modified Date = 8/23/2006 10:38:28 PM | Attr = ]
msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> Microsoft Corporation [Ver = 1.1.1593.0 | Size = 866584 bytes | Modified Date = 11/3/2006 6:20:12 PM | Attr = ]
accoca.exe -> C:\Program Files\Common Files\ActivCard\accoca.exe -> ActivCard [Ver = 2, 1, 8, 0 | Size = 159744 bytes | Modified Date = 8/12/2002 3:54:58 PM | Attr = ]
aluschedulersvc.exe -> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.160 | Size = 100032 bytes | Modified Date = 2/23/2006 10:41:04 AM | Attr = ]
acevtsrv.exe -> C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe -> ActivCard [Ver = 1, 0, 53, 0 | Size = 28672 bytes | Modified Date = 7/1/2003 6:42:24 AM | Attr = ]
jusched.exe -> C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 49263 bytes | Modified Date = 10/12/2006 3:10:54 AM | Attr = ]
fxsvr2.exe -> C:\Program Files\Logitech\Video\FxSvr2.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 192512 bytes | Modified Date = 1/18/2005 4:08:36 PM | Attr = ]
ctfmon.exe -> C:\WINDOWS\system32\ctfmon.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15360 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
wmpnscfg.exe -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 204288 bytes | Modified Date = 10/18/2006 8:05:26 PM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K BTHSVCS] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\System32\bthserv.dll [BthServ] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 30208 bytes | Modified Date = 8/4/2004 2:56:42 AM | Attr = ]
defwatch.exe -> C:\Program Files\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 30448 bytes | Modified Date = 3/17/2006 5:34:12 AM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K HTTPFILTER] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\System32\w3ssl.dll [HTTPFilter] -> Microsoft Corporation [Ver = 6.0.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 15872 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
nprotect.exe -> C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 15.03.0.36 | Size = 135168 bytes | Modified Date = 2/5/2002 5:03:00 AM | Attr = ]
nvsvc32.exe -> C:\WINDOWS\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
nopdb.exe -> C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE -> Symantec Corporation [Ver = 6.03.0.36 | Size = 172065 bytes | Modified Date = 1/30/2002 5:00:00 AM | Attr = ]
svchost.exe -> C:\WINDOWS\system32\svchost.exe [C:\WINDOWS\SYSTEM32\SVCHOST.EXE -K IMGSVC] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
-> C:\WINDOWS\system32\wiaservc.dll [stisvc] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 333312 bytes | Modified Date = 8/4/2004 2:56:46 AM | Attr = ]
rtvscan.exe -> C:\Program Files\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 1799408 bytes | Modified Date = 3/17/2006 5:34:20 AM | Attr = ]
vsmon.exe -> C:\WINDOWS\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.5.737.000 | Size = 75768 bytes | Modified Date = 8/23/2006 10:38:26 PM | Attr = ]
wmpnetwk.exe -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 913408 bytes | Modified Date = 10/18/2006 8:05:24 PM | Attr = ]
ipodservice.exe -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 323584 bytes | Modified Date = 12/20/2005 7:54:34 PM | Attr = ]
alg.exe -> C:\WINDOWS\system32\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> Microsoft Corporation [Ver = 7.00.5730.11 (winmain(wmbla).061017-1135) | Size = 622080 bytes | Modified Date = 10/17/2006 12:04:40 PM | Attr = ]
iexplore.exe -> C:\Program Files\Internet Explorer\iexplore.exe -> Microsoft Corporation [Ver = 7.00.5730.11 (winmain(wmbla).061017-1135) | Size = 622080 bytes | Modified Date = 10/17/2006 12:04:40 PM | Attr = ]
iemonitor.exe -> C:\Program Files\Internet Download Manager\IEMonitor.exe -> Tonec Inc. [Ver = 1, 0, 0, 1 | Size = 251576 bytes | Modified Date = 12/23/2006 5:43:02 AM | Attr = ]
winpfind3u.exe -> C:\Documents and Settings\Ty\Desktop\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.3.0 | Size = 303104 bytes | Modified Date = 12/25/2006 11:19:46 PM | Attr = ]

#5 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 06:32 PM

Part 3:

[Win32 Services - All]
(ACachSrv) ActivCard Authentication Service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\ActivCard\acachsrv.exe -> ActivCard [Ver = 1, 0, 34, 0 | Size = 135168 bytes | Modified Date = 12/17/2002 7:38:20 AM | Attr = ]
(acautoreg) ActivCard Gold Autoregister [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\ActivCard\acautoreg.exe -> ActivCard S.A. [Ver = 2, 0, 4, 0 | Size = 53248 bytes | Modified Date = 11/29/2002 1:43:58 PM | Attr = ]
(Accoca) ActivCard Gold service [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\ActivCard\accoca.exe -> ActivCard [Ver = 2, 1, 8, 0 | Size = 159744 bytes | Modified Date = 8/12/2002 3:54:58 PM | Attr = ]
(Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -> [Ver = 2.41.000 | Size = 68096 bytes | Modified Date = 9/1/2004 2:47:38 PM | Attr = ]
(Alerter) Alerter [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(ALG) Application Layer Gateway Service [Win32_Own | On_Demand | Running] -> C:\WINDOWS\system32\alg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 44544 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(AppMgmt) Application Management [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> File not found
(AudioSrv) Windows Audio [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> Symantec Corporation [Ver = 3.0.0.160 | Size = 100032 bytes | Modified Date = 2/23/2006 10:41:04 AM | Attr = ]
(BITS) Background Intelligent Transfer Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Browser) Computer Browser [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(BthServ) Bluetooth Support Service [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 192160 bytes | Modified Date = 3/7/2006 12:02:34 PM | Attr = ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 169632 bytes | Modified Date = 3/7/2006 12:03:02 PM | Attr = ]
(cisvc) Indexing Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\cisvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5632 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(ClipSrv) ClipBook [Win32_Own | Disabled | Stopped] -> C:\WINDOWS\system32\clipsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(COMSysApp) COM+ System Application [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(CryptSvc) Cryptographic Services [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(DcomLaunch) DCOM Server Process Launcher [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(DefWatch) Symantec AntiVirus Definition Watcher [Win32_Own | Auto | Running] -> C:\Program Files\Symantec AntiVirus\DefWatch.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 30448 bytes | Modified Date = 3/17/2006 5:34:12 AM | Attr = ]
(Dhcp) DHCP Client [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(dmserver) Logical Disk Manager [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Dnscache) DNS Client [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(ERSvc) Error Reporting Service [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Eventlog) Event Log [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
(EventSystem) COM+ Event System [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(FastUserSwitchingCompatibility) Fast User Switching Compatibility [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(HidServ) HID Input Service [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(HTTPFilter) HTTP SSL [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 4/3/2005 11:41:10 PM | Attr = ]
(ImapiService) IMAPI CD-Burning COM Service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\imapi.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 150016 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(InCDsrv) InCD Helper [Win32_Own | Auto | Running] -> C:\Program Files\Ahead\InCD\InCDsrv.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 880128 bytes | Modified Date = 3/23/2006 4:06:38 PM | Attr = ]
(iPodService) iPodService [Win32_Own | On_Demand | Running] -> C:\Program Files\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 323584 bytes | Modified Date = 12/20/2005 7:54:34 PM | Attr = ]
(lanmanserver) Server [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(lanmanworkstation) Workstation [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -> Symantec Corporation [Ver = 3.0.0.160 | Size = 2045632 bytes | Modified Date = 2/23/2006 10:41:04 AM | Attr = ]
(LmHosts) TCP/IP NetBIOS Helper [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Messenger) Messenger [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(mnmsrvc) NetMeeting Remote Desktop Sharing [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\mnmsrvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 | Size = 32768 bytes | Modified Date = 8/4/2004 2:56:52 AM | Attr = ]
(MSDTC) Distributed Transaction Coordinator [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\msdtc.exe -> Microsoft Corporation [Ver = 2001.12.4414.258 | Size = 6144 bytes | Modified Date = 8/4/2004 2:56:54 AM | Attr = ]
(MSIServer) Windows Installer [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\msiexec.exe -> Microsoft Corporation [Ver = 3.1.4000.1823 | Size = 78848 bytes | Modified Date = 3/21/2005 2:00:22 PM | Attr = ]
(NetDDE) Network DDE [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\system32\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 2:56:54 AM | Attr = ]
(NetDDEdsdm) Network DDE DSDM [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\system32\netdde.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 111104 bytes | Modified Date = 8/4/2004 2:56:54 AM | Attr = ]
(Netlogon) Net Logon [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(Netman) Network Connections [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Nla) Network Location Awareness (NLA) [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(NProtectService) Norton Unerase Protection [Win32_Own | Auto | Running] -> C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -> Symantec Corporation [Ver = 15.03.0.36 | Size = 135168 bytes | Modified Date = 2/5/2002 5:03:00 AM | Attr = ]
(NtLmSsp) NT LM Security Support Provider [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(NtmsSvc) Removable Storage [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> Microsoft Corporation [Ver = 11.0.5525 | Size = 89136 bytes | Modified Date = 7/28/2003 11:28:22 AM | Attr = ]
(PlugPlay) Plug and Play [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\services.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 108032 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
(PolicyAgent) IPSEC Services [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(ProtectedStorage) Protected Storage [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(RasAuto) Remote Access Auto Connection Manager [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(RasMan) Remote Access Connection Manager [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(RDSessMgr) Remote Desktop Help Session Manager [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\sessmgr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
(RemoteAccess) Routing and Remote Access [Win32_Shared | Disabled | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(RemoteRegistry) Remote Registry [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(RpcLocator) Remote Procedure Call (RPC) Locator [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\locator.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 75264 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(RpcSs) Remote Procedure Call (RPC) [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(RSVP) QoS RSVP [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\rsvp.exe -> Microsoft Corporation [Ver = 5.1.2600.0 (xpclient.010817-1148) | Size = 132608 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
(SamSs) Security Accounts Manager [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\lsass.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 13312 bytes | Modified Date = 8/4/2004 2:56:50 AM | Attr = ]
(SavRoam) SavRoam [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Symantec AntiVirus\SavRoam.exe -> symantec [Ver = 10.1.0.394 | Size = 115952 bytes | Modified Date = 3/17/2006 5:34:24 AM | Attr = ]
(SCardSvr) Smart Card [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\scardsvr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 95744 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
(Schedule) Task Scheduler [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(seclogon) Secondary Logon [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(SENS) System Event Notification [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(SharedAccess) Windows Firewall/Internet Connection Sharing (ICS) [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(ShellHWDetection) Shell Hardware Detection [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 6.0.2.211 | Size = 214720 bytes | Modified Date = 1/24/2006 7:06:58 PM | Attr = ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | On_Demand | Stopped] -> C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 2.2.0.5 | Size = 1160848 bytes | Modified Date = 2/6/2006 11:50:24 AM | Attr = ]
(Speed Disk service) Speed Disk service [Win32_Own | Auto | Running] -> C:\Program Files\Norton SystemWorks\Speed Disk\NOPDB.EXE -> Symantec Corporation [Ver = 6.03.0.36 | Size = 172065 bytes | Modified Date = 1/30/2002 5:00:00 AM | Attr = ]
(Spooler) Print Spooler [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\spoolsv.exe -> Microsoft Corporation [Ver = 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) | Size = 57856 bytes | Modified Date = 6/10/2005 6:53:32 PM | Attr = ]
(srservice) System Restore Service [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(SSDPSRV) SSDP Discovery Service [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(stisvc) Windows Image Acquisition (WIA) [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(SwPrv) MS Software Shadow Copy Provider [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\dllhost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 5120 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(Symantec AntiVirus) Symantec AntiVirus [Win32_Own | Auto | Running] -> C:\Program Files\Symantec AntiVirus\Rtvscan.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 1799408 bytes | Modified Date = 3/17/2006 5:34:20 AM | Attr = ]
(SymWSC) SymWMI Service [Win32_Own | Auto | Stopped] -> C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -> Symantec Corporation [Ver = 2005.1.2.20 | Size = 316544 bytes | Modified Date = 11/2/2004 4:59:50 PM | Attr = ]
(SysmonLog) Performance Logs and Alerts [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\smlogsvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 89600 bytes | Modified Date = 8/4/2004 2:56:56 AM | Attr = ]
(TapiSrv) Telephony [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(TermService) Terminal Services [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Themes) Themes [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(TlntSvr) Telnet [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\tlntsvr.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 73216 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(TrkWks) Distributed Link Tracking Client [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(upnphost) Universal Plug and Play Device Host [Win32_Shared | On_Demand | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(UPS) Uninterruptible Power Supply [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\ups.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 18432 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(usnsvc) Messenger Sharing USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(vsmon) TrueVector Internet Monitor [Win32_Own | Auto | Running] -> C:\WINDOWS\system32\ZoneLabs\vsmon.exe -> Zone Labs, LLC [Ver = 6.5.737.000 | Size = 75768 bytes | Modified Date = 8/23/2006 10:38:26 PM | Attr = ]
(VSS) Volume Shadow Copy [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\vssvc.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 289792 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(W32Time) Windows Time [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WebClient) WebClient [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WinDefend) Windows Defender [Win32_Own | Auto | Running] -> C:\Program Files\Windows Defender\MsMpEng.exe -> Microsoft Corporation [Ver = 1.1.1593.0 | Size = 13592 bytes | Modified Date = 11/3/2006 6:19:58 PM | Attr = ]
(winmgmt) Windows Management Instrumentation [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WmdmPmSN) Portable Media Serial Number Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(Wmi) Windows Management Instrumentation Driver Extensions [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WmiApSrv) WMI Performance Adapter [Win32_Own | On_Demand | Stopped] -> C:\WINDOWS\system32\wbem\wmiapsrv.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 126464 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | Auto | Running] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> Microsoft Corporation [Ver = 11.0.5721.5145 (WMP_11.061018-2006) | Size = 913408 bytes | Modified Date = 10/18/2006 8:05:24 PM | Attr = ]
(wscsvc) Security Center [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(wuauserv) Automatic Updates [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(WZCSVC) Wireless Zero Configuration [Win32_Shared | Auto | Running] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]
(xmlprov) Network Provisioning Service [Win32_Shared | On_Demand | Stopped] -> C:\WINDOWS\system32\svchost.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 8/4/2004 2:56:58 AM | Attr = ]

Part 4:

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
acEventServ -> C:\Program Files\ActivCard\ActivCard Gold\acevtsrv.exe -> ActivCard [Ver = 1, 0, 53, 0 | Size = 28672 bytes | Modified Date = 7/1/2003 6:42:24 AM | Attr = ]
ccApp -> C:\Program Files\Common Files\Symantec Shared\ccApp.exe -> Symantec Corporation [Ver = 104.0.7.3 | Size = 53408 bytes | Modified Date = 3/7/2006 12:02:14 PM | Attr = ]
EPSON Stylus CX4600 Series -> C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9AA.EXE -> SEIKO EPSON CORPORATION [Ver = 3.00 | Size = 98304 bytes | Modified Date = 3/4/2004 3:00:00 AM | Attr = ]
ICQ Lite -> C:\Program Files\ICQLite\ICQLite.exe -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 5:06:40 AM | Attr = ]
InCD -> C:\Program Files\Ahead\InCD\InCD.exe -> Nero AG [Ver = 4, 3, 23, 2 | Size = 1398272 bytes | Modified Date = 3/23/2006 4:06:50 PM | Attr = ]
iTunesHelper -> C:\Program Files\iTunes\iTunesHelper.exe -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 278528 bytes | Modified Date = 12/20/2005 7:54:48 PM | Attr = ]
LogitechVideoRepair -> C:\Program Files\Logitech\Video\ISStart.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 458752 bytes | Modified Date = 1/18/2005 4:47:30 PM | Attr = ]
LogitechVideoTray -> C:\Program Files\Logitech\Video\LogiTray.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 217088 bytes | Modified Date = 1/18/2005 4:37:30 PM | Attr = ]
LVCOMSX -> C:\WINDOWS\system32\LVCOMSX.EXE -> Logitech Inc. [Ver = 8.4.1.1092 | Size = 221184 bytes | Modified Date = 10/8/2004 10:52:32 AM | Attr = ]
masqform.exe -> C:\Program Files\PureEdge\Viewer 6.0\masqform.exe -> PureEdge Solutions Inc. [Ver = 6.0.1 GOLD 51 | Size = 1048576 bytes | Modified Date = 1/26/2004 8:47:22 PM | Attr = ]
NeroFilterCheck -> C:\WINDOWS\system32\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 7/9/2001 9:50:42 AM | Attr = ]
NvCplDaemon -> C:\WINDOWS\system32\nvcpl.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
NvMediaCenter -> C:\WINDOWS\system32\nvmctray.dll [RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
nwiz -> C:\WINDOWS\system32\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
OpwareSE2 -> C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe -> ScanSoft, Inc. [Ver = 12.0 | Size = 49152 bytes | Modified Date = 5/8/2003 10:00:58 AM | Attr = ]
SoundMan -> C:\WINDOWS\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.24 | Size = 65024 bytes | Modified Date = 2/26/2004 3:53:30 AM | Attr = ]
SunJavaUpdateSched -> C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 49263 bytes | Modified Date = 10/12/2006 3:10:54 AM | Attr = ]
vptray -> C:\Program Files\Symantec AntiVirus\VPTray.exe -> Symantec Corporation [Ver = 10.1.0.394 | Size = 124656 bytes | Modified Date = 3/17/2006 5:34:30 AM | Attr = ]
Zone Labs Client -> C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe -> Zone Labs, LLC [Ver = 6.5.737.000 | Size = 968696 bytes | Modified Date = 8/23/2006 10:38:28 PM | Attr = ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
LogitechSoftwareUpdate -> C:\Program Files\Logitech\Video\ManifestEngine.exe -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 196608 bytes | Modified Date = 1/18/2005 4:07:54 PM | Attr = ]
NBJ -> C:\Program Files\Ahead\Nero BackItUp\NBJ.exe -> Ahead Software AG [Ver = 1, 2, 0, 61 | Size = 1961984 bytes | Modified Date = 10/11/2005 5:25:32 PM | Attr = ]
WebCamRT.exe -> -> File not found
< RunOnce [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
ICQ Lite -> C:\Program Files\ICQLite\ICQLite.exe -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 5:06:40 AM | Attr = ]
< Common Startup > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ActivCard Gold Smart Card Agent.lnk -> C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe -> ActivCard [Ver = 1, 8, 17, 3 | Size = 147456 bytes | Modified Date = 3/19/2003 9:27:24 AM | Attr = ]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 113664 bytes | Modified Date = 11/4/1999 2:06:48 PM | Attr = ]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.5.2005092300 | Size = 29696 bytes | Modified Date = 9/24/2005 1:05:26 AM | Attr = ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL -> -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
acAuth -> C:\WINDOWS\system32\acauth.dll -> ActivCard [Ver = 1, 0, 34, 0 | Size = 65536 bytes | Modified Date = 12/17/2002 10:11:44 AM | Attr = ]
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\\ScanWithAntiVirus -> 2 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = My Current Home Page ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Search Bar -> ->
HKLM: Search Page -> http://www.google.com ->
HKLM: Start Page -> http://www.comcast.net/home.html ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: Search\\Default_Search_URL -> http://www.google.com/ie ->
HKLM: SearchAssistant -> http://www.google.com/ie ->
HKCU: Search Page -> http://www.google.com ->
HKCU: Start Page -> http://www.comcast.net/home.html ->
HKCU: CustomizeSearch -> ->
HKCU: ProxyEnable -> 0 ->
HKCU: ProxyOverride -> localhost ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] -> ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0055C089-8582-441B-A0BF-17B458C2A3A8} [HKLM] -> C:\Program Files\Internet Download Manager\IDMIECC.dll [IDMIEHlprObj Class] -> Tonec Inc. [Ver = 3, 0, 0, 2 | Size = 71352 bytes | Modified Date = 11/29/2006 8:44:00 AM | Attr = ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.7.2006011200 | Size = 63128 bytes | Modified Date = 1/12/2006 8:38:22 PM | Attr = ]
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} [HKLM] -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [EWPBrowseObject Class] -> [Ver = 2, 6, 3, 0 | Size = 34304 bytes | Modified Date = 4/18/2006 6:04:14 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
< Internet Explorer Bars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} [HKLM] -> C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [Ver = 2, 6, 3, 0 | Size = 552960 bytes | Modified Date = 4/18/2006 6:05:46 PM | Attr = ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{B863453A-26C3-4e1f-A54D-A2CD196348E9} -> 8194 - ICQ Lite ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8195 - Windows Messenger ->
NextId -> 8196 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 69746 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.90.3 | Size = 434279 bytes | Modified Date = 10/12/2006 3:25:44 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Research] -> File not found
{B863453A-26C3-4e1f-A54D-A2CD196348E9} -> C:\Program Files\ICQLite\ICQLite.exe [ButtonText: ICQ Lite] -> ICQ Ltd. [Ver = 20, 52, 2573, 0 | Size = 3144800 bytes | Modified Date = 7/11/2006 5:06:40 AM | Attr = ]
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKLM] -> Reg Data - Key not found [MenuText: Reg Data - Value does not exist] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
Download All Links with IDM -> C:\Program Files\Internet Download Manager\IEGetAll.htm -> [Ver = | Size = 283 bytes | Modified Date = 10/20/2003 5:13:14 AM | Attr = ]
Download with IDM -> C:\Program Files\Internet Download Manager\IEExt.htm -> [Ver = | Size = 277 bytes | Modified Date = 12/2/2004 11:31:10 AM | Attr = ]
E&xport to Microsoft Excel -> -> File not found
Easy-WebPrint Add To Print List -> res:\C:\Program Files\Canon\Easy-WebPrint\Toolband.dll\RC_AddToList.htm -> File not found
Easy-WebPrint High Speed Print -> res:\C:\Program Files\Canon\Easy-WebPrint\Toolband.dll\RC_HSPrint.htm -> File not found
Easy-WebPrint Preview -> res:\C:\Program Files\Canon\Easy-WebPrint\Toolband.dll\RC_Preview.htm -> File not found
Easy-WebPrint Print -> res:\C:\Program Files\Canon\Easy-WebPrint\Toolband.dll\RC_Print.htm -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Taskbar and Start Menu] -> File not found
{1CDB2949-8F65-4355-8456-263E7C208A5D} [HKLM] -> C:\WINDOWS\system32\nvshell.dll [Desktop Explorer] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} [HKLM] -> C:\WINDOWS\system32\nvshell.dll [Desktop Explorer Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> C:\WINDOWS\system32\nvshell.dll [nView Desktop Context Menu] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{2AA59FC0-31E8-42DA-9D3C-E9A52953853B} [HKLM] -> Reg Data - Key not found [CopyToCD shell extension] -> File not found
{32020A01-506E-484D-A2A8-BE3CF17601C3} [HKLM] -> Reg Data - Key not found [AlcoholShellEx] -> File not found
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} [HKLM] -> C:\Program Files\Logitech\Video\Namespc2.dll [My Logitech Pictures] -> Logitech Inc. [Ver = 8.4.6.1012 | Size = 135168 bytes | Modified Date = 1/18/2005 4:48:34 PM | Attr = ]
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> Reg Data - Key not found [Display Panning CPL Extension] -> File not found
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> C:\Program Files\Yahoo!\Common\ymmapi20041123.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 11, 23, 1 | Size = 180848 bytes | Modified Date = 11/23/2004 8:59:58 AM | Attr = ]
{73B24247-042E-4EF5-ADC2-42F62E6FD654} [HKLM] -> C:\Program Files\ICQLite\ICQLiteShell.dll [ICQ Lite Shell Extension] -> [Ver = 20, 52, 2573, 0 | Size = 57451 bytes | Modified Date = 5/7/2006 11:28:48 AM | Attr = ]
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Shell extensions for file compression] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [User Accounts] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Encryption Context Menu] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> C:\WINDOWS\system32\hticons.dll [HyperTerminal Icon Ext] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
{950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> C:\Program Files\Ahead\InCD\incdshx.dll [Shell Extension for CDRW] -> Nero AG [Ver = 4, 3, 23, 2 | Size = 103424 bytes | Modified Date = 3/23/2006 3:53:02 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> C:\WINDOWS\system32\nvcpl.dll [NvCpl DesktopContext Class] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR shell extension] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 3:05:32 PM | Attr = ]
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> Apple Computer, Inc. [Ver = 6.0.2.23 | Size = 102400 bytes | Modified Date = 12/20/2005 8:06:06 PM | Attr = ]
{BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [LDVP Shell Extensions] -> Symantec Corporation [Ver = 10.1.0.394 | Size = 46832 bytes | Modified Date = 3/17/2006 5:34:58 AM | Attr = ]
{FFB699E0-306A-11d3-8BD1-00104B6F7516} [HKLM] -> C:\WINDOWS\system32\nvcpl.dll [Play on my TV helper] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{73B24247-042E-4EF5-ADC2-42F62E6FD654} [HKLM] -> C:\Program Files\ICQLite\ICQLiteShell.dll [ICQLiteMenu] -> [Ver = 20, 52, 2573, 0 | Size = 57451 bytes | Modified Date = 5/7/2006 11:28:48 AM | Attr = ]
{BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [LDVPMenu] -> Symantec Corporation [Ver = 10.1.0.394 | Size = 46832 bytes | Modified Date = 3/17/2006 5:34:58 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 3:05:32 PM | Attr = ]
{5464D816-CF16-4784-B9F3-75C0DB52B499} [HKLM] -> C:\Program Files\Yahoo!\Common\ymmapi20041123.dll [Yahoo! Mail] -> Yahoo! Inc. [Ver = 2004, 11, 23, 1 | Size = 180848 bytes | Modified Date = 11/23/2004 8:59:58 AM | Attr = ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{73B24247-042E-4EF5-ADC2-42F62E6FD654} [HKLM] -> C:\Program Files\ICQLite\ICQLiteShell.dll [ICQLiteMenu] -> [Ver = 20, 52, 2573, 0 | Size = 57451 bytes | Modified Date = 5/7/2006 11:28:48 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 3:05:32 PM | Attr = ]
< ContextMenuHandlers - Directory\Background [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} [HKLM] -> C:\WINDOWS\system32\nvshell.dll [00nView] -> [Ver = | Size = 466944 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
{950FF917-7A57-46BC-8017-59D9BF474000} [HKLM] -> C:\Program Files\Ahead\InCD\incdshx.dll [InCDMenu] -> Nero AG [Ver = 4, 3, 23, 2 | Size = 103424 bytes | Modified Date = 3/23/2006 3:53:02 PM | Attr = ]
{A70C977A-BF00-412C-90B7-034C51DA2439} [HKLM] -> C:\WINDOWS\system32\nvcpl.dll [NvCplDesktopContext] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 10/22/2006 12:22:00 PM | Attr = ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{BDA77241-42F6-11d0-85E2-00AA001FE28C} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [LDVPMenu] -> Symantec Corporation [Ver = 10.1.0.394 | Size = 46832 bytes | Modified Date = 3/17/2006 5:34:58 AM | Attr = ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR] -> [Ver = | Size = 125440 bytes | Modified Date = 10/7/2005 3:05:32 PM | Attr = ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 12/14/2004 1:20:02 AM | Attr = ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{688A52FF-AB06-4A6E-B362-6167D37E3EAD} -> () ->
{BA9AAF23-D80F-4838-8369-DC2CED5D9D9C} -> () ->
{C5037EB1-DDF4-4DAD-9616-C5C9641D76C4} -> (Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller) ->
{CC91E4A8-F1E0-42B0-89AB-B37DAACE7F9B} -> (1394 Net Adapter) ->
{F927CED7-4FAC-48CE-A34D-35578ADD62C2} -> (VIA Compatable Fast Ethernet Adapter) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found

#6 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 06:33 PM

Part 5:

[Files - Created Wihin 30 days]
VundoFix.txt -> C:\VundoFix.txt -> [Ver = | Size = 195 bytes | Created Date = 12/26/2006 2:20:21 PM | Attr = ]
xscan32.dat -> C:\Program Files\Common Files\ScanSoft Shared\xscan32.dat -> [Ver = | Size = 496 bytes | Created Date = 12/1/2006 4:29:41 PM | Attr = ]
EPERSIST.DAT -> C:\Program Files\Common Files\Symantec Shared\eengine\EPERSIST.DAT -> [Ver = | Size = 48 bytes | Created Date = 12/16/2006 7:42:06 AM | Attr = ]
EraserUtilRebootDrv.sys -> C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Created Date = 12/18/2006 3:04:58 PM | Attr = ]
1140.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1140.sud -> [Ver = | Size = 275 bytes | Created Date = 11/27/2006 5:17:13 PM | Attr = ]
1141.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1141.sud -> [Ver = | Size = 363 bytes | Created Date = 11/27/2006 5:17:13 PM | Attr = ]
1152.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1152.sud -> [Ver = | Size = 302 bytes | Created Date = 12/1/2006 5:44:30 PM | Attr = ]
1166.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1166.sud -> [Ver = | Size = 203 bytes | Created Date = 12/8/2006 6:37:30 PM | Attr = ]
1167.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1167.sud -> [Ver = | Size = 302 bytes | Created Date = 12/8/2006 6:37:30 PM | Attr = ]
1190.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1190.sud -> [Ver = | Size = 205 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1191.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1191.sud -> [Ver = | Size = 304 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1192.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1192.sud -> [Ver = | Size = 735 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1193.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1193.sud -> [Ver = | Size = 789 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1194.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1194.sud -> [Ver = | Size = 811 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1195.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1195.sud -> [Ver = | Size = 797 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1196.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1196.sud -> [Ver = | Size = 797 bytes | Created Date = 12/20/2006 11:33:23 PM | Attr = ]
1197.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1197.sud -> [Ver = | Size = 303 bytes | Created Date = 12/21/2006 1:37:59 PM | Attr = ]
1198.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1198.sud -> [Ver = | Size = 303 bytes | Created Date = 12/22/2006 7:24:38 PM | Attr = ]
1199.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1199.sud -> [Ver = | Size = 204 bytes | Created Date = 12/25/2006 5:33:39 PM | Attr = ]
1200.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1200.sud -> [Ver = | Size = 303 bytes | Created Date = 12/25/2006 5:33:39 PM | Attr = ]
1201.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1201.sud -> [Ver = | Size = 1410 bytes | Created Date = 12/25/2006 5:33:39 PM | Attr = ]
1202.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1202.sud -> [Ver = | Size = 1320 bytes | Created Date = 12/25/2006 5:33:39 PM | Attr = ]
1203.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1203.sud -> [Ver = | Size = 303 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1204.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1204.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1205.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1205.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1206.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1206.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1207.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1207.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1208.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1208.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1209.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1209.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1210.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1210.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1211.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1211.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:30 AM | Attr = ]
1212.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1212.sud -> [Ver = | Size = 210 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1213.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1213.sud -> [Ver = | Size = 271 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1214.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1214.sud -> [Ver = | Size = 244 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1215.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1215.sud -> [Ver = | Size = 246 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1216.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1216.sud -> [Ver = | Size = 271 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1217.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1217.sud -> [Ver = | Size = 251 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1218.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1218.sud -> [Ver = | Size = 255 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1219.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1219.sud -> [Ver = | Size = 263 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1220.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1220.sud -> [Ver = | Size = 244 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1221.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1221.sud -> [Ver = | Size = 245 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1222.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1222.sud -> [Ver = | Size = 252 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1223.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1223.sud -> [Ver = | Size = 251 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1224.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1224.sud -> [Ver = | Size = 255 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1225.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1225.sud -> [Ver = | Size = 263 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1226.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1226.sud -> [Ver = | Size = 252 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1227.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1227.sud -> [Ver = | Size = 245 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1228.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1228.sud -> [Ver = | Size = 246 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1229.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1229.sud -> [Ver = | Size = 258 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1230.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1230.sud -> [Ver = | Size = 258 bytes | Created Date = 12/26/2006 6:05:31 AM | Attr = ]
1231.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1231.sud -> [Ver = | Size = 303 bytes | Created Date = 12/26/2006 6:28:44 AM | Attr = ]
1232.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1232.sud -> [Ver = | Size = 304 bytes | Created Date = 12/26/2006 10:28:11 AM | Attr = ]
1233.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1233.sud -> [Ver = | Size = 204 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1234.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1234.sud -> [Ver = | Size = 303 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1235.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1235.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1236.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1236.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1237.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1237.sud -> [Ver = | Size = 855 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1238.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1238.sud -> [Ver = | Size = 2133 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1239.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1239.sud -> [Ver = | Size = 611 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1240.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1240.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1241.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1241.sud -> [Ver = | Size = 836 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1242.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1242.sud -> [Ver = | Size = 739 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1243.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1243.sud -> [Ver = | Size = 660 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1244.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1244.sud -> [Ver = | Size = 623 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1245.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1245.sud -> [Ver = | Size = 539 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1246.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1246.sud -> [Ver = | Size = 618 bytes | Created Date = 12/26/2006 2:21:29 PM | Attr = ]
1247.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1247.sud -> [Ver = | Size = 2092 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1248.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1248.sud -> [Ver = | Size = 872 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1249.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1249.sud -> [Ver = | Size = 872 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1250.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1250.sud -> [Ver = | Size = 914 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1251.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1251.sud -> [Ver = | Size = 715 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1252.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1252.sud -> [Ver = | Size = 720 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1253.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1253.sud -> [Ver = | Size = 679 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1254.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1254.sud -> [Ver = | Size = 909 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1255.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1255.sud -> [Ver = | Size = 909 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1256.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1256.sud -> [Ver = | Size = 894 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1257.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1257.sud -> [Ver = | Size = 836 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1258.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1258.sud -> [Ver = | Size = 648 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1259.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1259.sud -> [Ver = | Size = 643 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1260.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1260.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1261.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1261.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1262.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1262.sud -> [Ver = | Size = 775 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1263.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1263.sud -> [Ver = | Size = 709 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1264.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1264.sud -> [Ver = | Size = 1112 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1265.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1265.sud -> [Ver = | Size = 1033 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1266.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1266.sud -> [Ver = | Size = 1208 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1267.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1267.sud -> [Ver = | Size = 751 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1268.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1268.sud -> [Ver = | Size = 792 bytes | Created Date = 12/26/2006 2:21:30 PM | Attr = ]
1269.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1269.sud -> [Ver = | Size = 582 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1270.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1270.sud -> [Ver = | Size = 582 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1271.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1271.sud -> [Ver = | Size = 781 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1272.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1272.sud -> [Ver = | Size = 690 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1273.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1273.sud -> [Ver = | Size = 884 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1274.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1274.sud -> [Ver = | Size = 660 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1275.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1275.sud -> [Ver = | Size = 522 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1276.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1276.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
1277.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1277.sud -> [Ver = | Size = 843 bytes | Created Date = 12/26/2006 2:21:31 PM | Attr = ]
CATALOG.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\CATALOG.DAT -> [Ver = | Size = 3406 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
CCERASER.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\CCERASER.DLL -> Symantec Corporation [Ver = 106.3.3.2 | Size = 2406200 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ECBOOTIL.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ECBOOTIL.VXD -> [Ver = | Size = 6899 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ECMSVR32.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 | Size = 272040 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
eeCtrl.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\eeCtrl.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 387384 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ERASER.grd -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.grd -> [Ver = | Size = 232 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ERASER.sig -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.sig -> [Ver = | Size = 2261 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ERASER.spm -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.spm -> [Ver = | Size = 2320 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
eraser.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\eraser.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ESRDEF.BIN -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ESRDEF.BIN -> [Ver = | Size = 3137912 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVENG.EXP -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVENG.EXP -> [Ver = | Size = 13040 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVENG.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVENG.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 80408 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVENG.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVENG.VXD -> [Ver = | Size = 89674 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVENG32.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVENG32.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 124584 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVEX15.EXP -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVEX15.EXP -> [Ver = | Size = 13232 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVEX15.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVEX15.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 833048 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVEX15.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVEX15.VXD -> [Ver = | Size = 994379 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NAVEX32A.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVEX32A.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 882344 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
NCSACERT.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NCSACERT.TXT -> [Ver = | Size = 6536 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
SCRAUTH.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SCRAUTH.DAT -> [Ver = | Size = 97712 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
SYMAVENG.CAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SYMAVENG.CAT -> [Ver = | Size = 9237 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
SYMAVENG.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SYMAVENG.INF -> [Ver = | Size = 1061 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
SymErase.cat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SymErase.cat -> [Ver = | Size = 8399 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
SymErase.inf -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SymErase.inf -> [Ver = | Size = 580 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TCDEFS.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TCSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN7.DAT -> [Ver = | Size = 1177895 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TCSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN8.DAT -> [Ver = | Size = 323689 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TCSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN9.DAT -> [Ver = | Size = 729084 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TECHNOTE.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TECHNOTE.TXT -> [Ver = | Size = 875 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TINF.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TINF.DAT -> [Ver = | Size = 453 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TINFIDX.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TINFIDX.DAT -> [Ver = | Size = 148 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TINFL.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TINFL.DAT -> [Ver = | Size = 1957 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TSCAN1.DAT -> [Ver = | Size = 64232 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
TSCAN1HD.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TSCAN1HD.DAT -> [Ver = | Size = 3072 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
V.GRD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\V.GRD -> [Ver = | Size = 5053 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
V.SIG -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\V.SIG -> [Ver = | Size = 2269 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN.INF -> [Ver = | Size = 106244 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN1.DAT -> [Ver = | Size = 974385 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN2.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN2.DAT -> [Ver = | Size = 569976 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN3.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN3.DAT -> [Ver = | Size = 147296 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN4.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN4.DAT -> [Ver = | Size = 320186 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN5.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN5.DAT -> [Ver = | Size = 3112843 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN6.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN6.DAT -> [Ver = | Size = 390030 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN7.DAT -> [Ver = | Size = 5486578 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN8.DAT -> [Ver = | Size = 1652449 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN9.DAT -> [Ver = | Size = 3953138 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
VIRSCANT.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCANT.DAT -> [Ver = | Size = 32 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
vscanmsx.dat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\vscanmsx.dat -> [Ver = | Size = 2072 bytes | Created Date = 12/26/2006 2:05:41 AM | Attr = ]
WHATSNEW.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\WHATSNEW.TXT -> [Ver = | Size = 28436 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
ZDONE.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ZDONE.DAT -> [Ver = | Size = 224 bytes | Created Date = 12/25/2006 4:30:55 AM | Attr = ]
CATALOG.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\CATALOG.DAT -> [Ver = | Size = 3406 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
CCERASER.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\CCERASER.DLL -> Symantec Corporation [Ver = 106.3.3.2 | Size = 2406200 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ECBOOTIL.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ECBOOTIL.VXD -> [Ver = | Size = 6899 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ECMSVR32.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ECMSVR32.DLL -> Symantec Corporation [Ver = 61.3.0.18 | Size = 272040 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
eeCtrl.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\eeCtrl.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 387384 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ERASER.grd -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.grd -> [Ver = | Size = 232 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ERASER.sig -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.sig -> [Ver = | Size = 2261 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ERASER.spm -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.spm -> [Ver = | Size = 2320 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
eraser.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\eraser.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
ESRDEF.BIN -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ESRDEF.BIN -> [Ver = | Size = 3137912 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVENG.EXP -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVENG.EXP -> [Ver = | Size = 13040 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVENG.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVENG.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 80408 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVENG.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVENG.VXD -> [Ver = | Size = 89674 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVENG32.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVENG32.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 124584 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVEX15.EXP -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVEX15.EXP -> [Ver = | Size = 13232 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVEX15.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVEX15.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 833048 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVEX15.VXD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVEX15.VXD -> [Ver = | Size = 994379 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NAVEX32A.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVEX32A.DLL -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 882344 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
NCSACERT.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NCSACERT.TXT -> [Ver = | Size = 6536 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
SCRAUTH.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SCRAUTH.DAT -> [Ver = | Size = 97712 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
SYMAVENG.CAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SYMAVENG.CAT -> [Ver = | Size = 9237 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
SYMAVENG.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SYMAVENG.INF -> [Ver = | Size = 1061 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
SymErase.cat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SymErase.cat -> [Ver = | Size = 8399 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
SymErase.inf -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SymErase.inf -> [Ver = | Size = 580 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TCDEFS.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TCSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN7.DAT -> [Ver = | Size = 1177895 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TCSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN8.DAT -> [Ver = | Size = 323689 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TCSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN9.DAT -> [Ver = | Size = 729084 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TECHNOTE.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TECHNOTE.TXT -> [Ver = | Size = 875 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TINF.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TINF.DAT -> [Ver = | Size = 453 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TINFIDX.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TINFIDX.DAT -> [Ver = | Size = 148 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TINFL.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TINFL.DAT -> [Ver = | Size = 1957 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TSCAN1.DAT -> [Ver = | Size = 64232 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
TSCAN1HD.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TSCAN1HD.DAT -> [Ver = | Size = 3072 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
V.GRD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\V.GRD -> [Ver = | Size = 5053 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
V.SIG -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\V.SIG -> [Ver = | Size = 2269 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN.INF -> [Ver = | Size = 106244 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN1.DAT -> [Ver = | Size = 974385 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN2.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN2.DAT -> [Ver = | Size = 569976 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN3.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN3.DAT -> [Ver = | Size = 147296 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN4.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN4.DAT -> [Ver = | Size = 320186 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN5.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN5.DAT -> [Ver = | Size = 3114788 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN6.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN6.DAT -> [Ver = | Size = 390030 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN7.DAT -> [Ver = | Size = 5487058 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN8.DAT -> [Ver = | Size = 1652668 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN9.DAT -> [Ver = | Size = 3955328 bytes | Created Date = 12/26/2006 4:30:27 AM | Attr = ]
VIRSCANT.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCANT.DAT -> [Ver = | Size = 32 bytes | Created Date = 12/26/2006 4:30:28 AM | Attr = ]
WHATSNEW.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\WHATSNEW.TXT -> [Ver = | Size = 28436 bytes | Created Date = 12/26/2006 4:30:28 AM | Attr = ]
ZDONE.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ZDONE.DAT -> [Ver = | Size = 224 bytes | Created Date = 12/26/2006 4:30:28 AM | Attr = ]
basecsp.log -> C:\WINDOWS\basecsp.log -> [Ver = | Size = 3419 bytes | Created Date = 12/16/2006 5:35:33 AM | Attr = ]
KB920342.log -> C:\WINDOWS\KB920342.log -> [Ver = | Size = 28967 bytes | Created Date = 12/3/2006 3:19:36 PM | Attr = ]
KB923694.log -> C:\WINDOWS\KB923694.log -> [Ver = | Size = 11853 bytes | Created Date = 12/13/2006 1:39:26 AM | Attr = ]
KB925398.log -> C:\WINDOWS\KB925398.log -> [Ver = | Size = 12514 bytes | Created Date = 12/13/2006 3:04:35 AM | Attr = ]
KB926239.log -> C:\WINDOWS\KB926239.log -> [Ver = | Size = 8623 bytes | Created Date = 12/3/2006 3:28:45 PM | Attr = ]
KB926255.log -> C:\WINDOWS\KB926255.log -> [Ver = | Size = 11986 bytes | Created Date = 12/13/2006 1:39:34 AM | Attr = ]
KB928388.log -> C:\WINDOWS\KB928388.log -> [Ver = | Size = 15654 bytes | Created Date = 12/16/2006 5:35:49 AM | Attr = ]
MSCompPackV1.log -> C:\WINDOWS\MSCompPackV1.log -> [Ver = | Size = 6605 bytes | Created Date = 12/3/2006 3:28:36 PM | Attr = ]
WMFDist11.log -> C:\WINDOWS\WMFDist11.log -> [Ver = | Size = 30218 bytes | Created Date = 12/3/2006 3:23:45 PM | Attr = ]
wmp11.log -> C:\WINDOWS\wmp11.log -> [Ver = | Size = 23388 bytes | Created Date = 12/3/2006 3:25:54 PM | Attr = ]
Wudf01000Inst.log -> C:\WINDOWS\Wudf01000Inst.log -> [Ver = | Size = 17420 bytes | Created Date = 12/3/2006 3:22:19 PM | Attr = ]
Eaexec.exe -> C:\WINDOWS\System32\Eaexec.exe -> Electronic Arts [Ver = 1.2 | Size = 132096 bytes | Created Date = 12/11/2006 4:56:30 PM | Attr = ]
ealtest.exe -> C:\WINDOWS\System32\ealtest.exe -> [Ver = | Size = 24576 bytes | Created Date = 12/11/2006 4:56:31 PM | Attr = ]
TZLog.log -> C:\WINDOWS\System32\TZLog.log -> [Ver = | Size = 106188 bytes | Created Date = 12/16/2006 5:36:09 AM | Attr = ]
apphelp.sdb -> C:\WINDOWS\System32\dllcache\apphelp.sdb -> [Ver = | Size = 217118 bytes | Created Date = 12/3/2006 3:28:42 PM | Attr = ]
apph_sp.sdb -> C:\WINDOWS\System32\dllcache\apph_sp.sdb -> [Ver = | Size = 764868 bytes | Created Date = 12/3/2006 3:28:42 PM | Attr = ]
sysmain.sdb -> C:\WINDOWS\System32\dllcache\sysmain.sdb -> [Ver = | Size = 1197294 bytes | Created Date = 12/3/2006 3:28:42 PM | Attr = ]

#7 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 06:35 PM

Part 6:

[Files - Modified Wihin 30 days]
VundoFix.txt -> C:\VundoFix.txt -> [Ver = | Size = 195 bytes | Modified Date = 12/26/2006 2:20:58 PM | Attr = ]
xscan32.dat -> C:\Program Files\Common Files\ScanSoft Shared\xscan32.dat -> [Ver = | Size = 496 bytes | Modified Date = 12/1/2006 4:29:28 PM | Attr = ]
Validate.dat -> C:\Program Files\Common Files\Symantec Shared\Validate.dat -> [Ver = | Size = 620 bytes | Modified Date = 12/26/2006 3:29:28 PM | Attr = ]
eectrl.sys -> C:\Program Files\Common Files\Symantec Shared\eengine\eectrl.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 387384 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
EPERSIST.DAT -> C:\Program Files\Common Files\Symantec Shared\eengine\EPERSIST.DAT -> [Ver = | Size = 48 bytes | Modified Date = 12/26/2006 3:29:02 PM | Attr = ]
EraserUtilRebootDrv.sys -> C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eraser.grd -> C:\Program Files\Common Files\Symantec Shared\SPManifests\eraser.grd -> [Ver = | Size = 232 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eraser.sig -> C:\Program Files\Common Files\Symantec Shared\SPManifests\eraser.sig -> [Ver = | Size = 2261 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eraser.spm -> C:\Program Files\Common Files\Symantec Shared\SPManifests\eraser.spm -> [Ver = | Size = 2320 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
1140.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1140.sud -> [Ver = | Size = 275 bytes | Modified Date = 11/27/2006 5:17:14 PM | Attr = ]
1141.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1141.sud -> [Ver = | Size = 363 bytes | Modified Date = 11/27/2006 5:17:14 PM | Attr = ]
1152.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1152.sud -> [Ver = | Size = 302 bytes | Modified Date = 12/1/2006 5:44:32 PM | Attr = ]
1166.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1166.sud -> [Ver = | Size = 203 bytes | Modified Date = 12/8/2006 6:37:30 PM | Attr = ]
1167.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1167.sud -> [Ver = | Size = 302 bytes | Modified Date = 12/8/2006 6:37:32 PM | Attr = ]
1190.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1190.sud -> [Ver = | Size = 205 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1191.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1191.sud -> [Ver = | Size = 304 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1192.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1192.sud -> [Ver = | Size = 735 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1193.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1193.sud -> [Ver = | Size = 789 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1194.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1194.sud -> [Ver = | Size = 811 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1195.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1195.sud -> [Ver = | Size = 797 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1196.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1196.sud -> [Ver = | Size = 797 bytes | Modified Date = 12/20/2006 11:33:24 PM | Attr = ]
1197.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1197.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/21/2006 1:38:00 PM | Attr = ]
1198.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1198.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/22/2006 7:24:38 PM | Attr = ]
1199.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1199.sud -> [Ver = | Size = 204 bytes | Modified Date = 12/25/2006 5:33:40 PM | Attr = ]
1200.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1200.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/25/2006 5:33:40 PM | Attr = ]
1201.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1201.sud -> [Ver = | Size = 1410 bytes | Modified Date = 12/25/2006 5:33:40 PM | Attr = ]
1202.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1202.sud -> [Ver = | Size = 1320 bytes | Modified Date = 12/25/2006 5:33:40 PM | Attr = ]
1203.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1203.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1204.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1204.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1205.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1205.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1206.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1206.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1207.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1207.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1208.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1208.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1209.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1209.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1210.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1210.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1211.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1211.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1212.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1212.sud -> [Ver = | Size = 210 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1213.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1213.sud -> [Ver = | Size = 271 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1214.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1214.sud -> [Ver = | Size = 244 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1215.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1215.sud -> [Ver = | Size = 246 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1216.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1216.sud -> [Ver = | Size = 271 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1217.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1217.sud -> [Ver = | Size = 251 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1218.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1218.sud -> [Ver = | Size = 255 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1219.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1219.sud -> [Ver = | Size = 263 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1220.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1220.sud -> [Ver = | Size = 244 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1221.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1221.sud -> [Ver = | Size = 245 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1222.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1222.sud -> [Ver = | Size = 252 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1223.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1223.sud -> [Ver = | Size = 251 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1224.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1224.sud -> [Ver = | Size = 255 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1225.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1225.sud -> [Ver = | Size = 263 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1226.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1226.sud -> [Ver = | Size = 252 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1227.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1227.sud -> [Ver = | Size = 245 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1228.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1228.sud -> [Ver = | Size = 246 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1229.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1229.sud -> [Ver = | Size = 258 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1230.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1230.sud -> [Ver = | Size = 258 bytes | Modified Date = 12/26/2006 6:05:32 AM | Attr = ]
1231.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1231.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/26/2006 6:28:46 AM | Attr = ]
1232.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1232.sud -> [Ver = | Size = 304 bytes | Modified Date = 12/26/2006 10:28:12 AM | Attr = ]
1233.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1233.sud -> [Ver = | Size = 204 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1234.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1234.sud -> [Ver = | Size = 303 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1235.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1235.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1236.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1236.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1237.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1237.sud -> [Ver = | Size = 855 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1238.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1238.sud -> [Ver = | Size = 2133 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1239.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1239.sud -> [Ver = | Size = 611 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1240.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1240.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1241.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1241.sud -> [Ver = | Size = 836 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1242.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1242.sud -> [Ver = | Size = 739 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1243.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1243.sud -> [Ver = | Size = 660 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1244.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1244.sud -> [Ver = | Size = 623 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1245.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1245.sud -> [Ver = | Size = 539 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1246.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1246.sud -> [Ver = | Size = 618 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1247.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1247.sud -> [Ver = | Size = 2092 bytes | Modified Date = 12/26/2006 2:21:30 PM | Attr = ]
1248.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1248.sud -> [Ver = | Size = 872 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1249.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1249.sud -> [Ver = | Size = 872 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1250.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1250.sud -> [Ver = | Size = 914 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1251.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1251.sud -> [Ver = | Size = 715 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1252.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1252.sud -> [Ver = | Size = 720 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1253.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1253.sud -> [Ver = | Size = 679 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1254.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1254.sud -> [Ver = | Size = 909 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1255.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1255.sud -> [Ver = | Size = 909 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1256.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1256.sud -> [Ver = | Size = 894 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1257.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1257.sud -> [Ver = | Size = 836 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1258.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1258.sud -> [Ver = | Size = 648 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1259.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1259.sud -> [Ver = | Size = 643 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1260.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1260.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1261.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1261.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1262.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1262.sud -> [Ver = | Size = 775 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1263.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1263.sud -> [Ver = | Size = 709 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1264.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1264.sud -> [Ver = | Size = 1112 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1265.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1265.sud -> [Ver = | Size = 1033 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1266.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1266.sud -> [Ver = | Size = 1208 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1267.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1267.sud -> [Ver = | Size = 751 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1268.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1268.sud -> [Ver = | Size = 792 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1269.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1269.sud -> [Ver = | Size = 582 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1270.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1270.sud -> [Ver = | Size = 582 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1271.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1271.sud -> [Ver = | Size = 781 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1272.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1272.sud -> [Ver = | Size = 690 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1273.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1273.sud -> [Ver = | Size = 884 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1274.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1274.sud -> [Ver = | Size = 660 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1275.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1275.sud -> [Ver = | Size = 522 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1276.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1276.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
1277.sud -> C:\Program Files\Common Files\Symantec Shared\UndoData\1277.sud -> [Ver = | Size = 843 bytes | Modified Date = 12/26/2006 2:21:32 PM | Attr = ]
definfo.dat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\definfo.dat -> [Ver = | Size = 57 bytes | Modified Date = 12/26/2006 4:30:32 AM | Attr = ]
usage.dat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\usage.dat -> [Ver = | Size = 61 bytes | Modified Date = 12/26/2006 4:30:40 AM | Attr = ]
BBConfig.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log -> [Ver = | Size = 28057 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBDebug.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBDetect.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBNotify.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBRefr.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSetCfg.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log -> [Ver = | Size = 489 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSetCfg2.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log -> [Ver = | Size = 425 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSetDev.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSetLoc.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log -> [Ver = | Size = 2108 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSetUsr.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSMNot.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSMReg.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBSMRSt.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBStHash.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
BBStMSI.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log -> [Ver = | Size = 65481 bytes | Modified Date = 12/26/2006 3:30:24 PM | Attr = ]
BBValid.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
SPPolicy.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
SPStart.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
SPStop.log -> C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log -> [Ver = | Size = 64 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
CCERASER.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\CCERASER.DLL -> Symantec Corporation [Ver = 106.3.3.2 | Size = 2406200 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eeCtrl.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\eeCtrl.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 387384 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.grd -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.grd -> [Ver = | Size = 232 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.sig -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.sig -> [Ver = | Size = 2261 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.spm -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ERASER.spm -> [Ver = | Size = 2320 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eraser.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\eraser.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ESRDEF.BIN -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\ESRDEF.BIN -> [Ver = | Size = 3137912 bytes | Modified Date = 12/23/2006 4:00:00 AM | Attr = ]
NAVENG.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVENG.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 80408 bytes | Modified Date = 12/16/2006 4:00:00 AM | Attr = ]
NAVEX15.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\NAVEX15.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 833048 bytes | Modified Date = 12/16/2006 4:00:00 AM | Attr = ]
SCRAUTH.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SCRAUTH.DAT -> [Ver = | Size = 97712 bytes | Modified Date = 12/21/2006 4:00:00 AM | Attr = ]
SymErase.cat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SymErase.cat -> [Ver = | Size = 8399 bytes | Modified Date = 12/1/2006 4:00:00 AM | Attr = ]
SymErase.inf -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\SymErase.inf -> [Ver = | Size = 580 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
TCDEFS.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TCSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN7.DAT -> [Ver = | Size = 1177895 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TCSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN8.DAT -> [Ver = | Size = 323689 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TCSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCSCAN9.DAT -> [Ver = | Size = 729084 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TINF.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TINF.DAT -> [Ver = | Size = 453 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TINFL.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TINFL.DAT -> [Ver = | Size = 1957 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TSCAN1.DAT -> [Ver = | Size = 64232 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
TSCAN1HD.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TSCAN1HD.DAT -> [Ver = | Size = 3072 bytes | Modified Date = 12/18/2006 4:00:00 AM | Attr = ]
V.GRD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\V.GRD -> [Ver = | Size = 5053 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
V.SIG -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\V.SIG -> [Ver = | Size = 2269 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN.INF -> [Ver = | Size = 106244 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN1.DAT -> [Ver = | Size = 974385 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN2.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN2.DAT -> [Ver = | Size = 569976 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN3.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN3.DAT -> [Ver = | Size = 147296 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN4.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN4.DAT -> [Ver = | Size = 320186 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN5.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN5.DAT -> [Ver = | Size = 3112843 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN6.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN6.DAT -> [Ver = | Size = 390030 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN7.DAT -> [Ver = | Size = 5486578 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN8.DAT -> [Ver = | Size = 1652449 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN9.DAT -> [Ver = | Size = 3953138 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCANT.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCANT.DAT -> [Ver = | Size = 32 bytes | Modified Date = 12/24/2006 5:37:28 AM | Attr = ]
vscanmsx.dat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\vscanmsx.dat -> [Ver = | Size = 2072 bytes | Modified Date = 12/26/2006 3:18:58 AM | Attr = ]
WHATSNEW.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\WHATSNEW.TXT -> [Ver = | Size = 28436 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
CCERASER.DLL -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\CCERASER.DLL -> Symantec Corporation [Ver = 106.3.3.2 | Size = 2406200 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eeCtrl.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\eeCtrl.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 387384 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.grd -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.grd -> [Ver = | Size = 232 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.sig -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.sig -> [Ver = | Size = 2261 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ERASER.spm -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ERASER.spm -> [Ver = | Size = 2320 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
eraser.sys -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\eraser.sys -> Symantec Corporation [Ver = 106.3.3.2 | Size = 102712 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
ESRDEF.BIN -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\ESRDEF.BIN -> [Ver = | Size = 3137912 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
NAVENG.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVENG.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 80408 bytes | Modified Date = 12/16/2006 4:00:00 AM | Attr = ]
NAVEX15.SYS -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\NAVEX15.SYS -> Symantec Corporation [Ver = 20061.3.0.12 | Size = 833048 bytes | Modified Date = 12/16/2006 4:00:00 AM | Attr = ]
SCRAUTH.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SCRAUTH.DAT -> [Ver = | Size = 97712 bytes | Modified Date = 12/21/2006 4:00:00 AM | Attr = ]
SymErase.cat -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SymErase.cat -> [Ver = | Size = 8399 bytes | Modified Date = 12/1/2006 4:00:00 AM | Attr = ]
SymErase.inf -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\SymErase.inf -> [Ver = | Size = 580 bytes | Modified Date = 11/30/2006 4:00:00 AM | Attr = ]
TCDEFS.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TCSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN7.DAT -> [Ver = | Size = 1177895 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TCSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN8.DAT -> [Ver = | Size = 323689 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TCSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCSCAN9.DAT -> [Ver = | Size = 729084 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TINF.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TINF.DAT -> [Ver = | Size = 453 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TINFL.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TINFL.DAT -> [Ver = | Size = 1957 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TSCAN1.DAT -> [Ver = | Size = 64232 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
TSCAN1HD.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TSCAN1HD.DAT -> [Ver = | Size = 3072 bytes | Modified Date = 12/18/2006 4:00:00 AM | Attr = ]
V.GRD -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\V.GRD -> [Ver = | Size = 5053 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
V.SIG -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\V.SIG -> [Ver = | Size = 2269 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN.INF -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN.INF -> [Ver = | Size = 106244 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
VIRSCAN1.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN1.DAT -> [Ver = | Size = 974385 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN2.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN2.DAT -> [Ver = | Size = 569976 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN3.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN3.DAT -> [Ver = | Size = 147296 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN4.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN4.DAT -> [Ver = | Size = 320186 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN5.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN5.DAT -> [Ver = | Size = 3114788 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN6.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN6.DAT -> [Ver = | Size = 390030 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN7.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN7.DAT -> [Ver = | Size = 5487058 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN8.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN8.DAT -> [Ver = | Size = 1652668 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCAN9.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN9.DAT -> [Ver = | Size = 3955328 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
VIRSCANT.DAT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCANT.DAT -> [Ver = | Size = 32 bytes | Modified Date = 12/25/2006 5:15:04 AM | Attr = ]
WHATSNEW.TXT -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\WHATSNEW.TXT -> [Ver = | Size = 28436 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
0.log -> C:\WINDOWS\0.log -> [Ver = | Size = 0 bytes | Modified Date = 12/26/2006 3:29:56 PM | Attr = ]
basecsp.log -> C:\WINDOWS\basecsp.log -> [Ver = | Size = 3419 bytes | Modified Date = 12/16/2006 5:35:46 AM | Attr = ]
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 12/26/2006 3:29:14 PM | Attr = S]
CoDUO.INI -> C:\WINDOWS\CoDUO.INI -> [Ver = | Size = 869 bytes | Modified Date = 12/4/2006 4:52:00 PM | Attr = ]
comsetup.log -> C:\WINDOWS\comsetup.log -> [Ver = | Size = 281955 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
FaxSetup.log -> C:\WINDOWS\FaxSetup.log -> [Ver = | Size = 826419 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
IDMan.INI -> C:\WINDOWS\IDMan.INI -> [Ver = | Size = 67 bytes | Modified Date = 12/20/2006 7:59:04 AM | Attr = ]
iis6.log -> C:\WINDOWS\iis6.log -> [Ver = | Size = 950639 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
imsins.log -> C:\WINDOWS\imsins.log -> [Ver = | Size = 1393 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
KB920342.log -> C:\WINDOWS\KB920342.log -> [Ver = | Size = 28967 bytes | Modified Date = 12/3/2006 3:49:40 PM | Attr = ]
KB923694.log -> C:\WINDOWS\KB923694.log -> [Ver = | Size = 11853 bytes | Modified Date = 12/13/2006 3:03:50 AM | Attr = ]
KB925398.log -> C:\WINDOWS\KB925398.log -> [Ver = | Size = 12514 bytes | Modified Date = 12/13/2006 3:05:56 AM | Attr = ]
KB926239.log -> C:\WINDOWS\KB926239.log -> [Ver = | Size = 8623 bytes | Modified Date = 12/3/2006 3:28:52 PM | Attr = ]
KB926255.log -> C:\WINDOWS\KB926255.log -> [Ver = | Size = 11986 bytes | Modified Date = 12/13/2006 3:03:58 AM | Attr = ]
KB928388.log -> C:\WINDOWS\KB928388.log -> [Ver = | Size = 15654 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
MedCtrOC.log -> C:\WINDOWS\MedCtrOC.log -> [Ver = | Size = 57538 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
ModemLog_Standard Modem over Bluetooth link #4.txt -> C:\WINDOWS\ModemLog_Standard Modem over Bluetooth link #4.txt -> [Ver = | Size = 6114 bytes | Modified Date = 11/27/2006 11:18:26 AM | Attr = ]
MSCompPackV1.log -> C:\WINDOWS\MSCompPackV1.log -> [Ver = | Size = 6605 bytes | Modified Date = 12/3/2006 3:28:42 PM | Attr = ]
msgsocm.log -> C:\WINDOWS\msgsocm.log -> [Ver = | Size = 41836 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
msmqinst.log -> C:\WINDOWS\msmqinst.log -> [Ver = | Size = 262292 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [Ver = | Size = 202 bytes | Modified Date = 12/23/2006 1:54:04 PM | Attr = ]
netfxocm.log -> C:\WINDOWS\netfxocm.log -> [Ver = | Size = 142181 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
ntdtcsetup.log -> C:\WINDOWS\ntdtcsetup.log -> [Ver = | Size = 170363 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
ocgen.log -> C:\WINDOWS\ocgen.log -> [Ver = | Size = 408334 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
ocmsn.log -> C:\WINDOWS\ocmsn.log -> [Ver = | Size = 43988 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
SchedLgU.Txt -> C:\WINDOWS\SchedLgU.Txt -> [Ver = | Size = 32586 bytes | Modified Date = 12/26/2006 3:27:42 PM | Attr = ]
setupapi.log -> C:\WINDOWS\setupapi.log -> [Ver = | Size = 845664 bytes | Modified Date = 12/26/2006 12:30:54 AM | Attr = ]
spupdsvc.log -> C:\WINDOWS\spupdsvc.log -> [Ver = | Size = 77286 bytes | Modified Date = 12/3/2006 3:32:08 PM | Attr = ]
tabletoc.log -> C:\WINDOWS\tabletoc.log -> [Ver = | Size = 40883 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
tsoc.log -> C:\WINDOWS\tsoc.log -> [Ver = | Size = 385114 bytes | Modified Date = 12/16/2006 5:36:16 AM | Attr = ]
updspapi.log -> C:\WINDOWS\updspapi.log -> [Ver = | Size = 71083 bytes | Modified Date = 12/13/2006 3:03:56 AM | Attr = ]
wiadebug.log -> C:\WINDOWS\wiadebug.log -> [Ver = | Size = 159 bytes | Modified Date = 12/26/2006 3:29:44 PM | Attr = ]
wiaservc.log -> C:\WINDOWS\wiaservc.log -> [Ver = | Size = 50 bytes | Modified Date = 12/26/2006 3:29:40 PM | Attr = ]
win.ini -> C:\WINDOWS\win.ini -> [Ver = | Size = 994 bytes | Modified Date = 12/3/2006 3:28:04 PM | Attr = ]
WindowsUpdate.log -> C:\WINDOWS\WindowsUpdate.log -> [Ver = | Size = 1561250 bytes | Modified Date = 12/26/2006 3:27:44 PM | Attr = ]
WMFDist11.log -> C:\WINDOWS\WMFDist11.log -> [Ver = | Size = 30218 bytes | Modified Date = 12/3/2006 3:25:44 PM | Attr = ]
wmp11.log -> C:\WINDOWS\wmp11.log -> [Ver = | Size = 23388 bytes | Modified Date = 12/3/2006 3:28:24 PM | Attr = ]
wmsetup.log -> C:\WINDOWS\wmsetup.log -> [Ver = | Size = 234959 bytes | Modified Date = 12/25/2006 11:40:36 AM | Attr = ]
wmsetup10.log -> C:\WINDOWS\wmsetup10.log -> [Ver = | Size = 4614 bytes | Modified Date = 12/3/2006 3:37:06 PM | Attr = ]
WMSysPr9.prx -> C:\WINDOWS\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 12/3/2006 3:25:28 PM | Attr = ]
Wudf01000Inst.log -> C:\WINDOWS\Wudf01000Inst.log -> [Ver = | Size = 17420 bytes | Modified Date = 12/3/2006 3:23:36 PM | Attr = ]
amcompat.tlb -> C:\WINDOWS\System32\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 12/3/2006 3:28:14 PM | Attr = ]
FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [Ver = | Size = 200936 bytes | Modified Date = 12/26/2006 5:50:42 AM | Attr = ]
nscompat.tlb -> C:\WINDOWS\System32\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 12/3/2006 3:28:14 PM | Attr = ]
nvapps.xml -> C:\WINDOWS\System32\nvapps.xml -> [Ver = | Size = 87591 bytes | Modified Date = 12/26/2006 3:29:30 PM | Attr = ]
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [Ver = | Size = 51260 bytes | Modified Date = 12/26/2006 3:33:44 PM | Attr = ]
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [Ver = | Size = 336916 bytes | Modified Date = 12/26/2006 3:33:44 PM | Attr = ]
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [Ver = | Size = 394058 bytes | Modified Date = 12/26/2006 3:33:44 PM | Attr = ]
TZLog.log -> C:\WINDOWS\System32\TZLog.log -> [Ver = | Size = 106188 bytes | Modified Date = 12/16/2006 5:36:12 AM | Attr = ]
vsconfig.xml -> C:\WINDOWS\System32\vsconfig.xml -> [Ver = | Size = 48877 bytes | Modified Date = 12/26/2006 3:30:22 PM | Attr = H ]
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [Ver = | Size = 13646 bytes | Modified Date = 12/26/2006 3:30:34 PM | Attr = ]

Final Part 7:

[File String Scan - Non-Microsoft Only]
Thawte Consulting , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip -> [Ver = | Size = 3290841 bytes | Modified Date = 3/4/2005 3:09:40 AM | Attr = ]
USERTRUST , -> C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 10/12/2006 3:41:58 AM | Attr = ]
SAHAgent , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
FSG! , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN8.DAT -> [Ver = | Size = 1652449 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
FSG! , WSUD , UPX0 , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061224.008\VIRSCAN9.DAT -> [Ver = | Size = 3953138 bytes | Modified Date = 12/24/2006 4:00:00 AM | Attr = ]
SAHAgent , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\TCDEFS.DAT -> [Ver = | Size = 187573 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
FSG! , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN8.DAT -> [Ver = | Size = 1652668 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
FSG! , WSUD , UPX0 , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\20061225.006\VIRSCAN9.DAT -> [Ver = | Size = 3955328 bytes | Modified Date = 12/25/2006 4:00:00 AM | Attr = ]
SAHAgent , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\BinHub\tcdefs.dat -> [Ver = | Size = 45951 bytes | Modified Date = 4/12/2006 3:00:00 AM | Attr = ]
FSG! , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\BinHub\virscan8.dat -> [Ver = | Size = 1521120 bytes | Modified Date = 4/12/2006 3:00:00 AM | Attr = ]
FSG! , WSUD , UPX0 , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\BinHub\virscan9.dat -> [Ver = | Size = 3162186 bytes | Modified Date = 4/12/2006 3:00:00 AM | Attr = ]
SAHAgent , -> C:\Program Files\Common Files\Symantec Shared\VirusDefs\BinHub\whatsnew.txt -> [Ver = | Size = 28435 bytes | Modified Date = 4/12/2006 3:00:00 AM | Attr = ]
PECompact2 , qoologic , SAHAgent , -> C:\WINDOWS\lpt$vpn.741 -> [Ver = | Size = 15400675 bytes | Modified Date = 7/21/2005 9:16:24 AM | Attr = ]
UPX! , UPX0 , -> C:\WINDOWS\tsc.exe -> Trend Micro Inc. [Ver = 3.9.0.1020 | Size = 170053 bytes | Modified Date = 1/10/2005 3:17:24 PM | Attr = ]
PECompact2 , qoologic , SAHAgent , -> C:\WINDOWS\VPTNFILE.741 -> [Ver = | Size = 15400675 bytes | Modified Date = 7/21/2005 9:16:24 AM | Attr = ]
UPX! , aspack , -> C:\WINDOWS\vsapi32.dll -> Trend Micro Inc. [Ver = 7.510-1002 | Size = 1044560 bytes | Modified Date = 2/18/2005 5:40:14 PM | Attr = ]
WSUD , -> C:\WINDOWS\System32\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.22 | Size = 14250496 bytes | Modified Date = 3/18/2004 9:44:32 PM | Attr = ]
PEC2 , -> C:\WINDOWS\System32\CO2C40EN.DLL -> [Ver = 4.6.1.106 | Size = 748160 bytes | Modified Date = 5/31/1998 | Attr = ]
PEC2 , -> C:\WINDOWS\System32\dfrg.msc -> [Ver = | Size = 41397 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
UPX! , UPX0 , -> C:\WINDOWS\System32\fmod.dll -> Firelight Firelight Technologies Pty, Ltd [Ver = 3.61 | Size = 128000 bytes | Modified Date = 10/30/2002 10:02:36 AM | Attr = ]
Thawte Consulting , -> C:\WINDOWS\System32\idmmbc.dll -> Tonec Inc. [Ver = 4, 0, 0, 1 | Size = 202424 bytes | Modified Date = 10/23/2006 9:51:46 AM | Attr = ]
winsync , -> C:\WINDOWS\System32\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
WSUD , UPX0 , -> C:\WINDOWS\System32\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 8/23/2001 12:00:00 PM | Attr = ]
PTech , -> C:\WINDOWS\System32\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 8/4/2004 12:41:38 AM | Attr = ]

< End of report >

#8 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:43 PM

Posted 26 December 2006 - 09:33 PM

Hi tystik. That log is clean. I do not see the rogue svchost in the running processes or anything that would be starting it up.

Is it still happening or has the problem resolved itself?

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#9 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 26 December 2006 - 10:39 PM

the program is still on my desktop where i moved if from my startup folder. i havent tried to reinstall limewire yet. my nortons did delete the w32.spybot.worm several times today...what do i do with this extra svchost.exe i have.. i have four instances that i found doing a search but they match four instances my wifes laptop has plus i have the one i moved from my startup. i do appreciate the assistance in this matter even tho nothing obvious was found.. thanks tystik

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:43 PM

Posted 26 December 2006 - 10:54 PM

Hi tystik. You should be able to simply delete the svchost.exe that is on the desktop. It is a rogue copy. There is only 1 legitimate copy and that should be in the system32 folder. There could also be other copies in the various KB folders which are part of an MS update. There should also be a backup in the system32\drivers folder. Other than that, any copies running from any other folders are non-legitimate.

If you cannot delete the svchost.exe from the desktop, boot to Safe Mode and delete it from there. If that doesn't work we have some other programs that will remove it.

If you reinstall LimeWire, this situation will come right back. LimeWire packs adware with it and this is a part of that package. I do not recommend using any P2P program, and LimeWire is right up there toward the top of the list. The choice is yours.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#11 tystik

tystik
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:43 PM

Posted 27 December 2006 - 03:10 AM

Old timer... i was able to delete it finally and my task manager works now. thanks again for the assistance hope your holidays are good... ty

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:04:43 PM

Posted 27 December 2006 - 08:41 AM

You are welcome tystik. I am glad that we could help.

I will now close this topic. If you have any malware related questions of concerns in the future please start a new topic.

Cheers and Happy Computing.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users